carryforward.woundedwarriorproject.org Open in urlscan Pro
2606:4700::6812:195c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Submission: On August 19 via manual (August 19th 2021, 10:08:47 am UTC) from US

Summary HTTP 122 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 54 IPs in 5 countries across 46 domains to perform 122 HTTP transactions. The main IP is 2606:4700::6812:195c, located in United States and belongs to CLOUDFLARENET, US. The main domain is carryforward.woundedwarriorproject.org.
TLS certificate: Issued by Thawte TLS RSA CA G1 on November 7th 2019. Valid for: 2 years.

This is the only time carryforward.woundedwarriorproject.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700::68... 2606:4700::6812:195c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2606:4700::68... 2606:4700::6812:dfe4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1 3	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2190:3e00:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	199.127.207.184 199.127.207.184	26120 (RHYTHMONE) (RHYTHMONE)
6	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:9000:20e... 2600:9000:20eb:3e00:4:d371:a680:93a1	16509 (AMAZON-02) (AMAZON-02)
2	13.224.96.84 13.224.96.84	16509 (AMAZON-02) (AMAZON-02)
1	13.224.96.91 13.224.96.91	16509 (AMAZON-02) (AMAZON-02)
1 3	2a02:26f0:6c0... 2a02:26f0:6c00::210:baab	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5 5	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.28.242.97 52.28.242.97	16509 (AMAZON-02) (AMAZON-02)
2 2	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
2	2600:9000:215... 2600:9000:2156:5a00:4:eb35:4040:93a1	16509 (AMAZON-02) (AMAZON-02)
5	44.193.181.128 44.193.181.128	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.213.68.56 52.213.68.56	16509 (AMAZON-02) (AMAZON-02)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
5	2606:4700::68... 2606:4700::6810:4ea5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	20.40.202.0 20.40.202.0	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.224.96.63 13.224.96.63	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	13.224.96.92 13.224.96.92	16509 (AMAZON-02) (AMAZON-02)
2	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
2 2	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1 4	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1	185.33.221.89 185.33.221.89	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	54.171.163.246 54.171.163.246	16509 (AMAZON-02) (AMAZON-02)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2600:1f18:612... 2600:1f18:612b:4264:a698:31e8:5977:4024	14618 (AMAZON-AES) (AMAZON-AES)
1	18.158.92.16 18.158.92.16	16509 (AMAZON-02) (AMAZON-02)
1	52.210.205.137 52.210.205.137	16509 (AMAZON-02) (AMAZON-02)
1 2	18.184.94.176 18.184.94.176	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.125.192.222 3.125.192.222	16509 (AMAZON-02) (AMAZON-02)
1 1	13.224.96.41 13.224.96.41	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	34.239.62.161 34.239.62.161	14618 (AMAZON-AES) (AMAZON-AES)
122	54

2 2606:4700::6812:195c (United States)

ASN13335 (CLOUDFLARENET, US)

carryforward.woundedwarriorproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700::6812:dfe4 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.donordrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

6871501.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:3e00:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.207.184 (United States)

ASN26120 (RHYTHMONE, US)

rs.gwallet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:3e00:4:d371:a680:93a1 (United States)

ASN16509 (AMAZON-02, US)

widget.instabot.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.96.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-84.zrh50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-91.zrh50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00::210:baab (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.221.11 (Amsterdam, Netherlands) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.242.97 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-242-97.eu-central-1.compute.amazonaws.com

pixel.mediaiqdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f102.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)

20801397p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:5a00:4:eb35:4040:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.instabot.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 44.193.181.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-181-128.compute-1.amazonaws.com

widgetapi.instabot.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.68.56 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-68-56.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:4ea5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.40.202.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lightboxapi.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-63.zrh50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-92.zrh50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.89 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.163.246 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-163-246.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:a698:31e8:5977:4024 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.92.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-92-16.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.205.137 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-205-137.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.94.176 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-94-176.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.192.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-192-222.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.41 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-41.zrh50.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.239.62.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-62-161.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	donordrive.com assets.donordrive.com	685 KB
10	doubleclick.net 5 redirects stats.g.doubleclick.net 6871501.fls.doubleclick.net ad.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	4 KB
9	instabot.io widget.instabot.io static.instabot.io widgetapi.instabot.io	397 KB
6	adnxs.com 5 redirects secure.adnxs.com ib.adnxs.com	6 KB
6	mathtag.com pixel.mathtag.com	5 KB
5	lightboxcdn.com www.lightboxcdn.com	140 KB
5	rfihub.com 1 redirects 20801397p.rfihub.com a.rfihub.com p.rfihub.com	8 KB
5	facebook.com www.facebook.com	355 B
5	google.com 1 redirects adservice.google.com www.google.com fcmatch.google.com	1 KB
5	facebook.net connect.facebook.net	238 KB
4	adroll.com 1 redirects s.adroll.com d.adroll.com	18 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	62 KB
3	youtube.com www.youtube.com fcmatch.youtube.com	44 KB
3	bing.com bat.bing.com	9 KB
3	gstatic.com fonts.gstatic.com	58 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	604 B
2	bidswitch.net 1 redirects x.bidswitch.net	857 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	rlcdn.com 1 redirects idsync.rlcdn.com	772 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	demdex.net 1 redirects dpm.demdex.net	2 KB
2	snapchat.com tr.snapchat.com	277 B
2	google.de www.google.de	127 B
2	sc-static.net sc-static.net	15 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	31 KB
2	woundedwarriorproject.org carryforward.woundedwarriorproject.org	19 KB
1	rtactivate.com bpi.rtactivate.com	109 B
1	rezync.com 1 redirects live.rezync.com	789 B
1	serving-sys.com bs.serving-sys.com	105 B
1	media.net contextual.media.net	696 B
1	krxd.net beacon.krxd.net	337 B
1	agkn.com aa.agkn.com	238 B
1	tremorhub.com partners.tremorhub.com	183 B
1	addthis.com x.dlx.addthis.com	191 B
1	yahoo.com ads.yahoo.com	445 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	bluekai.com 1 redirects stags.bluekai.com	811 B
1	azurewebsites.net lightboxapi.azurewebsites.net	775 B
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	137 B
1	mediaiqdigital.com pixel.mediaiqdigital.com	500 B
1	gwallet.com rs.gwallet.com	385 B
1	rfihub.net c1.rfihub.net	6 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	googletagmanager.com www.googletagmanager.com	76 KB
122	46

