trailwalker.oxfam.org.au Open in urlscan Pro
213.188.193.176 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://trailwalker.oxfam.org.au/tim-jeffries
Submission: On March 29 via api (March 29th 2023, 9:39:15 pm UTC) from FI — Scanned from AU

Summary HTTP 199 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 42 IPs in 4 countries across 31 domains to perform 199 HTTP transactions. The main IP is 213.188.193.176, located in United States and belongs to FLY, US. The main domain is trailwalker.oxfam.org.au.
TLS certificate: Issued by R3 on February 22nd 2023. Valid for: 3 months.

This is the only time trailwalker.oxfam.org.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	213.188.193.176 213.188.193.176	40509 (FLY) (FLY)
26	104.22.70.98 104.22.70.98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	74.125.130.97 74.125.130.97	15169 (GOOGLE) (GOOGLE)
2	104.17.186.73 104.17.186.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.155.70.188 18.155.70.188	16509 (AMAZON-02) (AMAZON-02)
10	104.22.71.98 104.22.71.98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.194.113 172.217.194.113	15169 (GOOGLE) (GOOGLE)
1	142.250.4.95 142.250.4.95	15169 (GOOGLE) (GOOGLE)
1	74.125.200.155 74.125.200.155	15169 (GOOGLE) (GOOGLE)
13	13.33.33.71 13.33.33.71	16509 (AMAZON-02) (AMAZON-02)
25	199.232.46.208 199.232.46.208	54113 (FASTLY) (FASTLY)
1	74.125.24.94 74.125.24.94	15169 (GOOGLE) (GOOGLE)
1	18.155.68.31 18.155.68.31	16509 (AMAZON-02) (AMAZON-02)
4	157.240.235.1 157.240.235.1	32934 (FACEBOOK) (FACEBOOK)
1	199.232.44.157 199.232.44.157	54113 (FASTLY) (FASTLY)
1	42.99.140.192 42.99.140.192	4637 (ASN-TELST...) (ASN-TELSTRA-GLOBAL Telstra Global)
2	103.229.10.211 103.229.10.211	16509 (AMAZON-02) (AMAZON-02)
2	104.69.162.116 104.69.162.116	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.65.131 151.101.65.131	54113 (FASTLY) (FASTLY)
2	142.250.4.105 142.250.4.105	15169 (GOOGLE) (GOOGLE)
2	74.125.130.94 74.125.130.94	15169 (GOOGLE) (GOOGLE)
1	13.33.33.10 13.33.33.10	16509 (AMAZON-02) (AMAZON-02)
3	216.239.34.21 216.239.34.21	15169 (GOOGLE) (GOOGLE)
1	13.33.33.118 13.33.33.118	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
8	74.125.24.100 74.125.24.100	15169 (GOOGLE) (GOOGLE)
1	13.33.88.24 13.33.88.24	16509 (AMAZON-02) (AMAZON-02)
3 4	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	103.237.104.82 103.237.104.82	53580 (MARKETO) (MARKETO)
1	172.217.194.156 172.217.194.156	15169 (GOOGLE) (GOOGLE)
6	157.240.235.35 157.240.235.35	32934 (FACEBOOK) (FACEBOOK)
37	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
4	142.250.4.92 142.250.4.92	15169 (GOOGLE) (GOOGLE)
1	3.1.98.10 3.1.98.10	16509 (AMAZON-02) (AMAZON-02)
4	142.251.12.94 142.251.12.94	15169 (GOOGLE) (GOOGLE)
2	162.242.174.138 162.242.174.138	19994 (RACKSPACE) (RACKSPACE)
13	74.125.24.113 74.125.24.113	15169 (GOOGLE) (GOOGLE)
2	18.155.68.52 18.155.68.52	16509 (AMAZON-02) (AMAZON-02)
1	35.167.72.35 35.167.72.35	() ()
199	42

2 213.188.193.176 (United States)

ASN40509 (FLY, US)

trailwalker.oxfam.org.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 104.22.70.98 (None, )

ASN13335 (CLOUDFLARENET, US)

api.raisely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 74.125.130.97 (Nashville, United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.186.73 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.70.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-70-188.sin52.r.cloudfront.net

dyv6f9ner1ir9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.22.71.98 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.raisely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.194.113 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f113.1e100.net

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.4.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.200.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 13.33.33.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-71.sin2.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 199.232.46.208 (Singapore)

ASN54113 (FASTLY, US)

raisely-images.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.68.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-31.sin52.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.235.1 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.44.157 (Singapore)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 42.99.140.192 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-192.pacnet.net

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.229.10.211 (Singapore)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.69.162.116 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-162-116.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.131 (United States)

ASN54113 (FASTLY, US)

3b689cd09dbe4d44b19f441588a7d212.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.4.105 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f105.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.130.94 (Nashville, United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f94.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.33.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-10.sin2.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.34.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2215.1e100.net

a.oxfam.org.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.33.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-118.sin2.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 74.125.24.100 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f100.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.88.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-24.sin2.r.cloudfront.net

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.107.42.14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.237.104.82 (United States)

ASN53580 (MARKETO, US)

633-zwh-272.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 157.240.235.35 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.4.92 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f92.1e100.net

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.1.98.10 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-98-10.ap-southeast-1.compute.amazonaws.com

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.242.174.138 (United States)

ASN19994 (RACKSPACE, US)

rapidpanda.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 74.125.24.113 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f113.1e100.net

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.155.68.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-52.sin52.r.cloudfront.net

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.167.72.35 (None, )

ASN- ()

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	stripe.com js.stripe.com — Cisco Umbrella Rank: 1244 q.stripe.com — Cisco Umbrella Rank: 7928 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 7063 r.stripe.com — Cisco Umbrella Rank: 4840 m.stripe.com	504 KB
36	raisely.com api.raisely.com cdn.raisely.com	830 KB
25	imgix.net raisely-images.imgix.net	1 MB
19	google.com www.google.com — Cisco Umbrella Rank: 2 pay.google.com — Cisco Umbrella Rank: 3232 play.google.com — Cisco Umbrella Rank: 31	433 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	21 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	327 B
5	gstatic.com fonts.gstatic.com www.gstatic.com	230 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	341 KB
5	oxfam.org.au trailwalker.oxfam.org.au a.oxfam.org.au	186 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 400 www.linkedin.com — Cisco Umbrella Rank: 579	3 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	265 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1316	18 KB
2	rapidpanda.io rapidpanda.io — Cisco Umbrella Rank: 105367	13 KB
2	google.com.au www.google.com.au — Cisco Umbrella Rank: 22017	562 B
2	ubembed.com 3b689cd09dbe4d44b19f441588a7d212.js.ubembed.com assets.ubembed.com — Cisco Umbrella Rank: 11730	49 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3441	7 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1131 pixel.quantserve.com — Cisco Umbrella Rank: 919	9 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 100	2 KB
2	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 6779	325 KB
1	mktoresp.com 633-zwh-272.mktoresp.com	487 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1000	374 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 687	393 B
1	t.co t.co — Cisco Umbrella Rank: 525	377 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1047	700 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 853	5 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 701	15 KB
1	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 677	433 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1071	44 KB
1	cloudfront.net dyv6f9ner1ir9.cloudfront.net	8 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	29 KB
199	31

	Domain	Requested by
29	r.stripe.com	js.stripe.com
26	api.raisely.com	trailwalker.oxfam.org.au cdn.raisely.com
25	raisely-images.imgix.net	trailwalker.oxfam.org.au api.raisely.com cdn.raisely.com
13	play.google.com	www.gstatic.com
13	js.stripe.com	cdn.raisely.com js.stripe.com
10	cdn.raisely.com	trailwalker.oxfam.org.au cdn.raisely.com
8	q.stripe.com	trailwalker.oxfam.org.au
8	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com trailwalker.oxfam.org.au
6	www.facebook.com	trailwalker.oxfam.org.au
5	www.googletagmanager.com	trailwalker.oxfam.org.au www.googletagmanager.com
4	www.gstatic.com	pay.google.com www.gstatic.com
4	pay.google.com	js.stripe.com pay.google.com trailwalker.oxfam.org.au www.gstatic.com
4	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	px.ads.linkedin.com	2 redirects trailwalker.oxfam.org.au
3	a.oxfam.org.au	www.googletagmanager.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	rapidpanda.io	trailwalker.oxfam.org.au rapidpanda.io
2	www.google.com.au	trailwalker.oxfam.org.au
2	www.google.com	trailwalker.oxfam.org.au
2	munchkin.marketo.net	trailwalker.oxfam.org.au munchkin.marketo.net
2	js.hsforms.net	trailwalker.oxfam.org.au
2	trailwalker.oxfam.org.au	trailwalker.oxfam.org.au
1	m.stripe.com	m.stripe.network
1	merchant-ui-api.stripe.com	js.stripe.com
1	pixel.quantserve.com	trailwalker.oxfam.org.au
1	stats.g.doubleclick.net	www.google-analytics.com
1	633-zwh-272.mktoresp.com	munchkin.marketo.net
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	analytics.twitter.com	trailwalker.oxfam.org.au
1	t.co	trailwalker.oxfam.org.au
1	rules.quantcount.com	secure.quantserve.com
1	assets.ubembed.com	3b689cd09dbe4d44b19f441588a7d212.js.ubembed.com
1	3b689cd09dbe4d44b19f441588a7d212.js.ubembed.com	www.googletagmanager.com
1	secure.quantserve.com	trailwalker.oxfam.org.au
1	snap.licdn.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	fonts.googleapis.com	api.raisely.com
1	www.googleoptimize.com	trailwalker.oxfam.org.au
1	dyv6f9ner1ir9.cloudfront.net	trailwalker.oxfam.org.au
1	cdnjs.cloudflare.com	trailwalker.oxfam.org.au
199	44

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
www2.deloitte.com
www.paddypallin.com.au
www.oxfam.org.au
www.facebook.com
www.instagram.com
www.youtube.com
raisely.com

Subject Issuer	Validity	Valid
trailwalker.oxfam.org.au R3	`2023-02-22` - `2023-05-23`	3 months	crt.sh
raisely.com Cloudflare Inc ECC CA-3	`2022-05-06` - `2023-05-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-02-06` - `2023-05-13`	3 months	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-03-05` - `2024-04-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-06` - `2023-04-06`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-05`	a year	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-10-09` - `2023-11-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
assets.ubembed.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-03`	a year	crt.sh
a.oxfam.org.au GTS CA 1D4	`2023-03-25` - `2023-06-23`	3 months	crt.sh
quantserve.com R3	`2023-02-13` - `2023-05-14`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-12-11` - `2023-12-11`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-10` - `2023-12-10`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-05` - `2023-11-05`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
rapidpanda.io R3	`2023-03-21` - `2023-06-19`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-07-26`	4 months	crt.sh

This page contains 7 frames:

Primary Page: https://trailwalker.oxfam.org.au/tim-jeffries
Frame ID: 8B95740F3C8A29F3F1B91EE357E634EF
Requests: 113 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-8a2892163a70784f66f7f056772510ab.html
Frame ID: FDE887D1FB4E847B2B30BFFEFDE6B268
Requests: 35 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-9a2336ac1ba18961aa352bfc9a660212.html
Frame ID: E1A7D608C0493C7335F7E1C7AA532DDC
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-0fa8d53058b91eb665fa0fbe2c2983a1.html
Frame ID: 680F8375F09758D2A315863FFCEAC082
Requests: 5 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: B927D82DF337538515B5A130EF6D8C7A
Requests: 14 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: A681082BD13FD23F64E82EE085818E9C
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 556BF904D7BF55372D66A1C0CEFF6440
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tim Jeffries • Oxfam Trailwalker 2023Raisely

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

199
Requests

97 %
HTTPS

0 %
IPv6

31
Domains

44
Subdomains

42
IPs

4
Countries

4411 kB
Transfer

14300 kB
Size

25
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://facebook.com/sharer/sharer.php?u=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?url=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries&text=Oxfam%20Trailwalker%3A%20Make%20a%20donation%20today%20to%20support%20Oxfam%20Trailwalker&hashtags=oxfamtrailwalker&via=raisely

Search URL Search Domain Scan URL

URL: https://www2.deloitte.com/
Title: Deloitte logo

Search URL Search Domain Scan URL

URL: https://www.paddypallin.com.au/
Title: Paddy Pallin logo

Search URL Search Domain Scan URL

URL: https://www.oxfam.org.au/
Title: Logos

Search URL Search Domain Scan URL

URL: https://www.oxfam.org.au/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OxfamTrailwalkerAustralia

Search URL Search Domain Scan URL

URL: https://twitter.com/OAusTrailwalker

Search URL Search Domain Scan URL

URL: https://www.instagram.com/oaustrailwalker/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/OxfamTrailwalkerAust

Search URL Search Domain Scan URL

URL: https://raisely.com/?utm_source=footer&utm_medium=organic&utm_campaign=sign_up&utm_content=oxfam-2023
Title: Powered byRaisely

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4506649&time=1680125947710&url=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4506649&time=1680125947710&url=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4506649%26time%3D1680125947710%26url%3Dhttps%253A%252F%252Ftrailwalker.oxfam.org.au%252Ftim-jeffries%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4506649&time=1680125947710&url=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries&cookiesTest=true&liSync=true

199 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request tim-jeffries Show response
trailwalker.oxfam.org.au/ 569 KB
122 KB 398ms
174ms Document
text/html 213.188.193.176
FLY

General

Check archive.org

Show headers Download Go to

Full URL

https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

213.188.193.176 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/620fe63b (2023-03-17) /

Resource Hash

428e9b66ee3e2025d2350751a1ab8923feb686ffc6085ad3b273fba0d5e7476d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: public, max-age=30, s-maxage=60
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 29 Mar 2023 21:39:05 GMT
fly-request-id: 01GWQMYS4MFK2FDRVN3QAQGYXZ-syd
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
request-id: 1b01c6a9-bac4-4a5e-bbac-5e489b5faf2c
server: Fly/620fe63b (2023-03-17)
strict-transport-security: max-age=86400;
via: 2 fly.io
x-connection-region: syd
x-raisely-cache-status: MISS
x-server-region: syd

GET
H2 200 styles.css
api.raisely.com/v3/campaigns/35222e90-4074-11ed-832a-2766f3de7b47/ 242 KB
28 KB 550ms
225ms Stylesheet
text/css 104.22.70.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/campaigns/35222e90-4074-11ed-832a-2766f3de7b47/styles.css

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.70.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fb7c6e754c595684e4d5ed9eb9b07dfe0388468655e928bf85d0a6402cd326b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:05 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 1266300
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
request-id: 5c43b2e8-c355-446d-97e8-af1bb9fd2911
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 15 Mar 2023 05:54:05 GMT
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: undefined
x-cloud-trace-context: f6a45b12835cd639a09ddb353665476b
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 7afb4378d926aac4-SYD
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 182 KB
66 KB 586ms
199ms Script
application/javascript 74.125.130.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-591945272

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.97 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

9340d87c34242fcdb94e64065889ff79defb926822e590595f52cc267d901af7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67655
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 21:14:52 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Mar 2023 21:39:05 GMT

GET
H2 200 shell.js Show response
js.hsforms.net/forms/ 519 KB
162 KB 442ms
126ms Script
application/javascript 104.17.186.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/shell.js

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.186.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de23bd96bc43612257043619423fbd28e4a5cf0338c9d9c1fa539b6203f80194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:05 GMT
x-amz-version-id: zewPG90uEnn6fOdllfKjDUoe13XjTKvA
via: 1.1 fb1dc2e3bf4105b403e3bfa3a5067970.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
age: 167
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-embed/static-1.2933/bundles/project-v2.js&cfRay=7afb3f640cc7a898-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 28 Mar 2023 10:46:48 UTC
server: cloudflare
etag: W/"ce2a890146bd2b65fe63d9c334e182ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=50q8Gr%2B7DIOy98yKuyLp7QaU%2BkxM5vZ%2BV03gTuRgu8dWkxqo5JYZu5uwZdUmECXSpvmavjWd06dLF6IAelBW4pwbJpPXrBV94CwytdTUYRwUrVu5lq4Lw0LacNGV1syX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 7afb4378ce26a8b2-SYD
x-amz-cf-id: zoTQDfRDHgl6lbwN1VFu4UBeMGtJa6Ldzhn-q4Pz5-AGMz1Re33uig==
x-hs-target-asset: forms-embed/static-1.2933/bundles/project-v2.js

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-compat/3.0.0-alpha1/ 91 KB
29 KB 430ms
109ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-compat/3.0.0-alpha1/jquery.min.js

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d282fc0191c985fd3c0ae278d72b04af3207db65d6f4c29456f66208547146a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4655520
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29112
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-16aa8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7kzgEGDsppBsOmy8m4Cn%2BLEn3%2BisDaudV7dSvPlhASal7VlRXsNPP0C%2FL8Ez2euIJrUK2HI8x%2FVJ1RExMM82vtdppd0MqCax6pQjy8JW15NWsXh8B0DUY6DIYsdO3kofvc029T7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7afb4378dbc5aadb-SYD
expires: Mon, 18 Mar 2024 21:39:05 GMT

GET
H2 200 nloader.js Show response
dyv6f9ner1ir9.cloudfront.net/assets/js/ 27 KB
8 KB 632ms
223ms Script
application/javascript 18.155.70.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dyv6f9ner1ir9.cloudfront.net/assets/js/nloader.js

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.155.70.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-155-70-188.sin52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8ce6d3f9e87589515936a198c83603b34c0a8310591072dfc1eae5dbb6f5b854

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; base-uri 'none'; form-action 'self'; block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 06:31:16 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'; base-uri 'none'; form-action 'self'; block-all-mixed-content
content-encoding: gzip
via: 1.1 bbdc70020916d3473e0338359d834350.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-P1
age: 13187270
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 28 Oct 2022 06:29:01 GMT
server: AmazonS3
etag: W/"21425a25b4f23d0b6a6682be205fc368"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31622400
permissions-policy: interest-cohort=()
x-amz-cf-id: aC9qHbgN6-spNbD70WKIPmN0c-kV-PrXteiqRNvZRyF0xAWB7Lqqsw==

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 519 KB
163 KB 425ms
109ms Script
application/javascript 104.17.186.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.186.73 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de23bd96bc43612257043619423fbd28e4a5cf0338c9d9c1fa539b6203f80194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:05 GMT
x-amz-version-id: zewPG90uEnn6fOdllfKjDUoe13XjTKvA
via: 1.1 c3d335addde48969fafe25d4064cee80.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
age: 353
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-embed/static-1.2933/bundles/project-v2.js&cfRay=7afb3ad4b8eea870-ATL
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
content-encoding: br
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 28 Mar 2023 10:46:48 UTC
server: cloudflare
etag: W/"ce2a890146bd2b65fe63d9c334e182ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6x4OEbM0sQoP0yJJr2fjhcAFPHv65237DchU%2BW%2BBKP8SVxfoPfcZrAEmTLb%2BQO3%2B424L2vu18Hc8%2B1h3UfhOD5T2ujYHggyEOpWZ6sF9jaUQJ4m%2FvvScqKapKiDt7f7l"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 7afb4378ce27a8b2-SYD
x-amz-cf-id: -OfuEFVObaSU4Kqla9SHiVf3T9f8GPcK3gwMRaC_5wp-SIUyDF4KfA==
x-hs-target-asset: forms-embed/static-1.2933/bundles/project-v2.js

GET
H2 200 vendor.4dd9e.bundle.js Show response
cdn.raisely.com/v3/ 208 KB
65 KB 507ms
222ms Script
text/javascript 104.22.71.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.raisely.com/v3/vendor.4dd9e.bundle.js

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.71.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aae5e4ce9c903b8e8dc3e12a0be2af3956e33890b9590333b8393b66a53b3d67

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1680120937
age: 4922
x-guploader-uploadid: ADPycdtwEmcUOiLQkflVQF5btJ3jWDBmDyuygr3MUAPdD9_qmL9DCm5mheFHoe-NbxlSE3jXPisDE52lX7Cm7LN0-CFlCzhaVS14
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 29 Mar 2023 20:16:17 GMT
server: cloudflare
etag: W/"efcc22aa99ee173a82af67d02421c123"
vary: Accept-Encoding
x-goog-generation: 1680120977865341
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=NvdHLw==, md5=78wiqpnuFzqCr2fQJCHBIw==
access-control-expose-headers: Content-Type, x-session-id
cache-control: max-age=31536000
x-goog-stored-content-length: 212717
cf-ray: 7afb4378da99a8ad-SYD
expires: Thu, 28 Mar 2024 20:17:03 GMT

GET
H2 200 editor.4dd9e.bundle.js Show response
cdn.raisely.com/v3/ 748 KB
206 KB 508ms
222ms Script
text/javascript 104.22.71.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.raisely.com/v3/editor.4dd9e.bundle.js

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.71.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

482e88e20f601fc964d4acbe1d1041edcc1db4cc94721a4826a87b9f25430788

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1680120937
age: 4922
x-guploader-uploadid: ADPycdvfEIrnNQiwJDNCbPYPQPZdWNdDxphJbiWeGV8i3wnnoUtiLcpLwpfqe1kTEVWWAKtKT7EGXccDMrKvbSpIp2OXtnCxWAby
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 29 Mar 2023 20:16:17 GMT
server: cloudflare
etag: W/"5ca04d317e19dec9c21ab66f9c3e444c"
vary: Accept-Encoding
x-goog-generation: 1680120977089345
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=3p883g==, md5=XKBNMX4Z3snCGrZvnD5ETA==
access-control-expose-headers: Content-Type, x-session-id
cache-control: max-age=31536000
x-goog-stored-content-length: 765680
cf-ray: 7afb4378da9ba8ad-SYD
expires: Thu, 28 Mar 2024 20:17:03 GMT

GET
H2 200 polyfill.4dd9e.bundle.js Show response
cdn.raisely.com/v3/ 55 KB
21 KB 507ms
222ms Script
text/javascript 104.22.71.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.raisely.com/v3/polyfill.4dd9e.bundle.js

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.71.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2997dfdabcc257c5a185f2e594e8d1297266d2fbd8172ff5d6e443b1d7ea0871

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1680120937
age: 4922
x-guploader-uploadid: ADPycdsRqHqtC23Yx1_ssv35F1-0MQOBQshmdquRvGmD8qmglb-P0CCYn3pDT5MDTFXWgG3ojBPe1GwdpXLjHsIqFohX7J9DFvad
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 29 Mar 2023 20:16:17 GMT
server: cloudflare
etag: W/"d9b1e25cc565cc644e7ac4c1322b6662"
vary: Accept-Encoding
x-goog-generation: 1680120977195441
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=PAe3/w==, md5=2bHiXMVlzGROesTBMitmYg==
access-control-expose-headers: Content-Type, x-session-id
cache-control: max-age=31536000
x-goog-stored-content-length: 56629
cf-ray: 7afb4378da9ca8ad-SYD
expires: Thu, 28 Mar 2024 20:17:03 GMT

GET
H2 200 common+api.4dd9e.bundle.js Show response
cdn.raisely.com/v3/ 134 KB
36 KB 416ms
131ms Script
text/javascript 104.22.71.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.raisely.com/v3/common+api.4dd9e.bundle.js

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.71.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f5172b3f47d676e8313b3f64379f8e10b9e862564f25c28fe3da1137947ac22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1680120937
age: 4922
x-guploader-uploadid: ADPycdtb1BNPyWtK8SFGg3-OOGGGWMIpr5CBMvmT5mAhYMXdiK3ySfXwB54UgOPQCyhcnBTpkffAuQaYJbZhvG4_xDdeY6c3oTJb
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 29 Mar 2023 20:16:17 GMT
server: cloudflare
etag: W/"21adaee6f8aedc70db3b7a17fb30de57"
vary: Accept-Encoding
x-goog-generation: 1680120976956113
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=33c4gg==, md5=Ia2u5viu3HDbO3oX+zDeVw==
access-control-expose-headers: Content-Type, x-session-id
cache-control: max-age=31536000
x-goog-stored-content-length: 137174
cf-ray: 7afb4378da9da8ad-SYD
expires: Thu, 28 Mar 2024 20:17:03 GMT

GET
H2 200 inputs.4dd9e.bundle.js Show response
cdn.raisely.com/v3/ 44 KB
11 KB 403ms
118ms Script
text/javascript 104.22.71.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.raisely.com/v3/inputs.4dd9e.bundle.js

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.71.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd5191390b2b19481841cba2e1f3ae7043f36fe806c50073d41c736b0df4cc3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1680120937
age: 4922
x-guploader-uploadid: ADPycdvP1y3NTWX2e7QwM8bvMqrCrNuTd1ZObH6q96LA2rJ00-4ktSBTusqGvQnekhsqltMg8WiFtObzhpC9YYyCnsO2zbLvW01v
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 29 Mar 2023 20:16:17 GMT
server: cloudflare
etag: W/"1de7dee77215e8031f1cea184a5847cb"
vary: Accept-Encoding
x-goog-generation: 1680120977077976
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=Xo4Ruw==, md5=Hefe53IV6AMfHOoYSlhHyw==
access-control-expose-headers: Content-Type, x-session-id
cache-control: max-age=31536000
x-goog-stored-content-length: 45112
cf-ray: 7afb4378da9ea8ad-SYD
expires: Thu, 28 Mar 2024 20:17:03 GMT

GET
H2 200 core-styles.4dd9e.bundle.js Show response
cdn.raisely.com/v3/ 186 B
767 B 400ms
115ms Script
text/javascript 104.22.71.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.raisely.com/v3/core-styles.4dd9e.bundle.js

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.71.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70f1d8ca07f7f597a983bd06efe6d5c38e9a7646b954de344191884f7b267829

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1680120937
age: 4922
x-guploader-uploadid: ADPycds4wOFp_YAPPprLHFPZENXVA041zJedMVYSnIevsxgYGIZcTC1im5qI8lEu_gAOEkx2RTXGPyAYCBcQzsaIGZJYSWBrDZN3
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 29 Mar 2023 20:16:17 GMT
server: cloudflare
etag: W/"c68052102118224c93aa683289dbf86e"
vary: Accept-Encoding
x-goog-generation: 1680120977014021
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=fKV3yg==, md5=xoBSECEYIkyTqmgyidv4bg==
access-control-expose-headers: Content-Type, x-session-id
cache-control: max-age=31536000
x-goog-stored-content-length: 186
cf-ray: 7afb4378da9fa8ad-SYD
expires: Thu, 28 Mar 2024 20:17:03 GMT

GET
H2 200 sentry.4dd9e.bundle.js Show response
cdn.raisely.com/v3/ 11 KB
4 KB 411ms
126ms Script
text/javascript 104.22.71.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.raisely.com/v3/sentry.4dd9e.bundle.js

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.71.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5b0d6894243af050eabab64d8cfc2fbaa316131a735bd8c76b90b431b8bbd3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1680120937
age: 4922
x-guploader-uploadid: ADPycdvckrdWf3Psulf2CTOwNDuDEHnTN80ddRhik7zD2vdlTMEDqHAr_y_6QR1JjNk_v_6oxUkX6Puvxw64GDKal2KFNX_m15WF
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 29 Mar 2023 20:16:17 GMT
server: cloudflare
etag: W/"fb9a2f144ba055d0d817693f115f164d"
vary: Accept-Encoding
x-goog-generation: 1680120977851592
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=zLKCbA==, md5=+5ovFEugVdDYF2k/EV8WTQ==
access-control-expose-headers: Content-Type, x-session-id
cache-control: max-age=31536000
x-goog-stored-content-length: 10957
cf-ray: 7afb4378daa1a8ad-SYD
expires: Thu, 28 Mar 2024 20:17:03 GMT

GET
H2 200 app.4dd9e.bundle.js Show response
cdn.raisely.com/v3/ 884 KB
225 KB 507ms
223ms Script
text/javascript 104.22.71.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.raisely.com/v3/app.4dd9e.bundle.js

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.71.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7eae4cd08288124d7e9e2a2ce477b449f52794b9dbc56af513d3360bf3134a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1680120937
age: 4922
x-guploader-uploadid: ADPycdvZwtOEDl28ZMKmlNceUL1h1j8HyD7VQJeINssVGOsgtef5J39jY3sz29gO9B3tAKiIDRx5lcf3Zr4Ev_lQqqSvHFXy4sYC
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 29 Mar 2023 20:16:17 GMT
server: cloudflare
etag: W/"ca54b5ae58edecf877c6ab201ee08fcf"
vary: Accept-Encoding
x-goog-generation: 1680120977029023
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=dFdCjg==, md5=ylS1rljt7Ph3xqsgHuCPzw==
access-control-expose-headers: Content-Type, x-session-id
cache-control: max-age=31536000
x-goog-stored-content-length: 905425
cf-ray: 7afb4378daa0a8ad-SYD
expires: Thu, 28 Mar 2024 20:17:03 GMT

GET
H2 200 components.js Show response
api.raisely.com/v3/campaigns/35222e90-4074-11ed-832a-2766f3de7b47/ 499 KB
59 KB 403ms
118ms Script
application/javascript 104.22.70.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/campaigns/35222e90-4074-11ed-832a-2766f3de7b47/components.js

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.70.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

192f7128d8917c1ff3c8c501265524515233dd92d5fbc7921424aa955acf1beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:05 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 564100
cf-polished: origSize=579585
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
request-id: 81b4478e-40e4-46f5-b634-8556cc6581f2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 23 Mar 2023 08:57:25 GMT
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: undefined
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 7afb4378d927aac4-SYD
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 113 KB
44 KB 582ms
193ms Script
application/javascript 172.217.194.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-KBGGRB6

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f113.1e100.net

Software

Google Tag Manager /

Resource Hash

d678c186288e906d476a4b855582c1e0a79a94d87ba3442f226eb9e1549f4244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45041
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Mar 2023 21:39:06 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 583ms
196ms Stylesheet
text/css 142.250.4.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Material%20Icons|Open+Sans:400,700,400i,700i,regular,regulari,regular,regulari

Requested by

Host: api.raisely.com
URL: https://api.raisely.com/v3/campaigns/35222e90-4074-11ed-832a-2766f3de7b47/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f95.1e100.net

Software

ESF /

Resource Hash

146cea910a38f64f657b458204a00fca52635267c8cdb87581660db381c80e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://api.raisely.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 29 Mar 2023 21:39:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 21:39:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Mar 2023 21:39:06 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/591945272/ 2 KB
2 KB 590ms
199ms Script
text/javascript 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/591945272/?random=1680125946540&cv=11&fst=1680125946540&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries&hn=www.googleadservices.com&frm=0&tiba=Layout&auid=1278882339.1680125947&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-591945272

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f155.1e100.net

Software

cafe /

Resource Hash

e9bba1c92311dd2082d6c197bbbd767e49638355aa52b32cd0ae1bffb2250899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 21:39:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1202
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 242 KB
83 KB 204ms
203ms Script
application/javascript 74.125.130.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KBDCHN

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.97 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

ac4deb2af55b485e28e0f505602acc8a023a9d63b59f1411e53c2766726691bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84789
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 21:14:52 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Mar 2023 21:39:06 GMT

OPTIONS
H3 200 matched_donation_configs
api.raisely.com/v3/ Frame 0
0 432ms
319ms Preflight
text/plain 104.22.70.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/matched_donation_configs?campaign=35222e90-4074-11ed-832a-2766f3de7b47&order=asc&sort=startAt

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.70.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://trailwalker.oxfam.org.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://trailwalker.oxfam.org.au
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7afb4380892c55ab-SYD
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 29 Mar 2023 21:39:07 GMT
request-id: efa34037-1b41-4bf1-bf2c-9f6de511dc34
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 google
x-cloud-trace-context: 405843eba4467c80bb48427f188a5751
x-content-type-options: nosniff

OPTIONS
H3 200 donations
api.raisely.com/v3/ Frame 0
0 430ms
318ms Preflight
text/plain 104.22.70.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/donations?campaign=35222e90-4074-11ed-832a-2766f3de7b47&displayTotalGT=0&excludeMatched=true&limit=1&offset=0&order=desc&sort=campaignDisplayTotal&subtree=0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.70.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://trailwalker.oxfam.org.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://trailwalker.oxfam.org.au
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7afb4380892d55ab-SYD
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 29 Mar 2023 21:39:07 GMT
request-id: 217018a4-748c-4706-b4a8-982e84a14dbd
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 google
x-cloud-trace-context: 06ddaec606a71d97210438faff750766
x-content-type-options: nosniff

OPTIONS
H3 200 tim-jeffries
api.raisely.com/v3/profiles/ Frame 0
0 397ms
319ms Preflight
text/plain 104.22.70.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/profiles/tim-jeffries?campaign=35222e90-4074-11ed-832a-2766f3de7b47&rank=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.70.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://trailwalker.oxfam.org.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://trailwalker.oxfam.org.au
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7afb4380892e55ab-SYD
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 29 Mar 2023 21:39:07 GMT
request-id: 21f63271-9199-48ca-a1b9-052ebbcb5f6a
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 google
x-cloud-trace-context: 6cf2a9a910f925991a7e04bce36c6ea2
x-content-type-options: nosniff

OPTIONS
H3 200 select
api.raisely.com/v3/campaigns/35222e90-4074-11ed-832a-2766f3de7b47/providers/ Frame 0
0 354ms
317ms Preflight
text/plain 104.22.70.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/campaigns/35222e90-4074-11ed-832a-2766f3de7b47/providers/select?campaign=35222e90-4074-11ed-832a-2766f3de7b47

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.70.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://trailwalker.oxfam.org.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://trailwalker.oxfam.org.au
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7afb4380892f55ab-SYD
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 29 Mar 2023 21:39:07 GMT
request-id: ba39efcd-062c-45b1-bac1-1b78d723df8f
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 google
x-cloud-trace-context: 727340511e34f8a16abf7f34cd8aa522
x-content-type-options: nosniff

GET
H2 200 / Show response
js.stripe.com/v3/ 452 KB
109 KB 663ms
244ms Script
text/javascript 13.33.33.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/common+api.4dd9e.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-71.sin2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

7ee87d6ef1d82f56f9ee5a6662fd62278ced0a6891aa8261c7dcdf7cc3d7a021

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 29 Mar 2023 21:38:16 GMT
via: 1.1 242a08df1383db0d18e5cf8b76b259ce.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 52
x-cache: Hit from cloudfront
last-modified: Wed, 29 Mar 2023 17:34:45 GMT
server: Cloudfront
etag: W/"c6e35380169a052ebfa17e223c935144"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: 6MlVY8dJO4LZ7vvS9KyorsIj7KRtz8g-OFksa1Xnoq3z-r5eQnThpA==

GET
H2 200 10.4dd9e.bundle.js Show response
cdn.raisely.com/v3/ 67 KB
19 KB 119ms
118ms Script
text/javascript 104.22.71.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.raisely.com/v3/10.4dd9e.bundle.js

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/app.4dd9e.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.71.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f703de820b317cb15132c6e51533b9ee1d60d2960657544366e4a7c433e1c391

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1680120937
age: 4923
x-guploader-uploadid: ADPycdvngYi5ro2QgNaEHT280maqcGM2MCbvhp2VtBJLu83x-alu4FvJxsakH6c2MG0cl87CAY06PiWuvgiypuN-c1xnUfMBEYQ3
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 29 Mar 2023 20:16:14 GMT
server: cloudflare
etag: W/"f8b5fa7be4c32670b9882dd7aaeb1300"
vary: Accept-Encoding
x-goog-generation: 1680120974206673
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=KcyPgw==, md5=+LX6e+TDJnC5iC3XqusTAA==
access-control-expose-headers: Content-Type, x-session-id
cache-control: max-age=31536000
x-goog-stored-content-length: 68894
cf-ray: 7afb437f1e62a8ad-SYD
expires: Thu, 28 Mar 2024 20:17:03 GMT

GET
H2 200 13.4dd9e.bundle.js Show response
cdn.raisely.com/v3/ 6 KB
2 KB 117ms
116ms Script
text/javascript 104.22.71.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.raisely.com/v3/13.4dd9e.bundle.js