	Domain	Requested by
27	assets.donordrive.com	carryforward.woundedwarriorproject.org assets.donordrive.com
6	pixel.mathtag.com	www.googletagmanager.com pixel.mathtag.com carryforward.woundedwarriorproject.org
5	www.lightboxcdn.com	carryforward.woundedwarriorproject.org www.lightboxcdn.com
5	widgetapi.instabot.io	widget.instabot.io
5	www.facebook.com	connect.facebook.net carryforward.woundedwarriorproject.org
5	secure.adnxs.com	5 redirects
5	connect.facebook.net	ajax.googleapis.com connect.facebook.net carryforward.woundedwarriorproject.org
3	p.rfihub.com	1 redirects
3	s.adroll.com	1 redirects carryforward.woundedwarriorproject.org
3	bat.bing.com	www.googletagmanager.com bat.bing.com carryforward.woundedwarriorproject.org
3	6871501.fls.doubleclick.net	1 redirects www.googletagmanager.com carryforward.woundedwarriorproject.org
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	carryforward.woundedwarriorproject.org www.google-analytics.com
2	sync-tm.everesttech.net	2 redirects
2	x.bidswitch.net	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	idsync.rlcdn.com	1 redirects carryforward.woundedwarriorproject.org
2	dsum-sec.casalemedia.com	1 redirects
2	dpm.demdex.net	1 redirects
2	cm.g.doubleclick.net	2 redirects
2	tr.snapchat.com	carryforward.woundedwarriorproject.org
2	platform.twitter.com	ajax.googleapis.com platform.twitter.com
2	static.instabot.io	widget.instabot.io
2	www.google.de	carryforward.woundedwarriorproject.org
2	www.google.com	carryforward.woundedwarriorproject.org
2	adservice.google.com	carryforward.woundedwarriorproject.org 6871501.fls.doubleclick.net
2	ad.doubleclick.net	2 redirects
2	sc-static.net	carryforward.woundedwarriorproject.org sc-static.net
2	widget.instabot.io	carryforward.woundedwarriorproject.org widget.instabot.io
2	www.youtube.com	carryforward.woundedwarriorproject.org www.youtube.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	carryforward.woundedwarriorproject.org	carryforward.woundedwarriorproject.org
1	bpi.rtactivate.com	carryforward.woundedwarriorproject.org
1	fcmatch.youtube.com
1	fcmatch.google.com	1 redirects
1	live.rezync.com	1 redirects
1	bs.serving-sys.com	carryforward.woundedwarriorproject.org
1	contextual.media.net	carryforward.woundedwarriorproject.org
1	beacon.krxd.net	carryforward.woundedwarriorproject.org
1	aa.agkn.com	carryforward.woundedwarriorproject.org
1	partners.tremorhub.com	carryforward.woundedwarriorproject.org
1	x.dlx.addthis.com	carryforward.woundedwarriorproject.org
1	ads.yahoo.com	carryforward.woundedwarriorproject.org
1	pixel.rubiconproject.com	carryforward.woundedwarriorproject.org
1	stags.bluekai.com	1 redirects
1	ib.adnxs.com	carryforward.woundedwarriorproject.org
1	a.rfihub.com
1	vars.hotjar.com	static.hotjar.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	script.hotjar.com	static.hotjar.com
1	lightboxapi.azurewebsites.net	www.lightboxcdn.com
1	syndication.twitter.com	platform.twitter.com
1	d.adroll.com	carryforward.woundedwarriorproject.org
1	d.adroll.mgr.consensu.org	1 redirects
1	20801397p.rfihub.com	c1.rfihub.net
1	pixel.mediaiqdigital.com	carryforward.woundedwarriorproject.org
1	static.hotjar.com	carryforward.woundedwarriorproject.org
1	rs.gwallet.com	carryforward.woundedwarriorproject.org
1	c1.rfihub.net	carryforward.woundedwarriorproject.org
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	carryforward.woundedwarriorproject.org
1	fonts.googleapis.com	carryforward.woundedwarriorproject.org
1	ajax.googleapis.com	carryforward.woundedwarriorproject.org
122	63

This site contains links to these domains. Also see Links.

Domain
www.woundedwarriorproject.org
assets.donordrive.com
www.facebook.com
pub.s7.exacttarget.com
image.s7.sfmc-content.com
www.youtube.com
twitter.com
www.linkedin.com
www.instagram.com
www.donordrive.com
www.guidestar.org
www.give.org
www.charitynavigator.org

Subject Issuer	Validity	Valid
*.woundedwarriorproject.org Thawte TLS RSA CA G1	`2019-11-07` - `2021-11-06`	2 years	crt.sh
*.donordrive.com Thawte TLS RSA CA G1	`2020-02-05` - `2022-03-06`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-07-06` - `2022-01-06`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.rfihub.net Sectigo RSA Domain Validation Secure Server CA	`2021-02-10` - `2022-02-10`	a year	crt.sh
*.gwallet.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-27` - `2022-08-27`	a year	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.instabot.io Amazon	`2021-06-30` - `2022-07-29`	a year	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2021-02-11` - `2022-02-15`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
adroll.com R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh
*.mediaiqdigital.com Amazon	`2021-04-12` - `2022-05-11`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2022-06-18`	2 years	crt.sh
adroll.mgr.consensu.org Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
ssl1029400.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-06` - `2022-06-30`	a year	crt.sh
*.azurewebsites.net Microsoft RSA TLS CA 02	`2021-07-07` - `2022-07-07`	a year	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-01-23`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-16` - `2021-10-06`	2 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
bs.serving-sys.com Amazon	`2021-05-10` - `2022-06-08`	a year	crt.sh
rtactivate.com Amazon	`2021-05-13` - `2022-06-11`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Frame ID: B1DCA21BAE6DA05B6E831259EA06CEC8
Requests: 86 HTTP requests in this frame

Frame: https://6871501.fls.doubleclick.net/activityi;dc_pre=CLCq09zrvPICFYr_UQodycwIBA;src=6871501;type=wwp;cat=carry0;ord=9414320716321;gtm=2wg8g0;auiddc=837213777.1629367708;ps=1;~oref=https%3A%2F%2Fcarryforward.woundedwarriorproject.org%2Findex.cfm%3Ffuseaction%3Dcms.page%26id%3D1021
Frame ID: CC1E496C2551575EDFF35B5C19058F83
Requests: 2 HTTP requests in this frame

Frame: https://rs.gwallet.com/r1/pixel/x51181r752159779
Frame ID: 1A0FEFF92D25D5A54879F5AEDE644634
Requests: 1 HTTP requests in this frame