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/app.4dd9e.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.71.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43ed973f326015673193bd0fb56a348506dfeb1cecf87fd330a946ae53360b40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-goog-meta-goog-reserved-file-mtime: 1680120937
age: 4923
x-guploader-uploadid: ADPycdvXnO8xwoEbl946pEfmgqOI4TP0l2TmvehVwB7XrTKK155cL32hLenSqL1sUC9zJbYVo9NMRKUEKiH6VOZvIC4OchlD8Y6I
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 29 Mar 2023 20:16:14 GMT
server: cloudflare
etag: W/"4743281aa62a8b5449cedb8a5b886e3c"
vary: Accept-Encoding
x-goog-generation: 1680120974536924
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=Xxp40A==, md5=R0MoGqYqi1RJztuKW4huPA==
access-control-expose-headers: Content-Type, x-session-id
cache-control: max-age=31536000
x-goog-stored-content-length: 6298
cf-ray: 7afb437f1e63a8ad-SYD
expires: Thu, 28 Mar 2024 20:17:03 GMT

GET
H2 200 banner-profile-jpg-3c2ac4.jpg
raisely-images.imgix.net/oxfam-2023/uploads/ 537 KB
538 KB 800ms
398ms Image
image/avif 199.232.46.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/oxfam-2023/uploads/banner-profile-jpg-3c2ac4.jpg?fit=max&w=2000&auto=format&q=62

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.46.208 , Singapore, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

3abd22569eef06548fc40591c35b369f5253f506ce5f2ec58756b4bccd5a0ca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:07 GMT
x-content-type-options: nosniff
age: 2393114
x-cache: HIT, HIT
x-imgix-id: 93186ca460b46f12ca7091e00c2185b908fb7e23
cross-origin-resource-policy: cross-origin
content-length: 550366
x-served-by: cache-sjc10050-SJC, cache-qpg1224-QPG
x-imgix-render-farm: 01.9000
last-modified: Thu, 02 Mar 2023 04:53:54 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 avatar-single-svg-3ee46b.svg
raisely-images.imgix.net/oxfam-2023/uploads/ 1 KB
608 B 613ms
211ms Image
image/svg+xml 199.232.46.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/oxfam-2023/uploads/avatar-single-svg-3ee46b.svg?fit=max&w=300&auto=format&q=62

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.46.208 , Singapore, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

86d50e3dfe75c3d6922c3e7c5a40dddf4d0445b21187420d6aef87b3e161fac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104744
x-cache: HIT, HIT
x-imgix-id: 695d8404c6c647775795be297811fc136053776e
cross-origin-resource-policy: cross-origin
content-length: 443
x-served-by: cache-sjc10050-SJC, cache-qpg1224-QPG
x-imgix-render-farm: 01.9000
last-modified: Tue, 15 Nov 2022 01:20:58 GMT
server: imgix
vary: Accept-Encoding, Accept, User-Agent
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 null
trailwalker.oxfam.org.au/ 62 KB
62 KB 152ms
152ms Image
text/html 213.188.193.176
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trailwalker.oxfam.org.au/null

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

213.188.193.176 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/620fe63b (2023-03-17) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/tim-jeffries
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:06 GMT
content-encoding: gzip
via: 2 fly.io
strict-transport-security: max-age=86400;
fly-request-id: 01GWQMYTYD8VNQ49DH5W69HSF2-syd
server: Fly/620fe63b (2023-03-17)
content-type: text/html; charset=utf-8
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
cache-control: public, max-age=30, s-maxage=60
x-raisely-cache-status: EXPIRED
request-id: 8b4db8de-aa07-4a04-b7a9-c77cc2a9aacd
x-server-region: syd
x-connection-region: syd

GET
H2 200 arrow-down-green-svg-5369fc.svg
raisely-images.imgix.net/oxfam-2023/uploads/ 640 B
510 B 799ms
400ms Image
image/svg+xml 199.232.46.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/oxfam-2023/uploads/arrow-down-green-svg-5369fc.svg

Requested by

Host: api.raisely.com
URL: https://api.raisely.com/v3/campaigns/35222e90-4074-11ed-832a-2766f3de7b47/styles.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.46.208 , Singapore, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

b5ab81cca0a06b1a0258768290467efd2f103f4686dce505173ee3ac1a0f91ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://api.raisely.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1238796
x-cache: HIT, HIT
x-imgix-id: f4984540b4fa9ad48ed902f1e0bf6a4ccdedd207
cross-origin-resource-policy: cross-origin
content-length: 360
x-served-by: cache-sjc10064-SJC, cache-qpg1224-QPG
x-imgix-render-farm: 01.9512
last-modified: Tue, 15 Nov 2022 00:40:07 GMT
server: imgix
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 oxfam-tstarpro-medium-woff-2-36cc9f.woff2
raisely-images.imgix.net/bbeab4b0-e75c-11ea-b8e1-bb0e629745e5/uploads/ 23 KB
23 KB 605ms
202ms Font
application/octet-stream 199.232.46.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://raisely-images.imgix.net/bbeab4b0-e75c-11ea-b8e1-bb0e629745e5/uploads/oxfam-tstarpro-medium-woff-2-36cc9f.woff2

Requested by

Host: api.raisely.com
URL: https://api.raisely.com/v3/campaigns/35222e90-4074-11ed-832a-2766f3de7b47/styles.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.46.208 , Singapore, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

25a7f7ee5966db22b190b0f4a21ba9cbb0d9d8f3460fa4ab6483a016d62bd597

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://api.raisely.com/
Origin: https://trailwalker.oxfam.org.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:07 GMT
x-content-type-options: nosniff
age: 1935549
x-cache: HIT, HIT
x-imgix-id: d79d69132d408e463e265a3db5c70049e70cf438
cross-origin-resource-policy: cross-origin
content-length: 23712
x-served-by: cache-sjc10060-SJC, cache-qpg1221-QPG
x-imgix-render-farm: 01.9000
last-modified: Tue, 04 Oct 2022 01:22:54 GMT
server: imgix
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 hackney-personal-use-only-woff-2-82cf36.woff2
raisely-images.imgix.net/bbeab4b0-e75c-11ea-b8e1-bb0e629745e5/uploads/ 146 KB
147 KB 657ms
254ms Font
application/octet-stream 199.232.46.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://raisely-images.imgix.net/bbeab4b0-e75c-11ea-b8e1-bb0e629745e5/uploads/hackney-personal-use-only-woff-2-82cf36.woff2

Requested by

Host: api.raisely.com
URL: https://api.raisely.com/v3/campaigns/35222e90-4074-11ed-832a-2766f3de7b47/styles.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.46.208 , Singapore, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

3b78a1c662d7df9c01d5cf9ef21443b66f63c5f4eb8e87a9ec11eb9a0ccd785b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://api.raisely.com/
Origin: https://trailwalker.oxfam.org.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:07 GMT
x-content-type-options: nosniff
age: 1817735
x-cache: HIT, HIT
x-imgix-id: e3de3c1497e9fae097217fdfe6ffa04c577db487
cross-origin-resource-policy: cross-origin
content-length: 149924
x-served-by: cache-sjc10062-SJC, cache-qpg1221-QPG
x-imgix-render-farm: 01.9512
last-modified: Tue, 04 Oct 2022 01:22:54 GMT
server: imgix
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 589ms
193ms Font
font/woff2 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Material%20Icons|Open+Sans:400,700,400i,700i,regular,regulari,regular,regulari

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://trailwalker.oxfam.org.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 10:36:12 GMT
x-content-type-options: nosniff
age: 558175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Mar 2024 10:36:12 GMT

GET
H3 200 matched_donation_configs Show response
api.raisely.com/v3/ 770 B
913 B 1031ms
1029ms Fetch
application/json 104.22.70.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/matched_donation_configs?campaign=35222e90-4074-11ed-832a-2766f3de7b47&order=asc&sort=startAt

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/app.4dd9e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.70.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b7ec6c51fd82c338747ff74ff55249d47ca3ba3dc79bde29d809253f2de309d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://trailwalker.oxfam.org.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 29 Mar 2023 21:39:08 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
strict-transport-security: max-age=15552000; includeSubDomains; preload
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
request-id: 04773b28-ccd4-478f-b7a1-31aed7292044
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trailwalker.oxfam.org.au
x-cloud-trace-context: c558e4f5948d4f2567ebfc1f837bc29f
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
cf-ray: 7afb43828a1955ab-SYD
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

GET
H3 200 donations Show response
api.raisely.com/v3/ 2 KB
2 KB 2127ms
2124ms Fetch
application/json 104.22.70.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/donations?campaign=35222e90-4074-11ed-832a-2766f3de7b47&displayTotalGT=0&excludeMatched=true&limit=1&offset=0&order=desc&sort=campaignDisplayTotal&subtree=0

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/app.4dd9e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.70.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5407fd0f86520003d66e0d430abb8433d58b2c1e725be142b8f9cf5bc283527f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://trailwalker.oxfam.org.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 29 Mar 2023 21:39:09 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: br
strict-transport-security: max-age=15552000; includeSubDomains; preload
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
request-id: bde575e2-dc1d-415c-86af-ff7453c1a70e
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 29 Mar 2023 21:18:23 GMT
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trailwalker.oxfam.org.au
x-cloud-trace-context: 3d230c12176a2b53d7f12fe99fe78518
cache-control: public, max-age=30, s-maxage=60
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 7afb43828a1755ab-SYD
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

GET
H2 200 oxfam-trailwalker-logo-secondary-rgb-negative-1-svg-33fc21.svg
raisely-images.imgix.net/oxfam-2023/uploads/ 29 KB
19 KB 751ms
399ms Image
image/svg+xml 199.232.46.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/oxfam-2023/uploads/oxfam-trailwalker-logo-secondary-rgb-negative-1-svg-33fc21.svg?fit=max&w=1000&auto=format&q=1

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.46.208 , Singapore, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

99bbd6bfa0e132859e6ab81f4b01accfcf08a1b82c5e7ad564418624499ff4f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1041693
x-cache: HIT, HIT
x-imgix-id: 06c719fe58cda5a5bfdf7564f33429a909e05fa1
cross-origin-resource-policy: cross-origin
content-length: 18705
x-served-by: cache-sjc10063-SJC, cache-qpg1224-QPG
x-imgix-render-farm: 01.9000
last-modified: Tue, 04 Oct 2022 01:13:04 GMT
server: imgix
vary: Accept-Encoding, Accept, User-Agent
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 deloitte-logo-ph-png-d5c91c.png
raisely-images.imgix.net/oxfamtrailwalker/uploads/ 5 KB
5 KB 362ms
361ms Image
image/avif 199.232.46.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/oxfamtrailwalker/uploads/deloitte-logo-ph-png-d5c91c.png?fit=max&w=264&auto=format&q=1

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.46.208 , Singapore, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

22852c2b3729a347c5c22ac7a3c2b6ce3e76c1d8dc7ceb47be10c47879174e21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:07 GMT
x-content-type-options: nosniff
age: 129268
x-cache: HIT, HIT
x-imgix-id: 61fb207c73b212ada4c695b06e471686b9ccaf78
cross-origin-resource-policy: cross-origin
content-length: 4952
x-served-by: cache-sjc10082-SJC, cache-qpg1224-QPG
x-imgix-render-farm: 01.9512
last-modified: Tue, 28 Mar 2023 09:44:39 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 logo-paddy-pallin-svg-78f24b.svg
raisely-images.imgix.net/oxfam-2023/uploads/ 12 KB
5 KB 360ms
359ms Image
image/svg+xml 199.232.46.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/oxfam-2023/uploads/logo-paddy-pallin-svg-78f24b.svg?fit=max&w=255&auto=format&q=1

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.46.208 , Singapore, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

8990a7146c4700900d9ae45c0395585642f9b5a2ab02b7345ed3d55fd343b7f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1247028
x-cache: HIT, HIT
x-imgix-id: 500da1b36e989c7963eac0618ea77272001f2033
cross-origin-resource-policy: cross-origin
content-length: 5437
x-served-by: cache-sjc10061-SJC, cache-qpg1224-QPG
x-imgix-render-farm: 01.9512
last-modified: Tue, 04 Oct 2022 05:38:44 GMT
server: imgix
vary: Accept-Encoding, Accept, User-Agent
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 deloitte-logo-ph-png-d-5-c-91-c-png-00e46f.png
raisely-images.imgix.net/oxfam-trailwalker-2021/uploads/ 5 KB
5 KB 360ms
358ms Image
image/avif 199.232.46.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/oxfam-trailwalker-2021/uploads/deloitte-logo-ph-png-d-5-c-91-c-png-00e46f.png?fit=max&w=330&auto=format&q=1

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.46.208 , Singapore, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

1838b663f5c4b94210d4aa21d5bac6f40f0c2eb8783841e5b48635302d4c5b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:07 GMT
x-content-type-options: nosniff
age: 520938
x-cache: HIT, HIT
x-imgix-id: 5eb557d24bd92f44449f4eb818e15e0a83c7c380
cross-origin-resource-policy: cross-origin
content-length: 5199
x-served-by: cache-sjc10023-SJC, cache-qpg1224-QPG
x-imgix-render-farm: 01.9512
last-modified: Thu, 23 Mar 2023 20:56:50 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 logo-deloitte-svg-1666d6.svg
raisely-images.imgix.net/oxfam-2023/uploads/ 4 KB
2 KB 361ms
360ms Image
image/svg+xml 199.232.46.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/oxfam-2023/uploads/logo-deloitte-svg-1666d6.svg?fit=max&w=295.5&auto=format&q=1

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.46.208 , Singapore, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

57d5390b10f1f8cf4e4a3fe51d36008f685046d340038004d52d9d40ed32d9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3678813
x-cache: HIT, HIT
x-imgix-id: e39746efb3592d210c6f505fbbd23bdea9bf6a0b
cross-origin-resource-policy: cross-origin
content-length: 1567
x-served-by: cache-sjc10041-SJC, cache-qpg1224-QPG
x-imgix-render-farm: 01.0
last-modified: Tue, 04 Oct 2022 05:38:13 GMT
server: imgix
vary: Accept-Encoding, Accept, User-Agent
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 logo-paddy-pallin-svg-78f24b.svg
raisely-images.imgix.net/oxfam-2023/uploads/ 12 KB
6 KB 642ms
641ms Image
image/svg+xml 199.232.46.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/oxfam-2023/uploads/logo-paddy-pallin-svg-78f24b.svg?fit=max&w=229.5&auto=format&q=1

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.46.208 , Singapore, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

8990a7146c4700900d9ae45c0395585642f9b5a2ab02b7345ed3d55fd343b7f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 880341
x-cache: HIT, MISS
x-imgix-id: 49c7d5272e9d59a2388c1b3a07d73c88f84276ad
cross-origin-resource-policy: cross-origin
content-length: 5437
x-served-by: cache-sjc10035-SJC, cache-qpg1224-QPG
x-imgix-render-farm: 01.9512
last-modified: Tue, 04 Oct 2022 05:38:44 GMT
server: imgix
vary: Accept-Encoding, Accept, User-Agent
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 logo-otx-22-footer-png-daf-1-a-9-png-e8b9b1.png
raisely-images.imgix.net/oxfam-2023/uploads/ 9 KB
10 KB 361ms
360ms Image
image/avif 199.232.46.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/oxfam-2023/uploads/logo-otx-22-footer-png-daf-1-a-9-png-e8b9b1.png?fit=max&w=427.5&auto=format&q=1

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.46.208 , Singapore, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

8f84cb042a33a45ab4ee5dd8fd8da402d35cff0d4c1eb495758ac6d03fad6b50

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:07 GMT
x-content-type-options: nosniff
age: 1340984
x-cache: HIT, HIT
x-imgix-id: 6ac28401df561a859827cc11b3199b4c403327ad
cross-origin-resource-policy: cross-origin
content-length: 9635
x-served-by: cache-sjc10029-SJC, cache-qpg1224-QPG
x-imgix-render-farm: 01.9512
last-modified: Tue, 14 Mar 2023 09:09:22 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 tim-jeffries Show response
api.raisely.com/v3/profiles/ 10 KB
3 KB 987ms
985ms Fetch
application/json 104.22.70.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/profiles/tim-jeffries?campaign=35222e90-4074-11ed-832a-2766f3de7b47&rank=1

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/app.4dd9e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.70.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6ea606e2fc42b9b84dcec8c9caba9ea3b02b60a38cdac0a211aa9dcdf884ac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://trailwalker.oxfam.org.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 29 Mar 2023 21:39:08 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: BYPASS
content-encoding: br
strict-transport-security: max-age=15552000; includeSubDomains; preload
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
request-id: 67997637-a6a5-445b-981a-a993685d4d56
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trailwalker.oxfam.org.au
x-cloud-trace-context: 3bd721a470598608e23919c03c322550
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 7afb43828a1a55ab-SYD
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

GET
H2 200 donation-legendary-svg-0c8670.svg
raisely-images.imgix.net/oxfam-2023/uploads/ 17 KB
8 KB 502ms
198ms Image
image/svg+xml 199.232.46.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/oxfam-2023/uploads/donation-legendary-svg-0c8670.svg

Requested by

Host: api.raisely.com
URL: https://api.raisely.com/v3/campaigns/35222e90-4074-11ed-832a-2766f3de7b47/styles.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.46.208 , Singapore, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

d58c6d27149e384320edbeea497ac9b33ed095cfdaf27b3642c6447e305c88c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://api.raisely.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 993573
x-cache: HIT, HIT
x-imgix-id: e906ced0d82eb7b9450341d2301cbe220aaa1be5
cross-origin-resource-policy: cross-origin
content-length: 7761
x-served-by: cache-sjc10079-SJC, cache-qpg1224-QPG
x-imgix-render-farm: 01.9512
last-modified: Mon, 09 Jan 2023 05:09:44 GMT
server: imgix
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

POST
H3 200 select Show response
api.raisely.com/v3/campaigns/35222e90-4074-11ed-832a-2766f3de7b47/providers/ 187 B
709 B 2118ms
2116ms Fetch
application/json 104.22.70.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/campaigns/35222e90-4074-11ed-832a-2766f3de7b47/providers/select?campaign=35222e90-4074-11ed-832a-2766f3de7b47