Frame: https://20801397p.rfihub.com/ca.html?ver=9&rb=28347&ca=20801397&_o=28347&_t=20801397&pe=https%3A%2F%2Fcarryforward.woundedwarriorproject.org%2Findex.cfm%3Ffuseaction%3Dcms.page%26id%3D1021&pf=&ra=1317692458410069
Frame ID: 9B8CD9A3C9B7553C8314002BD5DC8EBB
Requests: 20 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fcarryforward.woundedwarriorproject.org
Frame ID: D8C9AC165CBA5EF4F4FED283B976CBD1
Requests: 2 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/b01dd994-81c9-4db1-8953-bc334fa249ea/lightbox.js?mb=1629367709378&lv=1
Frame ID: 28F7A8437152EFBE299CA45C74083B90
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 9BA3EF56AB0D73534F9F043DBBC1ADA5
Requests: 1 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=581e611e-2d9e-4100-b66d-15b4fba74497&no_iframe=1&mt_adid=210975&source=mathtag
Frame ID: 8A14F9C0ED9D6629F27D72B7ACFE4918
Requests: 3 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=9b86f21c-5652-4a91-ad8e-dd438f02be91
Frame ID: 47BE44D6B60EEF69AE3AA2BE5440550D
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 4137D03BC8869A4A0CEBD59D004B2686
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Carry Forward FAQs | Questions about Wounded Warrior Project 5K

Detected technologies

CFML (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.cfm(?:$|\?)/i

Adobe ColdFusion (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.cfm(?:$|\?)/i

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:a|s)\.adroll\.com/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Lightbox (JavaScript Libraries) Expand

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /(?:\/([\d.]+))?\/slick(?:\.min)?\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /(?:\/([\d.]+))?\/slick(?:\.min)?\.js/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

122
Requests

100 %
HTTPS

43 %
IPv6

46
Domains

63
Subdomains

54
IPs

5
Countries

1988 kB
Transfer

5640 kB
Size

29
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: http://www.woundedwarriorproject.org/mission/financials
Title: here

Search URL Search Domain Scan URL

URL: https://www.woundedwarriorproject.org/
Title: Click here

Search URL Search Domain Scan URL

URL: https://assets.donordrive.com/carryforward/files/$cms$/100/2033.pdf
Title: “Offline Donation Form”

Search URL Search Domain Scan URL

URL: https://assets.donordrive.com/carryforward/files/$cms$/100/1911.pdf
Title: offline donation form

Search URL Search Domain Scan URL

URL: https://www.facebook.com/wwpcarryforward/
Title: Carry Forward

Search URL Search Domain Scan URL

URL: https://pub.s7.exacttarget.com/zwthzlju1f4
Title: Click here

Search URL Search Domain Scan URL

URL: https://image.s7.sfmc-content.com/lib/fe94137377640d7874/m/1/d0a51f30-0909-41b2-9406-0b6ae10d2a70.pdf
Title: Volunteer Waiver

Search URL Search Domain Scan URL

URL: https://assets.donordrive.com/carryforward/files/$cms$/100/2050.pdf
Title: planning committee

Search URL Search Domain Scan URL

URL: https://assets.donordrive.com/carryforward/files/$cms$/100/1857.pdf
Title: Read more

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/virtualcarryforward/
Title: Virtual Carry Forward Facebook page

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/WoundedWarriorProjec

Search URL Search Domain Scan URL

URL: https://twitter.com/wwp

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/wounded-warrior-project

Search URL Search Domain Scan URL

URL: https://www.instagram.com/wwpcarryforward/
Title:

Search URL Search Domain Scan URL

URL: https://www.woundedwarriorproject.org/media/1649/wwp-website-privacy-policy.pdf
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.woundedwarriorproject.org/media/183133/carry-forward-participation-and-release.pdf
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.woundedwarriorproject.org/state-notices
Title: State Notices

Search URL Search Domain Scan URL

URL: http://www.donordrive.com/
Title: Powered by

Search URL Search Domain Scan URL

URL: https://www.guidestar.org/profile/20-2370934
Title:

Search URL Search Domain Scan URL

URL: http://www.give.org/charity-reviews/national/veterans-and-military/wounded-warrior-project-in-jacksonville-fl-3806
Title:

Search URL Search Domain Scan URL

URL: https://www.charitynavigator.org/index.cfm?bay=search.summary&orgid=12842
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://6871501.fls.doubleclick.net/activityi;src=6871501;type=wwp;cat=carry0;ord=9414320716321;gtm=2wg8g0;auiddc=837213777.1629367708;ps=1;~oref=https%3A%2F%2Fcarryforward.woundedwarriorproject.org%2Findex.cfm%3Ffuseaction%3Dcms.page%26id%3D1021 HTTP 302
https://6871501.fls.doubleclick.net/activityi;dc_pre=CLCq09zrvPICFYr_UQodycwIBA;src=6871501;type=wwp;cat=carry0;ord=9414320716321;gtm=2wg8g0;auiddc=837213777.1629367708;ps=1;~oref=https%3A%2F%2Fcarryforward.woundedwarriorproject.org%2Findex.cfm%3Ffuseaction%3Dcms.page%26id%3D1021

Request Chain 52

https://secure.adnxs.com/px?id=990172&seg=12573244&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3Fu3%3D%26u4%3D%26pixel_id%3D990172%26uid%3D%24UID&t=2&gtmcb=1545414096 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D990172%26seg%3D12573244%26redir%3Dhttps%253A%252F%252Fsecure.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fpixel.mediaiqdigital.com%252Fpixel%253Fu3%253D%2526u4%253D%2526pixel_id%253D990172%2526uid%253D%2524UID%26t%3D2%26gtmcb%3D1545414096 HTTP 302
https://secure.adnxs.com/getuid?https://pixel.mediaiqdigital.com/pixel?u3=&u4=&pixel_id=990172&uid=$UID HTTP 302
https://pixel.mediaiqdigital.com/pixel?u3=&u4=&pixel_id=990172&uid=1936169914872536063

Request Chain 54

https://secure.adnxs.com/px?id=1009411&seg=13738727&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1009411%26seg%3D13738727%26t%3D2 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=6164705;type=invmedia;cat=rrjkso5b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=6164705;dc_pre=CJ_W4NzrvPICFWYCogMd0wMBlg;type=invmedia;cat=rrjkso5b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=6164705;dc_pre=CJ_W4NzrvPICFWYCogMd0wMBlg;type=invmedia;cat=rrjkso5b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 67

https://s.adroll.com/j/exp/QJ53RBJ53NFGZG743KAKA6/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 68

https://d.adroll.mgr.consensu.org/consent/iabcheck/QJ53RBJ53NFGZG743KAKA6?_s=15f77d889523f60c378711ab12719260&_b=2 HTTP 302
https://d.adroll.com/consent/check/QJ53RBJ53NFGZG743KAKA6/?_s=15f77d889523f60c378711ab12719260&_b=2

Request Chain 96

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTg3MTg3ODk3MjQ3MDg2NDUyMw==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESENmGed89-rYR5tTXzM9rjI0&google_cver=1

Request Chain 98

https://stags.bluekai.com/site/4722?id=1871878972470864523&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D HTTP 302
https://p.rfihub.com/cm?bk_uuid=nsYSBy9999e%2Bwh8C&forward=

Request Chain 100

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1871878972470864523&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1871878972470864523&redir=

Request Chain 101

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1871878972470864523&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1871878972470864523&forward=&C=1

Request Chain 105

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1871878972470864523&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1871878972470864523&img=1&__user_check__=1&sync_id=682c97e2-00d5-11ec-b3ed-1afcdea00406

Request Chain 109

https://x.bidswitch.net/sync?dsp_id=119&user_id=1871878972470864523&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1871878972470864523&expires=30

Request Chain 110

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YR4tnwADniaTogBg HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=YR4tnwADniaTogBg&_test=YR4tnwADniaTogBg

Request Chain 113

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1871878972470864523&referrer=https%3A%2F%2Fcarryforward.woundedwarriorproject.org%2Findex.cfm%3Ffuseaction%3Dcms.page%26id%3D1021 HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=a0a68762-60fa-4985-bfa1-fe86b2167803%3A1629367712.01&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da0a68762-60fa-4985-bfa1-fe86b2167803%253A1629367712.01 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=a0a68762-60fa-4985-bfa1-fe86b2167803%3A1629367712.01 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwRS1lSFJBTFc1NXpRNkZnNGVmYzJzVDdISDZHMTM5TzJwOHJhYW9HWW9iOA==&google_cm HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDoomg7PbPtdSSfRkykNOKTIEhmX5Rb_xrfXnRgYE4hIjAy6Jd30PcaTla8UK4pXsRJdsymapWAzGn9Kykk7yVnCASmYo-VCPqWXXsmoiERiT4i8qvmQ7FN2MEgNjynf0H5dE5pK7lA1Ck7jKGAhkFu9kz54n9w HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoomg7PbPtdSSfRkykNOKTIEhmX5Rb_xrfXnRgYE4hIjAy6Jd30PcaTla8UK4pXsRJdsymapWAzGn9Kykk7yVnCASmYo-VCPqWXXsmoiERiT4i8qvmQ7FN2MEgNjynf0H5dE5pK7lA1Ck7jKGAhkFu9kz54n9w

122 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request index.cfm Show response
carryforward.woundedwarriorproject.org/ 67 KB
18 KB 692ms
621ms Document
text/html 2606:4700::6812:195c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:195c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd625905ebe39a6a3782624374ecc59b75d68d40c0d2eea5dbfc83c1d2fdf029

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

:method: GET
:authority: carryforward.woundedwarriorproject.org
:scheme: https
:path: /index.cfm?fuseaction=cms.page&id=1021
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:27 GMT
content-type: text/html;charset=UTF-8
set-cookie: AWSALB=2WOvxZ0G53o7V1Cbmg3soyGf+1QbeEXouLu9D1bCCOHRdfggtKqCudebnNOGwYB23YqjmGB+CL3jt52y8pZpZr1GdYJZQkFvgxrCmuiPlySKZEoXWtArxqjE1aRs; Expires=Thu, 26 Aug 2021 10:08:27 GMT; Path=/ AWSALBCORS=2WOvxZ0G53o7V1Cbmg3soyGf+1QbeEXouLu9D1bCCOHRdfggtKqCudebnNOGwYB23YqjmGB+CL3jt52y8pZpZr1GdYJZQkFvgxrCmuiPlySKZEoXWtArxqjE1aRs; Expires=Thu, 26 Aug 2021 10:08:27 GMT; Path=/; SameSite=None; Secure CFID=502375; Path=/; Secure; HttpOnly CFTOKEN=dc66a4a39677e791-AAD55617-C6AF-DAC5-B2A6EC154454B0FC; Path=/; Secure; HttpOnly PUBLICAPPLANGUAGE=DEFAULT%3Ben%5FUS; Path=/ COOKIETEST=1; Path=/ __cf_bm=b9d3e0cc92c69cba5700d7c182f0ce2a0e12fc3f-1629367707-1800-AbvY5U1CWsmgAMEWJbyw2daoSnB2w2psRyc/CMA5vX0aR3IGvYTY9do35mIN90TjOOrGct7mMzx/4pmICbp0KCs=; path=/; expires=Thu, 19-Aug-21 10:38:27 GMT; domain=.woundedwarriorproject.org; HttpOnly; Secure; SameSite=None __cfruid=db8529e052eca4e90c177991b83968fc692bec2f-1629367707; path=/; domain=.woundedwarriorproject.org; HttpOnly; Secure; SameSite=None
content-language: en-US
vary: Accept-Encoding
x-frame-options: sameorigin
x-ua-compatible: IE=Edge
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 681294a7d8f72b1e-FRA
content-encoding: gzip

GET
H2 200 dd-public.css
assets.donordrive.com/resources/css/ 166 KB
29 KB 75ms
23ms Stylesheet
text/css 2606:4700::6812:dfe4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.donordrive.com/resources/css/dd-public.css?v=202108171130
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:dfe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6567eb4bfeb13f49885b4b1cd141fd55488b23396ba4917cd5ddce71367318ec

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:27 GMT
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 4647
cf-polished: origSize=214267
cf-ray: 681294ac0bd34e14-FRA
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
cf-bgj: minify
content-encoding: gzip
last-modified: Thu, 22 Jul 2021 13:32:31 GMT
server: cloudflare
etag: W/"3dcaf39f7ff9106d52a47566eb831723"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: bZDlOKc.wgmxY2THYBb3iosEPeI1WHTK
cache-control: public, max-age=14400
x-amz-cf-pop: FRA50-C1
content-type: text/css
x-amz-cf-id: NE9IhiGVKU6lRSAOsMxHVk4I2-LZbNue3q7YMc6cm9cSzHmXeU7f8Q==
expires: Thu, 19 Aug 2021 14:08:27 GMT