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/app.4dd9e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.70.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15ee77296a932e1243a2e25545fb7c77dae901357b458fee9151f30c2b263717

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://trailwalker.oxfam.org.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 29 Mar 2023 21:39:09 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
strict-transport-security: max-age=15552000; includeSubDomains; preload
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
request-id: 81cae2b1-eeeb-4faa-872e-76f9f355a3f7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trailwalker.oxfam.org.au
x-cloud-trace-context: 41450a4a6376ebb6ea7881b0692e2d11
cache-control: public, max-age=300, s-maxage=300
access-control-allow-credentials: true
cf-ray: 7afb43828a1655ab-SYD
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

GET
H2 200 dh-69-jpg-8902a4.jpg
raisely-images.imgix.net/oxfam-2023/uploads/ 43 KB
43 KB 486ms
212ms Image
image/avif 199.232.46.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/oxfam-2023/uploads/dh-69-jpg-8902a4.jpg?w=500&fit=max&auto=format&q=62&dpr=1

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.46.208 , Singapore, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

9906c722a720b03a10121a8990176995913d81f740ac33a4719427f3dad841c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:07 GMT
x-content-type-options: nosniff
age: 1443090
x-cache: HIT, HIT
x-imgix-id: 5a8830bc8481cd4031bf95075e3214108c76e2ba
cross-origin-resource-policy: cross-origin
content-length: 43696
x-served-by: cache-sjc10054-SJC, cache-qpg1224-QPG
x-imgix-render-farm: 01.9512
last-modified: Mon, 13 Mar 2023 04:47:37 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 70-jpg-afbd60.jpg
raisely-images.imgix.net/oxfam-trailwalker-2022-main/uploads/ 34 KB
34 KB 674ms
399ms Image
image/avif 199.232.46.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/oxfam-trailwalker-2022-main/uploads/70-jpg-afbd60.jpg?w=500&fit=max&auto=format&q=62&dpr=1

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.46.208 , Singapore, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

6482a7256c8a89b90e9fe17c8b2a8914e34708b829f6a560546276e609cf4807

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:07 GMT
x-content-type-options: nosniff
age: 89696
x-cache: HIT, HIT
x-imgix-id: cde538bac18d582e4bc7e4675f539d939325320c
cross-origin-resource-policy: cross-origin
content-length: 34843
x-served-by: cache-sjc10078-SJC, cache-qpg1224-QPG
x-imgix-render-farm: 01.9000
last-modified: Tue, 28 Mar 2023 20:44:11 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 150-jpg-485453.jpg
raisely-images.imgix.net/oxfam-trailwalker-2022-main/uploads/ 41 KB
41 KB 691ms
416ms Image
image/avif 199.232.46.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/oxfam-trailwalker-2022-main/uploads/150-jpg-485453.jpg?w=500&fit=max&auto=format&q=62&dpr=1

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.46.208 , Singapore, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

ce0fc03ff2105ee9d41a0ec70c47d3a82582272a7d56f3ebc0c4cf69345636b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:07 GMT
x-content-type-options: nosniff
age: 860011
x-cache: HIT, HIT
x-imgix-id: 78dcab9dc4f6afe9a50a58104167acac37df846b
cross-origin-resource-policy: cross-origin
content-length: 41805
x-served-by: cache-sjc10080-SJC, cache-qpg1224-QPG
x-imgix-render-farm: 01.9512
last-modified: Sun, 19 Mar 2023 22:45:36 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 dh-193-jpg-09151a.jpg
raisely-images.imgix.net/oxfam-2023/uploads/ 34 KB
35 KB 673ms
398ms Image
image/avif 199.232.46.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/oxfam-2023/uploads/dh-193-jpg-09151a.jpg?w=500&fit=max&auto=format&q=62&dpr=1

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.46.208 , Singapore, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

68334bd318326f267c1694d0ffe615bb4c8ce9d739e7b6ecfa7ce99d58da05c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:07 GMT
x-content-type-options: nosniff
age: 1041976
x-cache: HIT, HIT
x-imgix-id: e47ac8402df31d4769d307a554141b9a4d974e5a
cross-origin-resource-policy: cross-origin
content-length: 35294
x-served-by: cache-sjc10053-SJC, cache-qpg1224-QPG
x-imgix-render-farm: 01.9512
last-modified: Fri, 17 Mar 2023 20:12:51 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
BLOB 200
OK 23de5a1d-91e4-4ecd-a928-fc8bdfce4188
https://trailwalker.oxfam.org.au/ 23 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://trailwalker.oxfam.org.au/23de5a1d-91e4-4ecd-a928-fc8bdfce4188
Requested by: Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a41ebb1e0f969e09468fdd1d31d6ed597d399c8eb8aa6cd27bc35f33d52958ab

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length: 23183
Content-Type: text/javascript

GET
H2 200 oxfam-trailwalker-logo-secondary-rgb-negative-1-svg-33fc21.svg
raisely-images.imgix.net/oxfam-2023/uploads/ 29 KB
19 KB 360ms
359ms Image
image/svg+xml 199.232.46.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/oxfam-2023/uploads/oxfam-trailwalker-logo-secondary-rgb-negative-1-svg-33fc21.svg?fit=max&w=1000&auto=format&q=62&dpr=1

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.46.208 , Singapore, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

99bbd6bfa0e132859e6ab81f4b01accfcf08a1b82c5e7ad564418624499ff4f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1340984
x-cache: HIT, HIT
x-imgix-id: 24e31705ba28beaba62a699afdf7878b22118819
cross-origin-resource-policy: cross-origin
content-length: 18705
x-served-by: cache-sjc10069-SJC, cache-qpg1224-QPG
x-imgix-render-farm: 01.9000
last-modified: Tue, 04 Oct 2022 01:13:04 GMT
server: imgix
vary: Accept-Encoding, Accept, User-Agent
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
78 KB 204ms
203ms Script
application/javascript 74.125.130.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-97QSHBJGXC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBDCHN

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.130.97 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

d7d71c4c0e2dc71209605e004b9ace3aebee47b749c01eaaa09b62b83dd89a6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80192
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 29 Mar 2023 21:39:07 GMT

GET
H2 200 hotjar-9076.js Show response
static.hotjar.com/c/ 0
433 B 606ms
199ms Script
application/javascript 18.155.68.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-9076.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBDCHN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.155.68.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-155-68-31.sin52.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
date: Wed, 29 Mar 2023 21:38:54 GMT
x-content-type-options: nosniff
via: 1.1 740fccc7c62d49696904618862f889f8.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-P1
age: 13
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 0
etag: W/d41d8cd98f00b204e9800998ecf8427e
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: NLxaRLrs650S8x29jOM4rHmvo_ni4GqKyPrc8ncNCMGzbUrZEcoQGA==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 618ms
201ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBDCHN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 29 Mar 2023 21:39:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: baZz6fvRl5CN0Ib5QVTAb2SegQhxIrjfu1o+e08MeHe68iMBy7FwGhBdP3bxt9nipClrTsOylA+4ESaP+Vqxuw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 548340344
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 595ms
196ms Script
application/javascript 199.232.44.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBDCHN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.44.157 , Singapore, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:07 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 15:55:14 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100040-IAD, cache-qpg1259-QPG

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 629ms
201ms Script
application/x-javascript 42.99.140.192
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBDCHN

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

42.99.140.192 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),

Reverse DNS

ip-42-99-140-192.pacnet.net

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=43628
accept-ranges: bytes
content-length: 4777

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 589ms
194ms Script
application/javascript 103.229.10.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:07 GMT
content-encoding: gzip
etag: "DUHyBE1e2vdA+NAhXV6BXg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 05 Apr 2023 21:39:07 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 839ms
282ms Script
application/x-javascript 104.69.162.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.69.162.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-69-162-116.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 29 Mar 2023 21:39:07 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 / Show response
3b689cd09dbe4d44b19f441588a7d212.js.ubembed.com/ 488 B
772 B 360ms
103ms Script
application/json 151.101.65.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://3b689cd09dbe4d44b19f441588a7d212.js.ubembed.com/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBDCHN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 560a27937e4253b5d2eca5b752fe68c80c2a418abb8451aa64a2a1a059b5c3b7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:07 GMT
content-encoding: br
x-backend-region: ap_southeast_1
x-amz-cf-pop: SYD62-P2
age: 2340
etag: W/65d95f0ef1f42265f7d9801d9bfe7f83-v0.180.0
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
accept-ranges: none
x-amz-apigw-id: Cj8BpGaGyQ0FYbA=

GET
H3 200 pages Show response
api.raisely.com/v3/campaigns/35222e90-4074-11ed-832a-2766f3de7b47/ 2 MB
141 KB 122ms
121ms Fetch
application/json 104.22.70.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/campaigns/35222e90-4074-11ed-832a-2766f3de7b47/pages?client=1&limit=999

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/app.4dd9e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.70.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a239bc9f1b73d5b12b43eca1eee2cff17da7313edf56167ba7a60591c4766979

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://trailwalker.oxfam.org.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 29 Mar 2023 21:39:07 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 1242
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
request-id: dfa02efd-5e57-4ea2-acc3-bea1ebfa2e5c
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 29 Mar 2023 21:18:25 GMT
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trailwalker.oxfam.org.au
x-cloud-trace-context: ec3b44b7ed1c6e1a4e09f9eea82763f8
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 7afb43832a6f55ab-SYD
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

OPTIONS
H3 200 pages
api.raisely.com/v3/campaigns/35222e90-4074-11ed-832a-2766f3de7b47/ Frame 0
0 307ms
307ms Preflight
text/plain 104.22.70.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/campaigns/35222e90-4074-11ed-832a-2766f3de7b47/pages?client=1&limit=999

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.70.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://trailwalker.oxfam.org.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://trailwalker.oxfam.org.au
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7afb4381397f55ab-SYD
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 29 Mar 2023 21:39:07 GMT
request-id: 5885fdb6-8e0f-4069-ad41-e752c667d073
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 google
x-cloud-trace-context: 62eea4159724a888b973d3896b9fe1e4
x-content-type-options: nosniff

GET
H2 200 /
www.google.com/pagead/1p-user-list/591945272/ 42 B
455 B 584ms
197ms Image
image/gif 142.250.4.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/591945272/?random=1680125946540&cv=11&fst=1680123600000&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries&frm=0&tiba=Layout&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2903351012&rmt_tld=0&ipr=y

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f105.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 21:39:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.au/pagead/1p-user-list/591945272/ 42 B
455 B 587ms
198ms Image
image/gif 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/591945272/?random=1680125946540&cv=11&fst=1680123600000&bg=ffffff&guid=ON&async=1&gtm=45be33r0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries&frm=0&tiba=Layout&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2903351012&rmt_tld=1&ipr=y

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 21:39:07 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
69 KB 316ms
316ms Script
application/javascript 74.125.130.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K2K0QDLR9Y&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-591945272

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.130.97 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

41caf8b0f68e0d6ca7f4d11e24fa6c33996ef8dd0846dc9f171724be10f8e4a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 70860
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 29 Mar 2023 21:39:07 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 269ms
269ms Script
application/javascript 74.125.130.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-279903-45&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-591945272

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.130.97 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

a3627d40293dd7a420bd5c20ba083ee6dcbcde69a1952f572ceab66875d68111

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44792
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Mar 2023 21:39:07 GMT

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.180.0/ 174 KB
48 KB 650ms
244ms Script
application/javascript 13.33.33.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.180.0/bundle.js
Requested by: Host: 3b689cd09dbe4d44b19f441588a7d212.js.ubembed.com
URL: https://3b689cd09dbe4d44b19f441588a7d212.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-10.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 810089696e5655d5d4c98fde5a9a82da1af87500456fde63ee30845a787f891e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 18:00:57 GMT
content-encoding: gzip
via: 1.1 d5845d4e49f77b7f0c9511096875b3b4.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:53:32 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P1
age: 1309091
etag: W/"1a08556fd14aad311b6d4906f59fef42"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: NPWbdjNZdyN9RE36VHIOmFZgwIdF8UfrSt1Qo2GhPWKMqT1Y7lxGWg==

GET
H2 200 collect Show response
a.oxfam.org.au/g/ 65 B
675 B 1417ms
1008ms XHR
text/plain 216.239.34.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a.oxfam.org.au/g/collect?v=2&tid=G-97QSHBJGXC&gtm=45je33r0&_p=544481590&cid=983166005.1680125948&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=AU&_s=1&sid=1680125947&sct=1&seg=0&dl=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries&dt=%E2%80%A2%20Oxfam%20Trailwalker%202023&en=page_view&_fv=1&_nsi=1&_ss=1&ep.gtm_details=GTM-KBDCHN%20%7C%2064&ep.custom_client_id=no-value&ep.event_id=1680126363022_16801264509871_&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-97QSHBJGXC&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.34.21 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

any-in-2215.1e100.net

Software

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://trailwalker.oxfam.org.au
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 rules-p-sBqN44vscnKYa.js Show response
rules.quantcount.com/ 222 B
700 B 1525ms
1104ms Script
application/javascript 13.33.33.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-sBqN44vscnKYa.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-118.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b700c6711443565bf48b8663f564d1a97015445630db35a0f999bb8c69915e7a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:09 GMT
via: 1.1 242a08df1383db0d18e5cf8b76b259ce.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 222
last-modified: Thu, 13 Oct 2022 22:16:09 GMT
server: AmazonS3
etag: "f0706d5dfee498e02c96fab030675b72"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: lLeewNTTRj8stHcJbJEaXYi_Cjd6_9ew2_el4KGLZk9O0V7OmUKrTw==

GET
H2 200 adsct
t.co/i/ 43 B
377 B 778ms
264ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=73c69033-0de8-4cd1-93fd-f6f9e3c07e13&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d531a802-a66f-4935-8b43-23273ee64c9f&tw_document_href=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4ajk&type=javascript&version=2.3.29

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 9
date: Wed, 29 Mar 2023 21:39:08 GMT
strict-transport-security: max-age=0
server: tsa_p
content-type: image/gif;charset=utf-8
x-transaction-id: e8b3ac5d5af3514c
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: f287fcd713eef7fdfa3ef60ed58d7695af05ca75a2be11bc10f34f2f386377df
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 807ms
266ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=73c69033-0de8-4cd1-93fd-f6f9e3c07e13&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d531a802-a66f-4935-8b43-23273ee64c9f&tw_document_href=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4ajk&type=javascript&version=2.3.29

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_p /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-response-time: 8
date: Wed, 29 Mar 2023 21:39:07 GMT
strict-transport-security: max-age=631138519
server: tsa_p
content-type: image/gif;charset=utf-8
x-transaction-id: 57883c6e256eaab1
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: f481e7889e66d8dbb07a0ac1a7a87adc200118ee33edd40936aab60e10560b5a
content-length: 43

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 586ms
192ms Script
text/javascript 74.125.24.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-279903-45&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 29 Mar 2023 20:31:18 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4070
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 29 Mar 2023 22:31:18 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4506649/domain/trailwalker.oxfam.org.au/ 36 B
374 B 612ms
206ms XHR
application/json 13.33.88.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4506649/domain/trailwalker.oxfam.org.au/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-24.sin2.r.cloudfront.net
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://trailwalker.oxfam.org.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 20:46:07 GMT
content-encoding: gzip
via: 1.1 b238fef36fc101d581d2aebbbc69d9a6.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
age: 3181
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: vHM0VW3mnTnaQ942GLRbgi50Udd8m400bazJ3bD-fhy_yBobKxQnIQ==

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4506649&time=1680125947710&url=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4506649&time=1680125947710&url=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4506649%26time%3D1680125947710%26url%3Dhttps%253A%252F%252Ftrailwalker.oxfam.org....
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4506649&time=1680125947710&url=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries&cookiesTest=true&liSync=true

0
471 B

264ms
263ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4506649&time=1680125947710&url=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries&cookiesTest=true&liSync=true
Requested by: Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:08 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: D2A99619D8D24A18852DF8518133E5A3 Ref B: SYD03EDGE2010 Ref C: 2023-03-29T21:39:09Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/javascript
x-li-fabric: prod-lor1
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX4EM5fjINiutHa2IOEaA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; script-src-attr 'report-sample' 'none'; object-src 'none'; media-src blob: *; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Wed, 29 Mar 2023 21:39:08 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAX4EM5bb8+1KuGeIYPygw==
pragma: no-cache
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 622F9B50469F465493A2B5CA20833FFA Ref B: SYD03EDGE2010 Ref C: 2023-03-29T21:39:08Z
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4506649&time=1680125947710&url=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries&cookiesTest=true&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 204 t
api.raisely.com/v3/ 0
0 316ms
316ms Fetch
text/html 104.22.70.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/t?p=eyJjIjoiMzUyMjJlOTAtNDA3NC0xMWVkLTgzMmEtMjc2NmYzZGU3YjQ3IiwibyI6ImJiZWFiNGIwLWU3NWMtMTFlYS1iOGUxLWJiMGU2Mjk3NDVlNSIsInMiOiIxNGQzZWYzOC0wM2E1LTQ3ZDktYjk4ZS01NDY0M2RjYmM1MmMiLCJlIjoicGFnZS52aWV3ZWQiLCJ0Ijp7fSwiciI6IiJ9

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/common+api.4dd9e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.70.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:08 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
request-id: 1ef38f34-dbda-4e56-95ac-177823591410
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: text/html
access-control-allow-origin: https://trailwalker.oxfam.org.au
x-cloud-trace-context: f18e63ecc1800aab24df08b13fce6be8
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
cf-ray: 7afb4385dc0355ab-SYD
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

POST
H2 204 collect
www.google-analytics.com/g/ 0
177 B 566ms
259ms Ping
text/plain 74.125.24.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-K2K0QDLR9Y&gtm=45je33r0&_p=544481590&cid=983166005.1680125948&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&cn=Oxfam%20Trailwalker%202023&sid=1680125947&sct=1&seg=0&dl=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries&dt=%E2%80%A2%20Oxfam%20Trailwalker%202023&en=page_view&_fv=1&_ss=1&_ee=1&ep.campaign_path=oxfam-2023&ep.campaign_mode=LIVE&ep.campaign_currency=AUD&ep.anonymize_ip=true&up._npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K2K0QDLR9Y&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.24.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 21:39:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://trailwalker.oxfam.org.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 t
api.raisely.com/v3/ 0
0 1383ms
1382ms Fetch
text/html 104.22.70.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/common+api.4dd9e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.70.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:09 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
request-id: 835d19e0-570a-4015-a579-cc858f407c7b
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: text/html
access-control-allow-origin: https://trailwalker.oxfam.org.au
x-cloud-trace-context: 116a846726112f4370fcf4dcf322e1c2
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
cf-ray: 7afb43873c9855ab-SYD
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

GET
H3 204 t
api.raisely.com/v3/ 0
0 338ms
338ms Fetch
text/html 104.22.70.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/common+api.4dd9e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.70.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:08 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
request-id: c9987658-1e18-42db-b7b1-30f61f586658
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: text/html
access-control-allow-origin: https://trailwalker.oxfam.org.au
x-cloud-trace-context: ecb1c9ffe90346942bac7d59c6dbf4ef
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
cf-ray: 7afb43874c9e55ab-SYD
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 201ms
200ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 29 Mar 2023 21:39:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 2AhQsdS/LpBhyFDLlySR8iYQT6xjFJ5CbrBd9d3dHCU7zSooAAe0BU7i83Nf/rmh8e+nD9LXXD/TW0Lbca82lQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 548340344
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1992353550892866 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 435ms
435ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1992353550892866?v=2.9.100&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

3f89ca033e2ec03603e88128d01bd6b1f0cf03af9ffb6e13c252cd8d1358ebb9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 29 Mar 2023 21:39:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: HItDcLk2c4XO1VCHllqN2C7LiEin+nJo7IkT/7uirJElaKgVbUi6T3TB6ID51k6rer2RqC/MazE8iTkWrtUbfg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 548340344
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 284ms
283ms Script
application/x-javascript 104.69.162.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.69.162.116 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-69-162-116.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 29 Mar 2023 21:39:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Fri, 07 Jul 2023 21:39:08 GMT

OPTIONS
H3 200 select
api.raisely.com/v3/campaigns/35222e90-4074-11ed-832a-2766f3de7b47/providers/ Frame 0
0 357ms
357ms Preflight
text/plain 104.22.70.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/campaigns/35222e90-4074-11ed-832a-2766f3de7b47/providers/select?campaign=35222e90-4074-11ed-832a-2766f3de7b47

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.70.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://trailwalker.oxfam.org.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://trailwalker.oxfam.org.au
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7afb43891d9255ab-SYD
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 29 Mar 2023 21:39:08 GMT
request-id: 5414080e-4b72-4e6d-b7dc-78ec3add194d
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 google
x-cloud-trace-context: bbe0f4789b95fc4d6a37709cfbc5f824
x-content-type-options: nosniff

OPTIONS
H3 200 donations
api.raisely.com/v3/profiles/16de1360-8e1a-11ed-b1a2-a7ee1f6a3514/ Frame 0
0 352ms
352ms Preflight
text/plain 104.22.70.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/profiles/16de1360-8e1a-11ed-b1a2-a7ee1f6a3514/donations?campaign=35222e90-4074-11ed-832a-2766f3de7b47&displayTotalGT=0&excludeMatched=true&limit=1&offset=0&order=desc&sort=campaignDisplayTotal&subtree=0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.70.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://trailwalker.oxfam.org.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://trailwalker.oxfam.org.au
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7afb43892d9655ab-SYD
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 29 Mar 2023 21:39:08 GMT
request-id: 60ce2c92-2b80-4530-8482-07a611526732
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 google
x-cloud-trace-context: a92d8ad4d28a35a16a14b6ea2b188468
x-content-type-options: nosniff

OPTIONS
H3 200 donations
api.raisely.com/v3/profiles/16de1360-8e1a-11ed-b1a2-a7ee1f6a3514/ Frame 0
0 306ms
306ms Preflight
text/plain 104.22.70.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/profiles/16de1360-8e1a-11ed-b1a2-a7ee1f6a3514/donations?campaign=35222e90-4074-11ed-832a-2766f3de7b47&displayTotalGT=0&limit=5&offset=0&order=desc&sort=date&subtree=0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.70.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://trailwalker.oxfam.org.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://trailwalker.oxfam.org.au
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7afb43899dc855ab-SYD
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 29 Mar 2023 21:39:08 GMT
request-id: f0faf798-8474-48e2-a85a-957edc366b2b
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 google
x-cloud-trace-context: 9b3ebc4a0493e28bc0c59a8dadb78c63
x-content-type-options: nosniff

OPTIONS
H3 200 posts
api.raisely.com/v3/profiles/16de1360-8e1a-11ed-b1a2-a7ee1f6a3514/ Frame 0
0 300ms
300ms Preflight
text/plain 104.22.70.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/profiles/16de1360-8e1a-11ed-b1a2-a7ee1f6a3514/posts?campaign=35222e90-4074-11ed-832a-2766f3de7b47&limit=1&offset=0&order=desc&q=&sort=date&tags=

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.70.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://trailwalker.oxfam.org.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://trailwalker.oxfam.org.au
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7afb43899dc955ab-SYD
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 29 Mar 2023 21:39:08 GMT
request-id: dd97bace-2b7f-4294-88f9-a9402eb7c16e
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 google
x-cloud-trace-context: d1006efe4919bc2201d33443e5db6c08
x-content-type-options: nosniff

GET
H2 200 banner-vip-svg-d9775d.svg
raisely-images.imgix.net/oxfam-2023/uploads/ 233 KB
27 KB 369ms
368ms Image
image/svg+xml 199.232.46.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/oxfam-2023/uploads/banner-vip-svg-d9775d.svg

Requested by

Host: api.raisely.com
URL: https://api.raisely.com/v3/campaigns/35222e90-4074-11ed-832a-2766f3de7b47/styles.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.46.208 , Singapore, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

3617c4143111645a8db4b8d632042a37ccf46d01575fb5faaba62cd5630d39be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://api.raisely.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78320
x-cache: HIT, MISS
x-imgix-id: 7ad09acd50e7796f60cd84c85dab7f7909bdf64a
cross-origin-resource-policy: cross-origin
content-length: 27497
x-served-by: cache-sjc10062-SJC, cache-qpg1224-QPG
x-imgix-render-farm: 01.9512
last-modified: Tue, 20 Dec 2022 02:59:23 GMT
server: imgix
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 e-9-cbac-6-f-02-bc-4-de-4-9-fa-4-f-089-f-6-ada-032-jpeg-0c75df.jpeg
raisely-images.imgix.net/uploads/ 31 KB
31 KB 373ms
373ms Image
image/avif 199.232.46.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/uploads/e-9-cbac-6-f-02-bc-4-de-4-9-fa-4-f-089-f-6-ada-032-jpeg-0c75df.jpeg?fit=max&w=300&auto=format&q=62

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.46.208 , Singapore, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

c6f5e277ff476132b5b7000dd672d427dfbb12ca963919b243e3e8c5ba71ec74

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:08 GMT
x-content-type-options: nosniff
age: 1
x-cache: HIT, MISS
x-imgix-id: 0137636304a091d1c1141e71d9b0a457697beb90
cross-origin-resource-policy: cross-origin
content-length: 31660
x-served-by: cache-sjc10038-SJC, cache-qpg1224-QPG
x-imgix-render-farm: 01.9512
last-modified: Wed, 29 Mar 2023 21:39:07 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 profile-trailerblazers-svg-20d1ac.svg
raisely-images.imgix.net/oxfam-2023/uploads/ 10 KB
3 KB 199ms
198ms Image
image/svg+xml 199.232.46.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/oxfam-2023/uploads/profile-trailerblazers-svg-20d1ac.svg

Requested by

Host: api.raisely.com
URL: https://api.raisely.com/v3/campaigns/35222e90-4074-11ed-832a-2766f3de7b47/styles.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.46.208 , Singapore, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

fafddbac55547c68e37c123031c2a321c198a34d5076d5f63ec8e04fb8ec88d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://api.raisely.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 902031
x-cache: HIT, HIT
x-imgix-id: b9adedde0f63c9166de963deb2248d8e389d4612
cross-origin-resource-policy: cross-origin
content-length: 2719
x-served-by: cache-sjc10024-SJC, cache-qpg1224-QPG
x-imgix-render-farm: 01.9512
last-modified: Sun, 13 Nov 2022 22:50:49 GMT
server: imgix
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 vikings-jpeg-30460f.jpeg
raisely-images.imgix.net/uploads/ 50 KB
50 KB 380ms
380ms Image
image/avif 199.232.46.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/uploads/vikings-jpeg-30460f.jpeg?fit=max&w=600&auto=format&q=62

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.46.208 , Singapore, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

fa8831fbc7c469397e279f966ea71693f73cf85ae44ca7a562a9f74d6057118b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:08 GMT
x-content-type-options: nosniff
age: 1
x-cache: HIT, MISS
x-imgix-id: 406d336d7c52fa5999876e996130a317221468b3
cross-origin-resource-policy: cross-origin
content-length: 50887
x-served-by: cache-sjc10076-SJC, cache-qpg1224-QPG
x-imgix-render-farm: 01.9512
last-modified: Wed, 29 Mar 2023 21:39:06 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

POST
H3 200 select Show response
api.raisely.com/v3/campaigns/35222e90-4074-11ed-832a-2766f3de7b47/providers/ 187 B
709 B 326ms
325ms Fetch
application/json 104.22.70.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/campaigns/35222e90-4074-11ed-832a-2766f3de7b47/providers/select?campaign=35222e90-4074-11ed-832a-2766f3de7b47

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/app.4dd9e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.70.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15ee77296a932e1243a2e25545fb7c77dae901357b458fee9151f30c2b263717

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://trailwalker.oxfam.org.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 29 Mar 2023 21:39:08 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
strict-transport-security: max-age=15552000; includeSubDomains; preload
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
request-id: 3e6be53c-3db6-4823-9ccd-df139415125c
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trailwalker.oxfam.org.au
x-cloud-trace-context: 370a215264362b5f212874d393686852
cache-control: public, max-age=300, s-maxage=300
access-control-allow-credentials: true
cf-ray: 7afb438b5e7455ab-SYD
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

GET
H3 200 donations Show response
api.raisely.com/v3/profiles/16de1360-8e1a-11ed-b1a2-a7ee1f6a3514/ 3 KB
2 KB 355ms
355ms Fetch
application/json 104.22.70.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/app.4dd9e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.70.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3119493f034e85b8a75b2b06bf12a7f7eca776520a244be3cc3aa4bc17efc6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://trailwalker.oxfam.org.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 29 Mar 2023 21:39:08 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
strict-transport-security: max-age=15552000; includeSubDomains; preload
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
request-id: 2789067d-d003-4c45-83b9-8a198c54dc1d
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 29 Mar 2023 21:39:08 GMT
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trailwalker.oxfam.org.au
x-cloud-trace-context: 5695cdb2fbb02de0930227b541976da3
cache-control: public, max-age=30, s-maxage=60
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 7afb438b5e7d55ab-SYD
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

GET
H3 200 donations Show response
api.raisely.com/v3/profiles/16de1360-8e1a-11ed-b1a2-a7ee1f6a3514/ 13 KB
3 KB 382ms
382ms Fetch
application/json 104.22.70.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/profiles/16de1360-8e1a-11ed-b1a2-a7ee1f6a3514/donations?campaign=35222e90-4074-11ed-832a-2766f3de7b47&displayTotalGT=0&limit=5&offset=0&order=desc&sort=date&subtree=0

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/app.4dd9e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.70.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8f0ca1f2a8f8dbc4a65fa970e73e063d3c69e9f8178c219d81d5ff3e58f902f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://trailwalker.oxfam.org.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 29 Mar 2023 21:39:08 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
strict-transport-security: max-age=15552000; includeSubDomains; preload
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
request-id: ad915da2-7703-44fb-b7cc-d12fc8de3dff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 29 Mar 2023 21:39:08 GMT
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trailwalker.oxfam.org.au
x-cloud-trace-context: 6c295e8d06ecc9f286b2d337f07911c0
cache-control: public, max-age=30, s-maxage=60
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 7afb438b7e9855ab-SYD
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

GET
H3 200 posts Show response
api.raisely.com/v3/profiles/16de1360-8e1a-11ed-b1a2-a7ee1f6a3514/ 99 B
648 B 356ms
355ms Fetch
application/json 104.22.70.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/profiles/16de1360-8e1a-11ed-b1a2-a7ee1f6a3514/posts?campaign=35222e90-4074-11ed-832a-2766f3de7b47&limit=1&offset=0&order=desc&q=&sort=date&tags=

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/app.4dd9e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.70.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b2e32a2fb62007bdd8daf19240c63ece5da357e5366bee8f16ba949be303a07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://trailwalker.oxfam.org.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 29 Mar 2023 21:39:08 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: BYPASS
content-encoding: br
strict-transport-security: max-age=15552000; includeSubDomains; preload
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
request-id: 5ae0b3eb-0dcf-40c0-8890-0ee0c330a05b
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trailwalker.oxfam.org.au
x-cloud-trace-context: 43026a23b595ffd2791b49603dc4aab4
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 7afb438b7e9255ab-SYD
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

GET
H2 200 your-impact-icon-toilet-icon-svg-1651e9.svg
raisely-images.imgix.net/oxfam-trailwalker-2023-dev-pl/uploads/ 5 KB
2 KB 373ms
373ms Image
image/svg+xml 199.232.46.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/oxfam-trailwalker-2023-dev-pl/uploads/your-impact-icon-toilet-icon-svg-1651e9.svg

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.46.208 , Singapore, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

7a2998c65e8cea1f23598464a978033e7600b13eb117f01037ae1d0bde98a807

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 862507
x-cache: HIT, MISS
x-imgix-id: acd0ff9a9941f5f21f538c2b9dc9cf35e8fcd1b5
cross-origin-resource-policy: cross-origin
content-length: 2371
x-served-by: cache-sjc10036-SJC, cache-qpg1224-QPG
x-imgix-render-farm: 01.9000
last-modified: Mon, 16 Jan 2023 03:51:12 GMT
server: imgix
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 your-impact-icon-wheelbarrow-svg-755450.svg
raisely-images.imgix.net/oxfam-trailwalker-2023-dev-pl/uploads/ 2 KB
1 KB 204ms
203ms Image
image/svg+xml 199.232.46.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/oxfam-trailwalker-2023-dev-pl/uploads/your-impact-icon-wheelbarrow-svg-755450.svg

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.46.208 , Singapore, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

81bf01fe889a296407a6b0652a927b5b8ca9646ede0a9b9e1a79e3138700173a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104078
x-cache: HIT, HIT
x-imgix-id: d51201dad96cfb092870f8fd1daf0c05755eba76
cross-origin-resource-policy: cross-origin
content-length: 1060
x-served-by: cache-sjc10070-SJC, cache-qpg1224-QPG
x-imgix-render-farm: 01.9000
last-modified: Mon, 16 Jan 2023 03:51:12 GMT
server: imgix
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 collect Show response
a.oxfam.org.au/g/ 65 B
494 B 723ms
722ms XHR
text/plain 216.239.34.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-97QSHBJGXC&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.34.21 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

any-in-2215.1e100.net

Software

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://trailwalker.oxfam.org.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 29 Mar 2023 21:39:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://trailwalker.oxfam.org.au
cache-control: no-cache
access-control-allow-credentials: true

OPTIONS
H3 200 test
api.raisely.com/v3/matched_donation_configs/31787120-a053-11ed-a96b-4fa7a577bd5e/ Frame 0
0 370ms
369ms Preflight
text/plain 104.22.70.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/matched_donation_configs/31787120-a053-11ed-a96b-4fa7a577bd5e/test?campaign=35222e90-4074-11ed-832a-2766f3de7b47

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.70.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://trailwalker.oxfam.org.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://trailwalker.oxfam.org.au
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7afb438a4e1855ab-SYD
content-length: 2
content-type: text/plain; charset=utf-8
date: Wed, 29 Mar 2023 21:39:08 GMT
request-id: fa723c18-7e7b-4982-bcc7-62eaab595728
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 google
x-cloud-trace-context: 5273b1839feeda6f2a03c83032355149
x-content-type-options: nosniff

POST
H3 200 test Show response
api.raisely.com/v3/matched_donation_configs/31787120-a053-11ed-a96b-4fa7a577bd5e/ 51 B
598 B 383ms
382ms Fetch
application/json 104.22.70.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.raisely.com/v3/matched_donation_configs/31787120-a053-11ed-a96b-4fa7a577bd5e/test?campaign=35222e90-4074-11ed-832a-2766f3de7b47

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/app.4dd9e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.70.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f347e416e8204d4238effb7b0238e81a3319bbdbfdaca508519b370c7fed831c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://trailwalker.oxfam.org.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 29 Mar 2023 21:39:09 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
strict-transport-security: max-age=15552000; includeSubDomains; preload
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
request-id: c47466cb-3c93-44d0-abbb-4aa33e6f30e9
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trailwalker.oxfam.org.au
x-cloud-trace-context: 03a1671d2079b6057d05ef490c8ca646
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
cf-ray: 7afb438caf4855ab-SYD
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
92 B 194ms
194ms XHR
text/plain 74.125.24.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=544481590&t=pageview&_s=1&dl=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries&ul=en-us&de=UTF-8&dt=Tim%20Jeffries%20%E2%80%A2%20Oxfam%20Trailwalker%202023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1264358796&gjid=565152617&cid=983166005.1680125948&tid=UA-279903-45&_gid=1351273420.1680125948&_r=1&gtm=457e33r0&jsscut=1&z=246832949

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://trailwalker.oxfam.org.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 21:39:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://trailwalker.oxfam.org.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 193ms
192ms Image
image/gif 74.125.24.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=544481590&t=pageview&_s=2&dl=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries&dp=%2Ftim-jeffries&ul=en-us&de=UTF-8&dt=%E2%80%A2%20Oxfam%20Trailwalker%202023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACgCI~&jid=&gjid=&cid=983166005.1680125948&tid=UA-279903-45&_gid=1351273420.1680125948&gtm=457e33r0&jsscut=1&z=1303867549