GET
H2 200 master.min.css
assets.donordrive.com/themes/boilerplate/css/ 12 KB
3 KB 73ms
21ms Stylesheet
text/css 2606:4700::6812:dfe4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.donordrive.com/themes/boilerplate/css/master.min.css?v=202108171130
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:dfe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa639fe6dbace4f02125808361febc2e69fff35d7a2d1b44b45f2070a032eb9d

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:27 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2931
x-cache: Miss from cloudfront
content-type: text/css
x-amz-replication-status: COMPLETED
last-modified: Wed, 11 Nov 2020 14:25:36 GMT
server: cloudflare
etag: W/"00bbd9d7105a2b078168b35faab0bed7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: yy9cHVGOdYHZdzJi7VHdnkbZ0pCYmPcm
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
cache-control: public, max-age=14400
x-amz-cf-pop: FRA2-C1
cf-ray: 681294ac0bd64e14-FRA
x-amz-cf-id: pKMifkMAQhbCBnVZFA6V7rFsieCcv_D02BD3_n9xxW28LzHG_THUlw==
expires: Thu, 19 Aug 2021 14:08:27 GMT

GET
H2 200 master.min.css
assets.donordrive.com/themes/carryforward/css/ 91 KB
15 KB 504ms
452ms Stylesheet
text/css 2606:4700::6812:dfe4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.donordrive.com/themes/carryforward/css/master.min.css?v=202108171130
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:dfe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66a1021ccf3d1d6623857492cf66ebf0ca2b40fba3fea582793bef9ed058bb75

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:27 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: text/css
x-amz-replication-status: COMPLETED
last-modified: Mon, 09 Aug 2021 18:30:34 GMT
server: cloudflare
etag: W/"33a73627fe7167ec72450f034bc96eb7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: cuvL3IluPhibqrVEAJ2nxilveIhzMdFD
via: 1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront)
cache-control: public, max-age=14400
cf-ray: 681294ac0bda4e14-FRA
x-amz-cf-id: KKAPo1NdNm-U8GCSEgqu4k18pc63wR7S0zbkjwA2d3Jy7GYe7xeivQ==
expires: Thu, 19 Aug 2021 14:08:27 GMT

GET
H2 200 design-system.css
assets.donordrive.com/themes/_design-system/public/css/ 342 KB
29 KB 86ms
34ms Stylesheet
text/css 2606:4700::6812:dfe4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.donordrive.com/themes/_design-system/public/css/design-system.css?v=202108171130
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:dfe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92de949a4c5c2259633274889620ab64bf9b333fce2666791bfb76a2ad01bdfd

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:27 GMT
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 4647
cf-polished: origSize=468947
cf-ray: 681294ac0bdb4e14-FRA
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
cf-bgj: minify
content-encoding: gzip
last-modified: Thu, 22 Jul 2021 13:33:10 GMT
server: cloudflare
etag: W/"af9f512cd23113c3ba5fd3c48a722bd7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: g3RlXwE4uSTFqpTn5yTP9cnbSXuqU2po
cache-control: public, max-age=14400
x-amz-cf-pop: FRA50-C1
content-type: text/css
x-amz-cf-id: J-YoZ4LFOBIHo_zzQVsyy9glMLCfMIf1rF1AKtjrRL8CsQbCGW17Qg==
expires: Thu, 19 Aug 2021 14:08:27 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 33ms
6ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 08:41:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Aug 2022 08:41:21 GMT

GET
H2 200 jquery-migrate-3.0.1.min.js Show response
assets.donordrive.com/resources/js/ 11 KB
4 KB 502ms
451ms Script
application/javascript 2606:4700::6812:dfe4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.donordrive.com/resources/js/jquery-migrate-3.0.1.min.js?v=202108171130
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:dfe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3e5606a0a254e0c87a339d40975fff730cff57442ccd98580ac5cd37f412678

Request headers

Origin: https://carryforward.woundedwarriorproject.org
Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:27 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA53-C1
cf-ray: 681294ac0e7e4e07-FRA
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 11 Nov 2020 14:24:30 GMT
server: cloudflare
etag: W/"a738b025728b6c0fd70db0a0330e31b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: _O42n5McGDQJ555UWGMHKxn4N9GBvI1O
via: 1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
cache-control: public, max-age=14400
content-type: application/javascript
x-amz-cf-id: eRtX4Z--xXhhHTPAqL_h1_WGsA6-DpJUbnD4A9lL_YNnFr8V8-jGZQ==
expires: Thu, 19 Aug 2021 14:08:27 GMT

GET
H2 200 dd.min.js Show response
assets.donordrive.com/resources/js/ 96 KB
27 KB 494ms
444ms Script
application/javascript 2606:4700::6812:dfe4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.donordrive.com/resources/js/dd.min.js?v=202108171130
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:dfe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efaa82490f1e59a161aac3b05e2b626ad2f24d87e803d61b0044d368272eca15

Request headers

Origin: https://carryforward.woundedwarriorproject.org
Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:27 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA53-C1
cf-ray: 681294ac0e804e07-FRA
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 17 Dec 2020 15:13:47 GMT
server: cloudflare
etag: W/"4b23fa569fdacc608259e5cfc5cfbddc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: BU4myvASRw31T3h_tMMlwjCxHHnT0dOk
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
cache-control: public, max-age=14400
content-type: application/javascript
x-amz-cf-id: qs95Z2x1DSfyP45X7tXgw-cyHnY-_Dd9O__BnN6p2P3GnPz-RJtxcA==
expires: Thu, 19 Aug 2021 14:08:27 GMT

GET
H2 200 donordrive.widget.js Show response
assets.donordrive.com/resources/js/ 4 KB
2 KB 507ms
457ms Script
application/javascript 2606:4700::6812:dfe4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.donordrive.com/resources/js/donordrive.widget.js?v=202108171130
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:dfe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 475ee56bae90219803383818328726c434688fc75cb33a2276b3d98991124d2e

Request headers

Origin: https://carryforward.woundedwarriorproject.org
Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:27 GMT
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA53-C1
cf-polished: origSize=6056
cf-ray: 681294ac0e834e07-FRA
x-cache: Miss from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: gzip
last-modified: Wed, 11 Nov 2020 14:24:30 GMT
server: cloudflare
etag: W/"b5129b109b89171b41716689e6363231"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
x-amz-version-id: TbfYgoJw1hd6D..tr_xCOKAOgicvAwI8
access-control-allow-origin: *
expires: Thu, 19 Aug 2021 14:08:27 GMT
cache-control: public, max-age=14400
content-type: application/javascript
x-amz-cf-id: PmVUnlrSaS9MJTzJifomLHIYwjhRryFVTRZQ9decINpda-xHF4gi1w==
cf-bgj: minify