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 08:15:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48244
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 193ms
193ms Image
image/gif 74.125.24.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=544481590&t=event&ni=1&_s=3&dl=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries&ul=en-us&de=UTF-8&dt=Tim%20Jeffries%20%E2%80%A2%20Oxfam%20Trailwalker%202023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=statistics&ea=donate-stage&el=stage-0&_u=YADAAUABAAAAACgCI~&jid=&gjid=&cid=983166005.1680125948&tid=UA-279903-45&_gid=1351273420.1680125948&gtm=457e33r0&jsscut=1&z=1461454458

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 08:15:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48244
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 194ms
193ms Image
image/gif 74.125.24.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=544481590&t=event&ni=1&_s=4&dl=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries&ul=en-us&de=UTF-8&dt=Tim%20Jeffries%20%E2%80%A2%20Oxfam%20Trailwalker%202023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=statistics&ea=donate-stage&el=stage-0&_u=YADAAUABAAAAACgCI~&jid=&gjid=&cid=983166005.1680125948&tid=UA-279903-45&_gid=1351273420.1680125948&gtm=457e33r0&jsscut=1&z=317504072

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 08:15:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48244
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK visitWebPage
633-zwh-272.mktoresp.com/webevents/ 2 B
487 B 718ms
111ms Ping
text/plain 103.237.104.82
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL: https://633-zwh-272.mktoresp.com/webevents/visitWebPage?_mchNc=1680125948500&_mchCn=&_mchId=633-ZWH-272&_mchTk=_mch-oxfam.org.au-1680125948499-97136&_mchHo=trailwalker.oxfam.org.au&_mchPo=&_mchRu=%2Ftim-jeffries&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.237.104.82 , United States, ASN53580 (MARKETO, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 29 Mar 2023 21:39:09 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: e30a38e8-164d-42b9-b3fa-4a00c840acc1

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
359 B 579ms
192ms XHR
text/plain 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-279903-45&cid=983166005.1680125948&jid=1264358796&gjid=565152617&_gid=1351273420.1680125948&_u=YADAAUAAAAAAACAAI~&z=1581974413

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://trailwalker.oxfam.org.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 29 Mar 2023 21:39:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://trailwalker.oxfam.org.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2549501831989448 Show response
connect.facebook.net/signals/config/ 379 KB
108 KB 467ms
466ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2549501831989448?v=2.9.100&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

e2c13b090b79be4fef6c925a63197f96651077e034358e94f4c11f787cb50229

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 29 Mar 2023 21:39:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: tl6lWXtUreFBduQVCIwJlXHmMOo0MFuags3CHDiqCd6KI6g4xTnk27dhZGJ4wIsXTTp8r1i0wTveCuwkXkTA5Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 602ms
198ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1992353550892866&ev=PageView&dl=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries&rl=&if=false&ts=1680125948762&sw=1600&sh=1200&v=2.9.100&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.2.1680125948761.2102916609&it=1680125948038&coo=false&tm=1&rqm=GET

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 29 Mar 2023 21:39:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 204 t
api.raisely.com/v3/ 0
0 305ms
305ms Fetch
text/html 104.22.70.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/common+api.4dd9e.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.70.98 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:09 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
request-id: 0085fd53-b39b-4749-9a3a-2371b0834a4a
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: text/html
access-control-allow-origin: https://trailwalker.oxfam.org.au
x-cloud-trace-context: 8e10b896f8eae7c133766ae548b6236f
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
cf-ray: 7afb438c6f2655ab-SYD
access-control-allow-headers: Token,x-session-id,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,x-app-name,x-utc-offset

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 192ms
192ms Image
image/gif 74.125.24.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=544481590&t=event&ni=1&_s=5&dl=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries&ul=en-us&de=UTF-8&dt=Tim%20Jeffries%20%E2%80%A2%20Oxfam%20Trailwalker%202023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=donation-form&ea=loaded&_u=aADAAUABAAAAACgCI~&jid=&gjid=&cid=983166005.1680125948&tid=UA-279903-45&_gid=1351273420.1680125948&gtm=457e33r0&jsscut=1&z=1000772341

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 08:15:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48244
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 controller-8a2892163a70784f66f7f056772510ab.html Show response
js.stripe.com/v3/ Frame FDE8 325 B
1 KB 203ms
202ms Document
text/html 13.33.33.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-8a2892163a70784f66f7f056772510ab.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-71.sin2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

8217ad21d5829b7ddcafc4e1cfdecdb3383a5dba88e5a2350911c8f1f4575232

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://trailwalker.oxfam.org.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 52
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 29 Mar 2023 21:38:57 GMT
etag: "8a2892163a70784f66f7f056772510ab"
last-modified: Wed, 29 Mar 2023 17:04:43 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 242a08df1383db0d18e5cf8b76b259ce.cloudfront.net (CloudFront)
x-amz-cf-id: 76T0NXYzI9WdgPktpTmDihJnLoluVGU-BDJtUlyRtA3iv3-n5_tAuw==
x-amz-cf-pop: SIN2-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-9a2336ac1ba18961aa352bfc9a660212.html Show response
js.stripe.com/v3/ Frame E1A7 408 B
1 KB 204ms
200ms Document
text/html 13.33.33.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-9a2336ac1ba18961aa352bfc9a660212.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-71.sin2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

98050700dce4234516145046ad18cba178e8f333252bfceb045f8f5050c3948a

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://trailwalker.oxfam.org.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 838
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 29 Mar 2023 21:25:27 GMT
etag: "9a2336ac1ba18961aa352bfc9a660212"
last-modified: Wed, 29 Mar 2023 17:04:54 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 242a08df1383db0d18e5cf8b76b259ce.cloudfront.net (CloudFront)
x-amz-cf-id: BWCpVutCnrlrHyoIl1khasUVvRJ9xTwnnORomr9svPwTQrAVkCaL0g==
x-amz-cf-pop: SIN2-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-0fa8d53058b91eb665fa0fbe2c2983a1.html Show response
js.stripe.com/v3/ Frame 680F 344 B
1 KB 207ms
204ms Document
text/html 13.33.33.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-0fa8d53058b91eb665fa0fbe2c2983a1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-71.sin2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

de71df8a18f7b460d17218f49a27dccc142ecd2e473d1bf172600cecac68eaf4

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://trailwalker.oxfam.org.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 28
cache-control: max-age=60
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 29 Mar 2023 21:39:09 GMT
etag: "0fa8d53058b91eb665fa0fbe2c2983a1"
last-modified: Wed, 29 Mar 2023 17:04:54 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 242a08df1383db0d18e5cf8b76b259ce.cloudfront.net (CloudFront)
x-amz-cf-id: Ug3oN0OfBPNGBQ0u3SNtc7CppKYkfwvvpGyCLh_sLK3xnK_vQVYRnQ==
x-amz-cf-pop: SIN2-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame FDE8 0
640 B 796ms
264ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 29 Mar 2023 21:39:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680125949857048
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-3e9ed8f07e0650768bbe49f0e2d110de.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame FDE8 389 KB
85 KB 212ms
210ms Script
text/javascript 13.33.33.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-8a2892163a70784f66f7f056772510ab.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-71.sin2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c9191540d271d74e4ef8f3361ced31652f010ed254634a48d799f658eb1cf1c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/controller-8a2892163a70784f66f7f056772510ab.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 29 Mar 2023 21:08:59 GMT
via: 1.1 242a08df1383db0d18e5cf8b76b259ce.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 1863
x-cache: Hit from cloudfront
last-modified: Wed, 29 Mar 2023 17:04:53 GMT
server: Cloudfront
etag: W/"4e88fbe0cf3ea9fe6c95c71d47f9dbd2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: JuNCAX3CcTel9YL9WGB2M2OyOaZXZkXL1m5vj70mJOydexINTD6JMw==

GET
H2 200 controller-50db62f80b98a94e71a4d6a803e43c24.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame FDE8 441 KB
109 KB 270ms
268ms Script
text/javascript 13.33.33.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-50db62f80b98a94e71a4d6a803e43c24.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-8a2892163a70784f66f7f056772510ab.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-71.sin2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b292bb9affbbc84773d08063ccd376feae27d6224e070a70956379887e68c3e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/controller-8a2892163a70784f66f7f056772510ab.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 29 Mar 2023 21:08:59 GMT
via: 1.1 242a08df1383db0d18e5cf8b76b259ce.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 1860
x-cache: Hit from cloudfront
last-modified: Wed, 29 Mar 2023 17:04:51 GMT
server: Cloudfront
etag: W/"1b2aa851e4ade15711b487626c1f425e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: WR6RDTVvkiwoW3u9aV2UtoGXu6GoQN8ushhiQunTIckvUvBV1ZMN_A==

POST
H2 200 csp-report
q.stripe.com/ Frame E1A7 0
641 B 776ms
263ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 29 Mar 2023 21:39:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680125949857104
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame E1A7 0
640 B 1036ms
524ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 29 Mar 2023 21:39:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680125950117447
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame E1A7 115 KB
35 KB 659ms
257ms Script
application/javascript 142.250.4.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-9a2336ac1ba18961aa352bfc9a660212.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f92.1e100.net

Software

ESF /

Resource Hash

daab4a16cf14de6fa4654845903efaf7767f3fc113d73ea3d15b7f6d875c1131

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-m_DkDFOSXMldDA5lPQKGzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:09 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-m_DkDFOSXMldDA5lPQKGzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 29 Mar 2023 21:39:09 GMT

GET
H2 200 shared-3e9ed8f07e0650768bbe49f0e2d110de.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E1A7 389 KB
85 KB 418ms
400ms Script
text/javascript 13.33.33.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-9a2336ac1ba18961aa352bfc9a660212.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-71.sin2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c9191540d271d74e4ef8f3361ced31652f010ed254634a48d799f658eb1cf1c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-9a2336ac1ba18961aa352bfc9a660212.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 29 Mar 2023 21:08:59 GMT
via: 1.1 242a08df1383db0d18e5cf8b76b259ce.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 1863
x-cache: Hit from cloudfront
last-modified: Wed, 29 Mar 2023 17:04:53 GMT
server: Cloudfront
etag: W/"4e88fbe0cf3ea9fe6c95c71d47f9dbd2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 7gwNNPpFLompnrE-AJfjUuSFx48rUvddBQaTX6g2i0qvXdCJ2J3lMw==

GET
H2 200 payment-request-inner-google-pay-82a52d809d72ed221910eea51343d5b7.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E1A7 9 KB
4 KB 200ms
200ms Script
text/javascript 13.33.33.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-82a52d809d72ed221910eea51343d5b7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-9a2336ac1ba18961aa352bfc9a660212.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-71.sin2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

65b9b932dd95ef6196e2422ef7749dd106724799f18daada01b44cc26e024a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-9a2336ac1ba18961aa352bfc9a660212.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 29 Mar 2023 20:49:05 GMT
via: 1.1 242a08df1383db0d18e5cf8b76b259ce.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 3004
x-cache: Hit from cloudfront
last-modified: Mon, 27 Mar 2023 20:02:52 GMT
server: Cloudfront
etag: W/"0a91dbfac59829d4d2b5a973be16e802"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 86cBPNuBQaKW--eMRJgNGNNhq6RjJMGzH5Obi5Es-xa1kplwveGDcQ==

POST
H2 200 csp-report
q.stripe.com/ Frame 680F 0
640 B 1033ms
525ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 29 Mar 2023 21:39:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680125950117464
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 680F 0
640 B 771ms
263ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 29 Mar 2023 21:39:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680125949857144
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-3e9ed8f07e0650768bbe49f0e2d110de.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 680F 389 KB
85 KB 431ms
419ms Script
text/javascript 13.33.33.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-0fa8d53058b91eb665fa0fbe2c2983a1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-71.sin2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

c9191540d271d74e4ef8f3361ced31652f010ed254634a48d799f658eb1cf1c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-0fa8d53058b91eb665fa0fbe2c2983a1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 29 Mar 2023 21:08:59 GMT
via: 1.1 242a08df1383db0d18e5cf8b76b259ce.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 1863
x-cache: Hit from cloudfront
last-modified: Wed, 29 Mar 2023 17:04:53 GMT
server: Cloudfront
etag: W/"4e88fbe0cf3ea9fe6c95c71d47f9dbd2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: D_tSnD1wwh0QbiVae_XchkCX7_q8ADBGlklbR4eK6Qb0z1hZJYIZLA==

GET
H2 200 payment-request-inner-browser-3d77ea43e56092c1a202e54c77f1ec59.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 680F 11 KB
5 KB 477ms
465ms Script
text/javascript 13.33.33.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-3d77ea43e56092c1a202e54c77f1ec59.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-0fa8d53058b91eb665fa0fbe2c2983a1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-71.sin2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

8ae6dc26c68d8933cb92ca7c37f0905a07af7c7e9df8aca254d5e7cae6d7bad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-0fa8d53058b91eb665fa0fbe2c2983a1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 29 Mar 2023 20:55:15 GMT
via: 1.1 242a08df1383db0d18e5cf8b76b259ce.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 2635
x-cache: Hit from cloudfront
last-modified: Thu, 23 Mar 2023 20:02:45 GMT
server: Cloudfront
etag: W/"b98a0c1ae5833e6240aeebbd9d197cd1"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: rY77CV8_q309aF-0rwuzCDB3-Qd4mJlBs2KphoUprI9AgnsNzppRsg==

GET
H2 200 pixel;r=1096399247;labels=_fp.event.Default;rf=0;a=p-sBqN44vscnKYa;url=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries;uht=2;fpan=1;fpa=P0-2042587711-1680125947688;pbc=;ns=0;ce=1;qjs=1;qv=93f...
pixel.quantserve.com/ 35 B
371 B 203ms
195ms Image
image/gif 103.229.10.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1096399247;labels=_fp.event.Default;rf=0;a=p-sBqN44vscnKYa;url=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries;uht=2;fpan=1;fpa=P0-2042587711-1680125947688;pbc=;ns=0;ce=1;qjs=1;qv=93f4cf8b-20230329153214;cm=;gdpr=0;ref=;d=oxfam.org.au;dst=0;et=1680125949219;tzo=0;ogl=image.https%3A%2F%2Fraisely-images%252Eimgix%252Enet%2Foxfam-2023%2Fuploads%2Fotw-23-together-for-adventur%2Cimage%3Aurl.https%3A%2F%2Fraisely-images%252Eimgix%252Enet%2Foxfam-2023%2Fuploads%2Fotw-23-together-for-adventur;ses=ad7ba843-6df6-426e-b02f-25983af9efc7

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.229.10.211 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 21:39:09 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 198ms
197ms Image
image/gif 142.250.4.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-279903-45&cid=983166005.1680125948&jid=1264358796&_u=YADAAUAAAAAAACAAI~&z=105107531

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f105.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 21:39:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
107 B 197ms
196ms Image
image/gif 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-279903-45&cid=983166005.1680125948&jid=1264358796&_u=YADAAUAAAAAAACAAI~&z=105107531

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 21:39:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame FDE8 474 B
865 B 597ms
201ms Fetch
application/json 13.33.33.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-71.sin2.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 84367490c7bc3e5d3594ae79643b1a79b264fb0051cee25e8472b5b937763a6f

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-8a2892163a70784f66f7f056772510ab.html
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 29 Mar 2023 21:38:14 GMT
via: 1.1 ba8bc65829da40e60d0f5a1aec087956.cloudfront.net (CloudFront)
last-modified: Wed, 29 Mar 2023 20:38:29 GMT
server: Cloudfront
x-amz-cf-pop: SIN2-P1
age: 59
etag: "cbb0c3afc28b0c0cc4e3c5345719fbaf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: 0di8PgxkCTsWnIIOOYmlQ5ZkUey5-dkERzXQD5J8R1d81-RBjRMsRw==

GET
H2 200 link-config Show response
merchant-ui-api.stripe.com/elements/ Frame FDE8 844 B
1 KB 837ms
435ms Fetch
application/json 3.1.98.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/link-config?key=pk_live_IuO9apxOM1AclLg9TOTxjUS0&_stripe_account=acct_18MqsXKM4botHVtE&request_surface=web_card_element_popup&stripe_js_id=bf6fd560-96b6-4cdf-9215-77e4eddafca6

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.1.98.10 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-1-98-10.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

d8ed21486379d87d3450859336ade92a2bc7dc9842b5ff4deb0f768dd0f2971a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 29 Mar 2023 21:39:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1680125950271806
content-length: 844
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST, HEAD, OPTIONS, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 72
access-control-expose-headers: Request-Id, Stripe-Manage-Version, X-Stripe-External-Auth-Required, X-Stripe-Privileged-Session-Required
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-stripe-client-envoy-start-time-us: 1680125950270820
timing-allow-origin: https://js.stripe.com
x-robots-tag: none
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 200ms
199ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2549501831989448&ev=PageView&dl=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries&rl=&if=false&ts=1680125949821&sw=1600&sh=1200&v=2.9.100&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.2.1680125948586.1418550584&it=1680125948038&coo=false&eid=1680126363022_16801264509871_&tm=1&rqm=GET

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 29 Mar 2023 21:39:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 204ms
203ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1992353550892866&ev=PageView&dl=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries&rl=&if=false&ts=1680125949823&sw=1600&sh=1200&v=2.9.100&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&cs_est=true&fbp=fb.2.1680125948586.1418550584&it=1680125948038&coo=false&rqm=GET

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 29 Mar 2023 21:39:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 207ms
206ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2549501831989448&ev=PageView&dl=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries&rl=&if=false&ts=1680125949824&sw=1600&sh=1200&v=2.9.100&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&cs_est=true&fbp=fb.2.1680125948586.1418550584&it=1680125948038&coo=false&rqm=GET