GET
H2 200 donordrive.api.js Show response
assets.donordrive.com/resources/js/ 7 KB
2 KB 496ms
445ms Script
application/javascript 2606:4700::6812:dfe4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.donordrive.com/resources/js/donordrive.api.js?v=202108171130
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:dfe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f28dcb1854b42b84b97f1032498d4b2f6596065c828952d5e9f53518c50a786

Request headers

Origin: https://carryforward.woundedwarriorproject.org
Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:27 GMT
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA53-C1
cf-polished: origSize=9534
cf-ray: 681294ac0e864e07-FRA
x-cache: Miss from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: gzip
last-modified: Thu, 17 Jun 2021 13:16:53 GMT
server: cloudflare
etag: W/"49a24656c62519f5f6a8908813ee9987"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
x-amz-version-id: 4Uc_OnoFl3CzuJw685d9eHTH5njetkAc
access-control-allow-origin: *
expires: Thu, 19 Aug 2021 14:08:27 GMT
cache-control: public, max-age=14400
content-type: application/javascript
x-amz-cf-id: rX3Lk5rqZJx7pA8PK0VEk7VtmdKW8PhVcY1Qadt_D__W3h9xk2NL-Q==
cf-bgj: minify

GET
H3-29 200 css
fonts.googleapis.com/ 8 KB
806 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,700|Roboto+Slab:700|Zilla+Slab:700

Requested by

Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1857c29af57acb9fd4981203cff9022305cb439c626da3e27e05422568296321

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 10:08:27 GMT
server: ESF
date: Thu, 19 Aug 2021 10:08:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Aug 2021 10:08:27 GMT

GET
H2 200 slick.min.js Show response
assets.donordrive.com/themes/resources/js/ 41 KB
11 KB 487ms
436ms Script
application/javascript 2606:4700::6812:dfe4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.donordrive.com/themes/resources/js/slick.min.js?v=202108171130
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:dfe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bd085ae9683aaf57ae67bb6bd1f645359b5a1150b548e79ee0c7be68a2e3a23

Request headers

Origin: https://carryforward.woundedwarriorproject.org
Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:27 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA53-C1
cf-ray: 681294ac0e854e07-FRA
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 11 Nov 2020 14:26:44 GMT
server: cloudflare
etag: W/"94d3404fc64c643c15990b74aa45dc4d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: PuVw7dnnRY5Ylk0H7mIhm7Fp3L5o7RnG
via: 1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront)
cache-control: public, max-age=14400
content-type: application/javascript
x-amz-cf-id: u9Q9hUSoxDlKRkV3ee2rpIePMBaeqWFIQ4Z9ln-_k5eTPgirKdjC5w==
expires: Thu, 19 Aug 2021 14:08:27 GMT

GET
H2 200 Logo.png
assets.donordrive.com/themes/carryforward/img/ 9 KB
9 KB 475ms
470ms Image
image/webp 2606:4700::6812:dfe4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.donordrive.com/themes/carryforward/img/Logo.png?v=202108171130
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:dfe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ec8f243f173a1bc2cac32f159d0dabd229ada6e6e4b15f1649b7f00f2440c1f

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:28 GMT
via: 1.1 d01ad8df731d3f120823f9e20df55147.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA53-C1
cf-polished: origFmt=png, origSize=10667
cf-ray: 681294af1bdf4e14-FRA
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="Logo.webp"
content-length: 9170
last-modified: Wed, 11 Nov 2020 14:25:38 GMT
server: cloudflare
etag: "6d28f97da200340cb3b714f7be74814c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-version-id: vAVbBAfS08v2iYFMxqf9Uwhiu2EO8Btf
expires: Thu, 19 Aug 2021 14:08:28 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/webp
x-amz-cf-id: f9VG30t77b-T5-5BXYlfwqM0gDCRW7GT_flBomrTDv-auVsNJmfFyA==
cf-bgj: imgq:100,h2pri

GET
H2 200 logo_default.jpg
assets.donordrive.com/themes/carryforward/img/ 832 B
1 KB 455ms
451ms Image
image/webp 2606:4700::6812:dfe4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.donordrive.com/themes/carryforward/img/logo_default.jpg?v=202108171130
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:dfe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a445777b703cfaeacb4bcfbd22af71ccfbf031f4061249afa770f2a647f675c

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:28 GMT
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA53-C1
cf-polished: origFmt=jpeg, origSize=5417
cf-ray: 681294af1be14e14-FRA
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="logo_default.webp"
content-length: 832
last-modified: Wed, 11 Nov 2020 14:25:38 GMT
server: cloudflare
etag: "a409168f30b230ea650fc74b9bafc81a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-version-id: 96sIA4f7E7pRNhEWij4Nsk_ETtQdkvu6
expires: Thu, 19 Aug 2021 14:08:28 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/webp
x-amz-cf-id: Zpekcs5vAs2EJnIlmlFq3vhOHZY4fLkdPcc1-UP_3HcWV-_fl6VTyQ==
cf-bgj: imgq:100,h2pri

GET
H2 200 1983.jpg
assets.donordrive.com/carryforward/images/$cms$/100/ 53 KB
54 KB 656ms
652ms Image
image/jpeg 2606:4700::6812:dfe4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.donordrive.com/carryforward/images/$cms$/100/1983.jpg
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:dfe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf4e754e708ffd99468f3b9764a14e63e5e7409dff4630f7ee63313bdff1e97d

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:28 GMT
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-replication-status: COMPLETED
content-length: 54517
last-modified: Fri, 12 Feb 2021 01:00:31 GMT
server: cloudflare
etag: "cfba1697b05a1e91a086fc0ddafbfae2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: zBayZ69lbA3GAVmZPD28mKqAhLswJLK0
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 681294af1be34e14-FRA
x-amz-cf-id: NQ--5ba9svtuvRlc5y9-F4GZT9XqwW4OWNpab2Cwmu-9sv0iHS90UA==
expires: Thu, 19 Aug 2021 14:08:28 GMT

GET
H2 200 1984.jpg
assets.donordrive.com/carryforward/images/$cms$/100/ 40 KB
40 KB 441ms
437ms Image
image/webp 2606:4700::6812:dfe4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.donordrive.com/carryforward/images/$cms$/100/1984.jpg
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:dfe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdeb142238b19ef6fca1d8a4b20a9fe33b87c5676784af6c3cb2852009553b86

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:28 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA53-C1
cf-polished: origFmt=jpeg, origSize=45410
cf-ray: 681294af1be44e14-FRA
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="1984.webp"
content-length: 40614
last-modified: Fri, 12 Feb 2021 01:00:34 GMT
server: cloudflare
etag: "ee70fd9a4042e8575948be76c24fa9cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-version-id: q50MtwgZ4yxLLBZ9bxLJ2DOP8ixzbI9J
expires: Thu, 19 Aug 2021 14:08:28 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/webp
x-amz-cf-id: dvkFg_8ls9Ot1hjgGXyJ3hEEMSyMI7DufGQXwhGcLq9mKfTvRZyICA==
cf-bgj: imgq:100,h2pri

GET
H2 200 1985.jpg
assets.donordrive.com/carryforward/images/$cms$/100/ 50 KB
50 KB 719ms
715ms Image
image/jpeg 2606:4700::6812:dfe4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.donordrive.com/carryforward/images/$cms$/100/1985.jpg
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:dfe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18a49c16534f3fb376a7dfedcb1251195c5432a08ae447c6cdf6068c4db28b94

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:28 GMT
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-replication-status: COMPLETED
content-length: 51057
last-modified: Fri, 12 Feb 2021 01:00:37 GMT
server: cloudflare
etag: "c7c67f1abc1e03b5c7b267ad9c5e087e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: tRtYDbGWYDamgdKk.bh8i4QovL.cBi.8
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 681294af1be64e14-FRA
x-amz-cf-id: NEabepEwI-AgJemTbTU9RIrIRxosRQR3NeYcP7BqoVlzSVUBPefsuQ==
expires: Thu, 19 Aug 2021 14:08:28 GMT

GET
H2 200 1986.jpg
assets.donordrive.com/carryforward/images/$cms$/100/ 47 KB
47 KB 673ms
669ms Image
image/jpeg 2606:4700::6812:dfe4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.donordrive.com/carryforward/images/$cms$/100/1986.jpg
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:dfe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfbe7861734f7e03adc7acf9e95743f20e0575a2da102d5c155e01ee47fc237b

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:28 GMT
via: 1.1 d01ad8df731d3f120823f9e20df55147.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-replication-status: COMPLETED
content-length: 48070
last-modified: Fri, 12 Feb 2021 01:00:40 GMT
server: cloudflare
etag: "9d7c53cd231d3e4a6968e92239425754"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: ruL.AdSxxT4fiaMs6h9XcwSbzBGur2Bs
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 681294af1bec4e14-FRA
x-amz-cf-id: pCnt-Npup58Mp6wWKmartMu8Z9axeytDPhZhMtXrdYQPwBoIFkv8vw==
expires: Thu, 19 Aug 2021 14:08:28 GMT

GET
H2 200 1982.jpg
assets.donordrive.com/carryforward/images/$cms$/100/ 70 KB
70 KB 657ms
653ms Image
image/jpeg 2606:4700::6812:dfe4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.donordrive.com/carryforward/images/$cms$/100/1982.jpg
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:dfe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99f254c91f867085c0e31628acd61018e527b2043de3f9362a3729fd3b18c65a

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:28 GMT
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: image/jpeg
x-amz-replication-status: COMPLETED
content-length: 71557
last-modified: Fri, 12 Feb 2021 01:00:28 GMT
server: cloudflare
etag: "7462a705331523d7df0cab2510f8a454"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 9uZFZyaTHSMw4qng5MXAm3qqm5bT1ReG
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 681294af1bee4e14-FRA
x-amz-cf-id: IE9OVVFv7mQQurlYkv8F5IHLw0qkejAJBcwslt_I_A_982rfxwLUuA==
expires: Thu, 19 Aug 2021 14:08:28 GMT

GET
H2 200 2049.jpg
assets.donordrive.com/carryforward/images/$cms$/100/ 126 KB
126 KB 447ms
443ms Image
image/jpeg 2606:4700::6812:dfe4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.donordrive.com/carryforward/images/$cms$/100/2049.jpg
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:dfe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 426698875df85118c3acf694dc4a39795711fe59558893ce9a7367940494d013

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:28 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Wed, 23 Jun 2021 20:56:14 GMT
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA53-C1
cf-polished: origSize=143377, status=webp_bigger
cf-ray: 681294af1bef4e14-FRA
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-length: 128605
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "1f0da0ace6f706cc07e2ab933033e6c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: Qnom2gaRwLHSUCK_R9uTLogqCewPnqgg
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: MasLmEbIBHfCSlOrbRuX4eeLhH2PFsVHcILai_EBhLVfg71psYQ-MA==
expires: Thu, 19 Aug 2021 14:08:28 GMT

GET
H2 200 1962.jpg
assets.donordrive.com/carryforward/images/$cms$/100/ 81 KB
81 KB 442ms
439ms Image
image/jpeg 2606:4700::6812:dfe4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.donordrive.com/carryforward/images/$cms$/100/1962.jpg
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:dfe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e35c3f8d7110331e2caf2049605d7b2409a56c51f9a66ea4be7243a705859eb6

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:28 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
last-modified: Thu, 24 Dec 2020 06:10:19 GMT
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA53-C1
cf-polished: origSize=91744, status=webp_bigger
cf-ray: 681294af1bf24e14-FRA
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-length: 82851
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "eee948e5194f000b84ae6572987be245"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: hIRnbUmELa6KEsk4EwlGIhMh5jroDJ53
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: 3CFcLiLZjyJzMuEor_z7FVJ6sHLBs6HOeZbJrftk7Tu0oF9jcn7WJw==
expires: Thu, 19 Aug 2021 14:08:28 GMT

GET
H2 200 WWPLogo.png
assets.donordrive.com/themes/carryforward/img/ 5 KB
6 KB 428ms
424ms Image
image/webp 2606:4700::6812:dfe4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.donordrive.com/themes/carryforward/img/WWPLogo.png?v=202108171130
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:dfe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f34bd4ca21fd0f0d45af6d848b6f3eda13c0b63316a5b6808e35ccf0a926228