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 29 Mar 2023 21:39:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 206ms
205ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1992353550892866&ev=Microdata&dl=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries&rl=&if=false&ts=1680125949825&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Tim%20Jeffries%20%E2%80%A2%20Oxfam%20Trailwalker%202023%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fraisely-images.imgix.net%2Foxfam-2023%2Fuploads%2Fotw-23-together-for-adventure-png-47dffe.png%22%2C%22og%3Aimage%3Aurl%22%3A%22https%3A%2F%2Fraisely-images.imgix.net%2Foxfam-2023%2Fuploads%2Fotw-23-together-for-adventure-png-47dffe.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.100&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=30&fbp=fb.2.1680125948586.1418550584&it=1680125948038&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 29 Mar 2023 21:39:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame B927 18 KB
8 KB 273ms
272ms Document
text/html 142.250.4.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f92.1e100.net

Software

ESF /

Resource Hash

81c3ccfc317b1d2caefcfee0f7c196ca2aa636c7f03b40b936e6ac9f66ed4354

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eiCBPKOtcJW1GOC11n5GhQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-eiCBPKOtcJW1GOC11n5GhQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Wed, 29 Mar 2023 21:39:10 GMT
expires: Wed, 29 Mar 2023 21:39:10 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame FDE8 0
274 B 275ms
266ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 29 Mar 2023 21:39:10 GMT
x-stripe-server-envoy-start-time-us: 1680125950394800
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680125950393933
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame FDE8 0
274 B 273ms
264ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 29 Mar 2023 21:39:10 GMT
x-stripe-server-envoy-start-time-us: 1680125950394572
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680125950394015
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame FDE8 0
274 B 270ms
261ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 29 Mar 2023 21:39:10 GMT
x-stripe-server-envoy-start-time-us: 1680125950394169
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680125950393772
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame FDE8 0
274 B 273ms
265ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 29 Mar 2023 21:39:10 GMT
x-stripe-server-envoy-start-time-us: 1680125950394494
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1680125950393837
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame FDE8 0
274 B 270ms
263ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 29 Mar 2023 21:39:10 GMT
x-stripe-server-envoy-start-time-us: 1680125950394293
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680125950394077
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame FDE8 0
274 B 272ms
264ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 29 Mar 2023 21:39:10 GMT
x-stripe-server-envoy-start-time-us: 1680125950394889
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680125950394242
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame FDE8 0
274 B 268ms
262ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 29 Mar 2023 21:39:10 GMT
x-stripe-server-envoy-start-time-us: 1680125950393802
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680125950393520
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame FDE8 0
274 B 269ms
263ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 29 Mar 2023 21:39:10 GMT
x-stripe-server-envoy-start-time-us: 1680125950394104
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680125950393812
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame FDE8 0
274 B 529ms
523ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 29 Mar 2023 21:39:10 GMT
x-stripe-server-envoy-start-time-us: 1680125950654237
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680125950654059
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame FDE8 0
274 B 532ms
526ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 29 Mar 2023 21:39:10 GMT
x-stripe-server-envoy-start-time-us: 1680125950654632
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1680125950654241
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame FDE8 0
274 B 530ms
524ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 29 Mar 2023 21:39:10 GMT
x-stripe-server-envoy-start-time-us: 1680125950655065
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680125950654358
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame FDE8 0
274 B 534ms
529ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 29 Mar 2023 21:39:10 GMT
x-stripe-server-envoy-start-time-us: 1680125950654593
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1680125950654339
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame FDE8 0
274 B 527ms
523ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 29 Mar 2023 21:39:10 GMT
x-stripe-server-envoy-start-time-us: 1680125950654885
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680125950654383
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame FDE8 0
274 B 530ms
528ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 29 Mar 2023 21:39:10 GMT
x-stripe-server-envoy-start-time-us: 1680125950654982
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680125950654437
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame FDE8 0
274 B 527ms
525ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 29 Mar 2023 21:39:10 GMT
x-stripe-server-envoy-start-time-us: 1680125950654982
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680125950654491
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame FDE8 0
274 B 524ms
522ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 29 Mar 2023 21:39:10 GMT
x-stripe-server-envoy-start-time-us: 1680125950654788
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680125950654559
access-control-allow-credentials: true
content-length: 0

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 200ms
199ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2549501831989448&ev=Microdata&dl=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries&rl=&if=false&ts=1680125950323&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Tim%20Jeffries%20%E2%80%A2%20Oxfam%20Trailwalker%202023%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fraisely-images.imgix.net%2Foxfam-2023%2Fuploads%2Fotw-23-together-for-adventure-png-47dffe.png%22%2C%22og%3Aimage%3Aurl%22%3A%22https%3A%2F%2Fraisely-images.imgix.net%2Foxfam-2023%2Fuploads%2Fotw-23-together-for-adventure-png-47dffe.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.100&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=30&fbp=fb.2.1680125948586.1418550584&it=1680125948038&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 29 Mar 2023 21:39:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame B927 2 KB
2 KB 295ms
295ms Other
text/html 142.250.4.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.4.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sm-in-f92.1e100.net
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 29 Mar 2023 21:39:10 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.PuZ9UiaVk_s.es5.O/am=wGgAEA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMit... Frame B927 157 KB
56 KB 593ms
195ms Script
text/javascript 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.PuZ9UiaVk_s.es5.O/am=wGgAEA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfribhkKF8QyoKaJnYMZiPoR5aJS62g/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

55d989a500760fa68bf4275d878c196eb2e461beb2bb14ff8094bb2aea927fea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 19:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56538
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 03:23:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Mar 2024 19:45:51 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame FDE8 0
273 B 266ms
265ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 29 Mar 2023 21:39:10 GMT
x-stripe-server-envoy-start-time-us: 1680125950664635
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680125950664122
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame FDE8 0
274 B 268ms
268ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 29 Mar 2023 21:39:10 GMT
x-stripe-server-envoy-start-time-us: 1680125950664648
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680125950664175
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame FDE8 0
274 B 266ms
266ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 29 Mar 2023 21:39:10 GMT
x-stripe-server-envoy-start-time-us: 1680125950664827
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680125950664574
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame FDE8 0
274 B 265ms
265ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 29 Mar 2023 21:39:10 GMT
x-stripe-server-envoy-start-time-us: 1680125950665295
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680125950665269
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame FDE8 0
274 B 265ms
264ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 29 Mar 2023 21:39:10 GMT
x-stripe-server-envoy-start-time-us: 1680125950671236
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1680125950670680
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame FDE8 0
273 B 264ms
264ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 29 Mar 2023 21:39:10 GMT
x-stripe-server-envoy-start-time-us: 1680125950671526
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1680125950671422
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame FDE8 0
274 B 265ms
264ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 29 Mar 2023 21:39:10 GMT
x-stripe-server-envoy-start-time-us: 1680125950674050
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680125950673816
access-control-allow-credentials: true
content-length: 0

GET
H2 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.PuZ9UiaVk_s.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.LYz... Frame B927 70 KB
26 KB 194ms
193ms Script
text/javascript 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.PuZ9UiaVk_s.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.LYzxDKB-OUM.L.B1.O/am=wGgAEA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfri1-hQ6cujzrMM0N-8H57-sFPSvGQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.PuZ9UiaVk_s.es5.O/am=wGgAEA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfribhkKF8QyoKaJnYMZiPoR5aJS62g/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

bff6afe3420daaa62c262234bf0bebc1d0eb5f01fff092108db776b6b9588724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 19:51:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26367
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 19:28:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Mar 2024 19:51:11 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame B927 1 MB
386 KB 505ms
504ms XHR
text/html 142.250.4.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f92.1e100.net

Software

ESF /

Resource Hash

ce66c9faa9bd77c99127d2c04687394bd35d4dc4a6497b619093d003800ef66c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-MoQ5FpMUIdBVGr0d5mYR7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:11 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-MoQ5FpMUIdBVGr0d5mYR7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 29 Mar 2023 21:39:11 GMT

GET
H/1.1 200
OK 6cbd192183cd434e951d33ca3e6305fee700ac2e9d6a4b86a2cdbc3f221f7538 Show response
rapidpanda.io/anywhere/ 783 B
1 KB 1291ms
344ms Script
text/javascript 162.242.174.138
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://rapidpanda.io/anywhere/6cbd192183cd434e951d33ca3e6305fee700ac2e9d6a4b86a2cdbc3f221f7538?devmode=true&t=Layout&u=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries&r=
Requested by: Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.174.138 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: /
Resource Hash: 54deba82d701da524a6ee7728f8b23530fef4f3d039d02431014ecef59c740a0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 29 Mar 2023 21:39:12 GMT
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS
P3P: CP="Intentionally invalid"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: private,max-age=0
Connection: close
Content-Length: 783
X-Timing: lt=0,fs=40,tfc=41,fpcd=42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame A681 200 B
1 KB 201ms
200ms Document
text/html 13.33.33.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-71.sin2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://trailwalker.oxfam.org.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1291
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 29 Mar 2023 21:17:41 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Mon, 27 Mar 2023 20:02:53 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 242a08df1383db0d18e5cf8b76b259ce.cloudfront.net (CloudFront)
x-amz-cf-id: FPLoK7TQlpC1usMYsh8JlD5MrJiggJOqLLUYGTeSRFO7aEgcrofAQA==
x-amz-cf-pop: SIN2-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.PuZ9UiaVk_s.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.LYz... Frame B927 23 KB
9 KB 194ms
193ms Script
text/javascript 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.PuZ9UiaVk_s.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.LYzxDKB-OUM.L.B1.O/am=wGgAEA/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfri1-hQ6cujzrMM0N-8H57-sFPSvGQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

06ecfdaefe75535005bb91eb6765877909acc9930985a27a6889ae248960bf6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 19:51:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9265
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 19:28:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Mar 2024 19:51:11 GMT

GET
H2 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.PuZ9UiaVk_s.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.LYz... Frame B927 36 KB
13 KB 211ms
211ms Script
text/javascript 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.PuZ9UiaVk_s.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.LYzxDKB-OUM.L.B1.O/am=wGgAEA/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfri1-hQ6cujzrMM0N-8H57-sFPSvGQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

cbde8eb38070b14ce47000e9dcd27298f750a88b914c242b16a144366c35881c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 19:51:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13534
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 19:28:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Mar 2024 19:51:11 GMT

POST
H2 200 log Show response
play.google.com/ Frame B927 131 B
196 B 409ms
405ms XHR
text/plain 74.125.24.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f113.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 29 Mar 2023 21:39:12 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 633ms
242ms Preflight
text/plain 74.125.24.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f113.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 29 Mar 2023 21:39:12 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame B927 131 B
196 B 417ms
410ms XHR
text/plain 74.125.24.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f113.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 29 Mar 2023 21:39:12 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 629ms
240ms Preflight
text/plain 74.125.24.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f113.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 29 Mar 2023 21:39:12 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame B927 131 B
196 B 421ms
416ms XHR
text/plain 74.125.24.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f113.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 29 Mar 2023 21:39:12 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 629ms
241ms Preflight
text/plain 74.125.24.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f113.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 29 Mar 2023 21:39:12 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame B927 131 B
196 B 411ms
409ms XHR
text/plain 74.125.24.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f113.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 29 Mar 2023 21:39:12 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 629ms
242ms Preflight
text/plain 74.125.24.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f113.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 29 Mar 2023 21:39:12 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame B927 131 B
196 B 417ms
413ms XHR
text/plain 74.125.24.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f113.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 29 Mar 2023 21:39:12 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 627ms
242ms Preflight
text/plain 74.125.24.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f113.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 29 Mar 2023 21:39:12 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame FDE8 0
274 B 265ms
264ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 29 Mar 2023 21:39:11 GMT
x-stripe-server-envoy-start-time-us: 1680125951745697
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680125951745688
access-control-allow-credentials: true
content-length: 0

POST
H2 200 log Show response
play.google.com/ Frame B927 131 B
196 B 412ms
407ms XHR
text/plain 74.125.24.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f113.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 29 Mar 2023 21:39:12 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 620ms
241ms Preflight
text/plain 74.125.24.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f113.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 29 Mar 2023 21:39:12 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame FDE8 0
274 B 264ms
264ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 29 Mar 2023 21:39:11 GMT
x-stripe-server-envoy-start-time-us: 1680125951748536
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680125951748341
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame FDE8 0
274 B 264ms
264ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 29 Mar 2023 21:39:11 GMT
x-stripe-server-envoy-start-time-us: 1680125951749165
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680125951748899
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame FDE8 0
274 B 264ms
263ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 29 Mar 2023 21:39:11 GMT
x-stripe-server-envoy-start-time-us: 1680125951750849
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680125951750725
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame FDE8 0
274 B 264ms
264ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 29 Mar 2023 21:39:11 GMT
x-stripe-server-envoy-start-time-us: 1680125951751471
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680125951751264
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame FDE8 0
274 B 264ms
264ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-3e9ed8f07e0650768bbe49f0e2d110de.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 29 Mar 2023 21:39:11 GMT
x-stripe-server-envoy-start-time-us: 1680125951752804
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1680125951752554
access-control-allow-credentials: true
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame A681 0
640 B 263ms
262ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 29 Mar 2023 21:39:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680125951938696
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame A681 0
640 B 264ms
262ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 29 Mar 2023 21:39:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680125951939152
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A681 631 B
1 KB 201ms
200ms Script
text/javascript 13.33.33.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-33-71.sin2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 29 Mar 2023 21:04:34 GMT
x-content-type-options: nosniff
via: 1.1 242a08df1383db0d18e5cf8b76b259ce.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 2078
x-cache: Hit from cloudfront
content-length: 631
last-modified: Mon, 27 Mar 2023 20:02:52 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: nAbmhdrRovimwBx9xhTNVTFqxxVSl5FBsAgHWtf_v8IJI-erUzWj1g==

POST
H2 200 log Show response
play.google.com/ Frame B927 131 B
426 B 625ms
242ms XHR
text/plain 74.125.24.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f113.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 29 Mar 2023 21:39:12 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 556B 930 B
2 KB 605ms
198ms Document
text/html 18.155.68.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.155.68.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-155-68-52.sin52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 238
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 29 Mar 2023 21:35:15 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 0f2b81f417aa397d9ed9b32b2017aaca.cloudfront.net (CloudFront)
x-amz-cf-id: HImdmtBKg8Rp4xI6vG8-lyiOvNfbi4JzhhFOnp42w72x4AjGcOBjSA==
x-amz-cf-pop: SIN52-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 556B 0
414 B 264ms
263ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: trailwalker.oxfam.org.au
URL: https://trailwalker.oxfam.org.au/tim-jeffries

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

x-stripe-bg-intended-route-color: green
pragma: no-cache
date: Wed, 29 Mar 2023 21:39:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-client-envoy-start-time-us: 1680125952754744
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 556B 86 KB
16 KB 243ms
243ms Script
text/javascript 18.155.68.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.155.68.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-155-68-52.sin52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 29 Mar 2023 21:35:48 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 0f2b81f417aa397d9ed9b32b2017aaca.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-P1
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 216
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: Dav5PAa0Ycw-XtqJj7gC7oWN80XWPrxFldYn9Osee5FJIeVbHmSzqw==

GET
H/1.1 200
OK coreDev.js Show response
rapidpanda.io/anywhere/6cbd192183cd434e951d33ca3e6305fee700ac2e9d6a4b86a2cdbc3f221f7538/ 38 KB
12 KB 303ms
303ms Script
text/javascript 162.242.174.138
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://rapidpanda.io/anywhere/6cbd192183cd434e951d33ca3e6305fee700ac2e9d6a4b86a2cdbc3f221f7538/coreDev.js
Requested by: Host: rapidpanda.io
URL: https://rapidpanda.io/anywhere/6cbd192183cd434e951d33ca3e6305fee700ac2e9d6a4b86a2cdbc3f221f7538?devmode=true&t=Layout&u=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries&r=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.242.174.138 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software: /
Resource Hash: 71d6d060d22c49ab6a5cb23f58f1076042920c0f24f8ab434850437e9c353fee

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 29 Mar 2023 21:39:13 GMT
Content-Encoding: gzip
ETag: 8908594ec7e4269603768e37e4697862
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,no-transform,max-age=300,s-maxage=300
Connection: close
Content-Length: 11649
X-Timing: lt=1,lso-n=1,fs=2
Expires: Wed, 29 Mar 2023 21:44:13 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 556B 156 B
670 B 791ms
265ms XHR
application/json 35.167.72.35

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.167.72.35 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

5bdd88413514a23df77db97ba0848167a2b433750905ceb13babc527c8127dba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 29 Mar 2023 21:39:13 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1680125953575144
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1680125953574856
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 oxfam-trailwalker-logo-secondary-rgb-negative-1-svg-33fc21.svg
raisely-images.imgix.net/oxfam-2023/uploads/ 29 KB
18 KB 225ms
225ms Image
image/svg+xml 199.232.46.208
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raisely-images.imgix.net/oxfam-2023/uploads/oxfam-trailwalker-logo-secondary-rgb-negative-1-svg-33fc21.svg?fit=max&w=1000&auto=format&q=62&dpr=1

Requested by

Host: cdn.raisely.com
URL: https://cdn.raisely.com/v3/app.4dd9e.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.46.208 , Singapore, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

99bbd6bfa0e132859e6ab81f4b01accfcf08a1b82c5e7ad564418624499ff4f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1340990
x-cache: HIT, HIT
x-imgix-id: 24e31705ba28beaba62a699afdf7878b22118819
cross-origin-resource-policy: cross-origin
content-length: 18705
x-served-by: cache-sjc10069-SJC, cache-qpg1224-QPG
x-imgix-render-farm: 01.9000
last-modified: Tue, 04 Oct 2022 01:13:04 GMT
server: imgix
vary: Accept-Encoding, Accept, User-Agent
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

PUT 6424b000166d6813f92a7cb8
rapidpanda.io/anywhere/6cbd192183cd434e951d33ca3e6305fee700ac2e9d6a4b86a2cdbc3f221f7538/ 0
0

GET
H2 200 collect Show response
a.oxfam.org.au/g/ 65 B
496 B 657ms
656ms XHR
text/plain 216.239.34.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a.oxfam.org.au/g/collect?v=2&tid=G-97QSHBJGXC&gtm=45je33r0&_p=544481590&cid=983166005.1680125948&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=AU&_s=3&sid=1680125947&sct=1&seg=0&dl=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries&dt=Tim%20Jeffries%20%E2%80%A2%20Oxfam%20Trailwalker%202023&en=donation_form_loaded&ep.gtm_details=GTM-KBDCHN%20%7C%2064&ep.custom_client_id=.983166005.1680125948&ep.event_id=1680126363022_168012645098717_&ep.stage=not%20set&_et=509&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-97QSHBJGXC&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.34.21 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

any-in-2215.1e100.net

Software

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 21:39:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://trailwalker.oxfam.org.au
cache-control: no-cache
access-control-allow-credentials: true

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 192ms
192ms Ping
text/plain 74.125.24.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-K2K0QDLR9Y&gtm=45je33r0&_p=544481590&cid=983166005.1680125948&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&cn=Oxfam%20Trailwalker%202023&sid=1680125947&sct=1&seg=0&dl=https%3A%2F%2Ftrailwalker.oxfam.org.au%2Ftim-jeffries&dt=Tim%20Jeffries%20%E2%80%A2%20Oxfam%20Trailwalker%202023&en=donation_form_loaded&_ee=1&ep.campaign_path=oxfam-2023&ep.campaign_mode=LIVE&ep.campaign_currency=AUD&ep.anonymize_ip=true&ep.instance_id=8214bf6c-996f-4e24-b7dd-e15ed281c652&ep.non_interaction=true&_et=1010
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K2K0QDLR9Y&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.24.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://trailwalker.oxfam.org.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Mar 2023 21:39:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://trailwalker.oxfam.org.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS 6424b000166d6813f92a7cb8
rapidpanda.io/anywhere/6cbd192183cd434e951d33ca3e6305fee700ac2e9d6a4b86a2cdbc3f221f7538/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: rapidpanda.io
URL: https://rapidpanda.io/anywhere/6cbd192183cd434e951d33ca3e6305fee700ac2e9d6a4b86a2cdbc3f221f7538/6424b000166d6813f92a7cb8

Domain: rapidpanda.io
URL: https://rapidpanda.io/anywhere/6cbd192183cd434e951d33ca3e6305fee700ac2e9d6a4b86a2cdbc3f221f7538/6424b000166d6813f92a7cb8

Domain: rapidpanda.io
URL: https://rapidpanda.io/anywhere/6cbd192183cd434e951d33ca3e6305fee700ac2e9d6a4b86a2cdbc3f221f7538/6424b000166d6813f92a7cb8

Domain: rapidpanda.io
URL: https://rapidpanda.io/anywhere/6cbd192183cd434e951d33ca3e6305fee700ac2e9d6a4b86a2cdbc3f221f7538/6424b000166d6813f92a7cb8

Verdicts & Comments Add Verdict or Comment

222 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rapidpanda.io/anywhere	1970-01-20 19:27:41	Name: 6cbd192183cd434e951d33ca3e6305fee700ac2e9d6a4b86a2cdbc3f221f7538 Value: 6424b000166d6813f92a7cb8
.oxfam.org.au/	1970-01-20 12:51:41	Name: _gcl_au Value: 1.1.1278882339.1680125947
.doubleclick.net/	1970-01-20 10:42:06	Name: test_cookie Value: CheckForPermission
.linkedin.com/	1970-01-20 12:51:41	Name: li_sugr Value: 2e4a7f57-e12b-4eb1-a6f6-2f6b02e68e31
.linkedin.com/	1970-01-20 19:27:41	Name: bcookie Value: "v=2&5f84320b-e8d9-45ae-8789-5eb882226481"
.linkedin.com/	1970-01-20 10:43:32	Name: lidc Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2483:u=1:x=1:i=1680125948:t=1680212348:v=2:sig=AQEsBoxSrJWoAkFsNkbhC3JG1iS5uAqY"
trailwalker.oxfam.org.au/	1970-01-20 10:43:32	Name: ln_or Value: eyI0NTA2NjQ5IjoiZCJ9
.t.co/	1970-01-20 20:18:05	Name: muc_ads Value: 3f01b384-b2a6-473d-be13-e6203134e15f
.oxfam.org.au/	1970-01-20 20:18:05	Name: _ga Value: GA1.3.983166005.1680125948
.oxfam.org.au/	1970-01-20 10:43:32	Name: _gid Value: GA1.3.1351273420.1680125948
.oxfam.org.au/	1970-01-20 10:42:06	Name: _gat_gtag_UA_279903_45 Value: 1
.oxfam.org.au/	1970-01-20 20:18:05	Name: _mkto_trk Value: id:633-ZWH-272&token:_mch-oxfam.org.au-1680125948499-97136
.twitter.com/	1970-01-20 20:18:05	Name: personalization_id Value: "v1_ymw8Y3AFYiLu0Ebz7AWxig=="
.linkedin.com/	1970-01-20 11:25:17	Name: UserMatchHistory Value: AQJ1AM1HAvrWzwAAAYcvT3Jx1Hg0WGY9S3vQU98sCr5_uV_9ABOspQ3c2KsQDymcAL8c5ex4A0vqGw
.linkedin.com/	1970-01-20 11:25:17	Name: AnalyticsSyncHistory Value: AQJWm3ZDiUKjiAAAAYcvT3Jxsc1VAH3dSHvjirGnTbasCsGfw9MPeX9cT1b8gAJu5DS5luPlypHC78vhDlEMpg
.oxfam.org.au/	1970-01-20 20:18:05	Name: _ga_97QSHBJGXC Value: GS1.1.1680125947.1.0.1680125948.0.0.0
.oxfam.org.au/	1970-01-20 20:18:05	Name: _ga_K2K0QDLR9Y Value: GS1.1.1680125947.1.0.1680125948.0.0.0
.www.linkedin.com/	1970-01-20 19:27:41	Name: bscookie Value: "v=1&20230329213908741ee0a2-1b2e-44db-8cdf-d95ea277dfddAQHvr03HUpo2Zq1LSbpiM_Y5-Uu6M0n_"
.oxfam.org.au/	1970-01-20 20:18:05	Name: FPID Value: FPID2.3.JCRbjec47nVOZXxsZlJfnWJSpHoCFh2eJ98YLoP5EdQ%3D.1680125948
.oxfam.org.au/	1970-01-20 12:51:41	Name: FPAU Value: 1.1.1278882339.1680125947
.oxfam.org.au/	1970-01-20 10:43:17	Name: FPLC Value: QtAZaXSEcCd0P3qEIsYioD13YekDY7SGrNBJmDnCq2crVaR3DemUWTZ5%2BF3zDwqdsSNpt2hVlIrOvJ4Z0LnIxIC2i8pj6V%2FutGqQ0rj4YPjv%2FfABsCnbknmdFSHkOg%3D%3D
.oxfam.org.au/	1970-01-20 12:51:41	Name: _fbp Value: fb.2.1680125948586.1418550584
.quantserve.com/	1970-01-20 20:12:20	Name: mc Value: 6424affd-51217-d1c72-7b2f5
.oxfam.org.au/	1970-01-20 20:06:34	Name: __qca Value: P0-2042587711-1680125947688
.google.com/	1970-01-20 15:05:37	Name: NID Value: 511=hYrcBKqcOVoButvhrBYyf2xm5J0sxd-ELxdWLH5CjR9NHMzxpP6AYPpnzw4tsVDrh_1pXL8rj9DJIWoEjM6nqh1ccNR3jj25-p4AoxXMYCOHW7xArctBlmX60MmwP_BWQxxHRMrtdPy6OlFNU-Pl0dHGzaaO4DVD2h58BpC2t8k

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=86400;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3b689cd09dbe4d44b19f441588a7d212.js.ubembed.com
633-zwh-272.mktoresp.com
a.oxfam.org.au
analytics.twitter.com
api.raisely.com
assets.ubembed.com
cdn.linkedin.oribi.io
cdn.raisely.com
cdnjs.cloudflare.com
connect.facebook.net
dyv6f9ner1ir9.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.hsforms.net
js.stripe.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
munchkin.marketo.net
pay.google.com
pixel.quantserve.com
play.google.com
px.ads.linkedin.com
q.stripe.com
r.stripe.com
raisely-images.imgix.net
rapidpanda.io
rules.quantcount.com
secure.quantserve.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
trailwalker.oxfam.org.au
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
rapidpanda.io
103.229.10.211
103.237.104.82
104.17.186.73
104.17.25.14
104.22.70.98
104.22.71.98
104.244.42.133
104.244.42.195
104.69.162.116
13.107.42.14
13.33.33.10
13.33.33.118
13.33.33.71
13.33.88.24
142.250.4.105
142.250.4.92
142.250.4.95
142.251.12.94
151.101.65.131
157.240.235.1
157.240.235.35
162.242.174.138
172.217.194.113
172.217.194.156
18.155.68.31
18.155.68.52
18.155.70.188
199.232.44.157
199.232.46.208
213.188.193.176
216.239.34.21
3.1.98.10
35.167.72.35
42.99.140.192
54.186.23.98
74.125.130.94
74.125.130.97
74.125.200.155
74.125.24.100
74.125.24.113
74.125.24.94
06ecfdaefe75535005bb91eb6765877909acc9930985a27a6889ae248960bf6d
0b7ec6c51fd82c338747ff74ff55249d47ca3ba3dc79bde29d809253f2de309d
146cea910a38f64f657b458204a00fca52635267c8cdb87581660db381c80e58
15ee77296a932e1243a2e25545fb7c77dae901357b458fee9151f30c2b263717
1838b663f5c4b94210d4aa21d5bac6f40f0c2eb8783841e5b48635302d4c5b26
192f7128d8917c1ff3c8c501265524515233dd92d5fbc7921424aa955acf1beb
22852c2b3729a347c5c22ac7a3c2b6ce3e76c1d8dc7ceb47be10c47879174e21
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
25a7f7ee5966db22b190b0f4a21ba9cbb0d9d8f3460fa4ab6483a016d62bd597
2997dfdabcc257c5a185f2e594e8d1297266d2fbd8172ff5d6e443b1d7ea0871
3617c4143111645a8db4b8d632042a37ccf46d01575fb5faaba62cd5630d39be
3abd22569eef06548fc40591c35b369f5253f506ce5f2ec58756b4bccd5a0ca2
3b78a1c662d7df9c01d5cf9ef21443b66f63c5f4eb8e87a9ec11eb9a0ccd785b
3f5172b3f47d676e8313b3f64379f8e10b9e862564f25c28fe3da1137947ac22
3f89ca033e2ec03603e88128d01bd6b1f0cf03af9ffb6e13c252cd8d1358ebb9
3fb7c6e754c595684e4d5ed9eb9b07dfe0388468655e928bf85d0a6402cd326b
41caf8b0f68e0d6ca7f4d11e24fa6c33996ef8dd0846dc9f171724be10f8e4a2
428e9b66ee3e2025d2350751a1ab8923feb686ffc6085ad3b273fba0d5e7476d
43ed973f326015673193bd0fb56a348506dfeb1cecf87fd330a946ae53360b40
482e88e20f601fc964d4acbe1d1041edcc1db4cc94721a4826a87b9f25430788
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
5407fd0f86520003d66e0d430abb8433d58b2c1e725be142b8f9cf5bc283527f
54deba82d701da524a6ee7728f8b23530fef4f3d039d02431014ecef59c740a0
55d989a500760fa68bf4275d878c196eb2e461beb2bb14ff8094bb2aea927fea
560a27937e4253b5d2eca5b752fe68c80c2a418abb8451aa64a2a1a059b5c3b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57d5390b10f1f8cf4e4a3fe51d36008f685046d340038004d52d9d40ed32d9bf
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b2e32a2fb62007bdd8daf19240c63ece5da357e5366bee8f16ba949be303a07
5bdd88413514a23df77db97ba0848167a2b433750905ceb13babc527c8127dba
6482a7256c8a89b90e9fe17c8b2a8914e34708b829f6a560546276e609cf4807
65b9b932dd95ef6196e2422ef7749dd106724799f18daada01b44cc26e024a39
68334bd318326f267c1694d0ffe615bb4c8ce9d739e7b6ecfa7ce99d58da05c3
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
70f1d8ca07f7f597a983bd06efe6d5c38e9a7646b954de344191884f7b267829
71d6d060d22c49ab6a5cb23f58f1076042920c0f24f8ab434850437e9c353fee
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
7a2998c65e8cea1f23598464a978033e7600b13eb117f01037ae1d0bde98a807
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
7ee87d6ef1d82f56f9ee5a6662fd62278ced0a6891aa8261c7dcdf7cc3d7a021
810089696e5655d5d4c98fde5a9a82da1af87500456fde63ee30845a787f891e
81bf01fe889a296407a6b0652a927b5b8ca9646ede0a9b9e1a79e3138700173a
81c3ccfc317b1d2caefcfee0f7c196ca2aa636c7f03b40b936e6ac9f66ed4354
8217ad21d5829b7ddcafc4e1cfdecdb3383a5dba88e5a2350911c8f1f4575232
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84367490c7bc3e5d3594ae79643b1a79b264fb0051cee25e8472b5b937763a6f
86d50e3dfe75c3d6922c3e7c5a40dddf4d0445b21187420d6aef87b3e161fac2
8990a7146c4700900d9ae45c0395585642f9b5a2ab02b7345ed3d55fd343b7f7
8ae6dc26c68d8933cb92ca7c37f0905a07af7c7e9df8aca254d5e7cae6d7bad7
8ce6d3f9e87589515936a198c83603b34c0a8310591072dfc1eae5dbb6f5b854
8d282fc0191c985fd3c0ae278d72b04af3207db65d6f4c29456f66208547146a
8f84cb042a33a45ab4ee5dd8fd8da402d35cff0d4c1eb495758ac6d03fad6b50
9340d87c34242fcdb94e64065889ff79defb926822e590595f52cc267d901af7
98050700dce4234516145046ad18cba178e8f333252bfceb045f8f5050c3948a
9906c722a720b03a10121a8990176995913d81f740ac33a4719427f3dad841c6
99bbd6bfa0e132859e6ab81f4b01accfcf08a1b82c5e7ad564418624499ff4f0
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a239bc9f1b73d5b12b43eca1eee2cff17da7313edf56167ba7a60591c4766979
a3627d40293dd7a420bd5c20ba083ee6dcbcde69a1952f572ceab66875d68111
a41ebb1e0f969e09468fdd1d31d6ed597d399c8eb8aa6cd27bc35f33d52958ab
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
aae5e4ce9c903b8e8dc3e12a0be2af3956e33890b9590333b8393b66a53b3d67
ac4deb2af55b485e28e0f505602acc8a023a9d63b59f1411e53c2766726691bc
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b292bb9affbbc84773d08063ccd376feae27d6224e070a70956379887e68c3e3
b5ab81cca0a06b1a0258768290467efd2f103f4686dce505173ee3ac1a0f91ee
b5b0d6894243af050eabab64d8cfc2fbaa316131a735bd8c76b90b431b8bbd3a
b700c6711443565bf48b8663f564d1a97015445630db35a0f999bb8c69915e7a
bd5191390b2b19481841cba2e1f3ae7043f36fe806c50073d41c736b0df4cc3b
bff6afe3420daaa62c262234bf0bebc1d0eb5f01fff092108db776b6b9588724
c6f5e277ff476132b5b7000dd672d427dfbb12ca963919b243e3e8c5ba71ec74
c9191540d271d74e4ef8f3361ced31652f010ed254634a48d799f658eb1cf1c6
cbde8eb38070b14ce47000e9dcd27298f750a88b914c242b16a144366c35881c
ce0fc03ff2105ee9d41a0ec70c47d3a82582272a7d56f3ebc0c4cf69345636b9
ce66c9faa9bd77c99127d2c04687394bd35d4dc4a6497b619093d003800ef66c
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d3119493f034e85b8a75b2b06bf12a7f7eca776520a244be3cc3aa4bc17efc6b
d58c6d27149e384320edbeea497ac9b33ed095cfdaf27b3642c6447e305c88c5
d678c186288e906d476a4b855582c1e0a79a94d87ba3442f226eb9e1549f4244
d6ea606e2fc42b9b84dcec8c9caba9ea3b02b60a38cdac0a211aa9dcdf884ac9
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d7d71c4c0e2dc71209605e004b9ace3aebee47b749c01eaaa09b62b83dd89a6b
d8ed21486379d87d3450859336ade92a2bc7dc9842b5ff4deb0f768dd0f2971a
daab4a16cf14de6fa4654845903efaf7767f3fc113d73ea3d15b7f6d875c1131
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
de23bd96bc43612257043619423fbd28e4a5cf0338c9d9c1fa539b6203f80194
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de71df8a18f7b460d17218f49a27dccc142ecd2e473d1bf172600cecac68eaf4
e2c13b090b79be4fef6c925a63197f96651077e034358e94f4c11f787cb50229
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e9bba1c92311dd2082d6c197bbbd767e49638355aa52b32cd0ae1bffb2250899
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f347e416e8204d4238effb7b0238e81a3319bbdbfdaca508519b370c7fed831c
f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f703de820b317cb15132c6e51533b9ee1d60d2960657544366e4a7c433e1c391
f7eae4cd08288124d7e9e2a2ce477b449f52794b9dbc56af513d3360bf3134a5
f8f0ca1f2a8f8dbc4a65fa970e73e063d3c69e9f8178c219d81d5ff3e58f902f
fa8831fbc7c469397e279f966ea71693f73cf85ae44ca7a562a9f74d6057118b
fafddbac55547c68e37c123031c2a321c198a34d5076d5f63ec8e04fb8ec88d4

trailwalker.oxfam.org.au Open in urlscan Pro 213.188.193.176 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

199 Requests

97 %HTTPS

0 %IPv6

31 Domains

44 Subdomains

42 IPs

4 Countries

4411 kBTransfer

14300 kBSize

25 Cookies

11 Outgoing links

Redirected requests

199 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

trailwalker.oxfam.org.au Open in urlscan Pro
213.188.193.176 Public Scan

Screenshot
Live screenshot

Full Image

199
Requests

97 %
HTTPS

0 %
IPv6

31
Domains

44
Subdomains

42
IPs

4
Countries

4411 kB
Transfer

14300 kB
Size

25
Cookies

199 HTTP transactions
0 data transactions