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:28 GMT
via: 1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA53-C1
cf-polished: origFmt=png, origSize=6602
cf-ray: 681294af1bf44e14-FRA
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="WWPLogo.webp"
content-length: 5560
last-modified: Wed, 11 Nov 2020 14:25:38 GMT
server: cloudflare
etag: "8dd08f4cda7a3f45faf39753a57b57ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-version-id: uTeX6ztF8d9.JCfqyqHE0844g7qeYiVs
expires: Thu, 19 Aug 2021 14:08:28 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/webp
x-amz-cf-id: Ch6SnuJ0VeRVw_m7TP6xkamXVTZ1ZkpCerZgijszZTMNpX-ByDOFbA==
cf-bgj: imgq:100,h2pri

GET
H2 200 instagram-logo.svg
assets.donordrive.com/themes/carryforward/img/ 1 KB
855 B 453ms
449ms Image
image/svg+xml 2606:4700::6812:dfe4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.donordrive.com/themes/carryforward/img/instagram-logo.svg?v=202108171130
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:dfe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31de8f5493b30cf99ab1adb6974db3c2e978f43a8b2c42c0d6b7a0a1fbe32b62

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:28 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: image/svg+xml
x-amz-replication-status: COMPLETED
last-modified: Wed, 11 Nov 2020 14:25:38 GMT
server: cloudflare
etag: W/"42a49419eaea07861e079525c4ae8f5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: .Lsn9ZFxloBpiTvYHNNs_oj3rzlAvFuz
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
cache-control: public, max-age=14400
cf-ray: 681294af1bf64e14-FRA
x-amz-cf-id: mqnQlPgy8Q7SmvIil6n6vsogHxkTNvYrbrOtE14AFEvHuUkWDR1E-w==
expires: Thu, 19 Aug 2021 14:08:28 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 277 KB
76 KB 63ms
60ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KM3NBCV

Requested by

Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d3bee6338f19ec6f2202022fcd9cdfb5f3c80d7f2bad08c16dfcd672f3da6de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77594
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 Aug 2021 10:08:28 GMT

GET
H2 200 print.min.css
assets.donordrive.com/themes/carryforward/css/ 4 KB
1 KB 445ms
442ms Stylesheet
text/css 2606:4700::6812:dfe4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.donordrive.com/themes/carryforward/css/print.min.css?v=202108171130
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:dfe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2ac4bdad8dd297f3c818f3b1e718a1aaab505822e7dc9613c426057b74b372e

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:28 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: text/css
x-amz-replication-status: COMPLETED
last-modified: Mon, 09 Aug 2021 18:30:34 GMT
server: cloudflare
etag: W/"f646d075ef729522ab142044de3c7119"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 5BxWAhCibspWJizqDRfqyLuuUupcrjiL
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
cache-control: public, max-age=14400
cf-ray: 681294af1c024e14-FRA
x-amz-cf-id: 97lZ4ol2w3NKNXuR3FphAXBWlktiKt29hhc-qX_J9Kh3mNCBBQgKxQ==
expires: Thu, 19 Aug 2021 14:08:28 GMT

GET
H2 200 dd-logo-light.svg
assets.donordrive.com/themes/resources/img/brand/ 10 KB
4 KB 29ms
25ms Image
image/svg+xml 2606:4700::6812:dfe4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.donordrive.com/themes/resources/img/brand/dd-logo-light.svg?v=202108171130
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:dfe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4401f65be9f6f2c111a9c74d416b5c0dd3fca273220ee82577b37fc4f0bff1c

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:28 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 376
x-cache: Miss from cloudfront
content-type: image/svg+xml
x-amz-replication-status: COMPLETED
last-modified: Wed, 11 Nov 2020 14:26:43 GMT
server: cloudflare
etag: W/"a0f69cc2cfcfe9653dbea1883b82c4f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: rEM2oRj2gUgcGqtx9UhqiRuDNERG451r
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
cache-control: public, max-age=14400
x-amz-cf-pop: FRA2-C1
cf-ray: 681294af1bfa4e14-FRA
x-amz-cf-id: v1DbUyp93ULtlrx2N5AOzEp6z_EwBez5oyuEGtSC7awXd09Hyz2zGw==
expires: Thu, 19 Aug 2021 14:08:28 GMT

GET
H2 200 GuideStar.png
assets.donordrive.com/themes/carryforward/img/ 9 KB
9 KB 453ms
450ms Image
image/webp 2606:4700::6812:dfe4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.donordrive.com/themes/carryforward/img/GuideStar.png?v=202108171130
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:dfe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 941cc11ac0c50cdf210301b30fe80d9cc9b3559e9d7fd408130f37880a3d6811

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:28 GMT
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA53-C1
cf-polished: origFmt=png, origSize=10196
cf-ray: 681294af1bfb4e14-FRA
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="GuideStar.webp"
content-length: 9182
last-modified: Wed, 11 Nov 2020 14:25:38 GMT
server: cloudflare
etag: "e540e794e8055763e6f1b64ce8063a16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-version-id: iEOQtxxPrd10cyIPsVP3WbXw_tAEuDzi
expires: Thu, 19 Aug 2021 14:08:28 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/webp
x-amz-cf-id: g0sd5Fq5uuEfBYdK-yAspiiIufZOFuToyONjyS1PoUCWcZ6jv_TAOw==
cf-bgj: imgq:100,h2pri

GET
H2 200 BBB.png
assets.donordrive.com/themes/carryforward/img/ 10 KB
10 KB 453ms
450ms Image
image/webp 2606:4700::6812:dfe4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.donordrive.com/themes/carryforward/img/BBB.png?v=202108171130
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:dfe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31bbe60bc77845a9203ff40235ce3f6731a1e68b870585b5be050018619ec40e

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:28 GMT
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA2-C1
cf-polished: origFmt=png, origSize=10893
cf-ray: 681294af1bfc4e14-FRA
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="BBB.webp"
content-length: 9774
last-modified: Wed, 11 Nov 2020 14:25:38 GMT
server: cloudflare
etag: "a23f6a10c93cae9632e5097750dfe83a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-version-id: 9tv.aMz8oVpnf3oJuvNlZ3yolIVjkWUK
expires: Thu, 19 Aug 2021 14:08:28 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/webp
x-amz-cf-id: BlxmtdK4SezZFJmx-BhJaoWHDHh3FyI0BBv9WOcNgFz9tCv-HXa5QQ==
cf-bgj: imgq:100,h2pri

GET
H2 200 CharityNav.png
assets.donordrive.com/themes/carryforward/img/ 8 KB
9 KB 155ms
152ms Image
image/webp 2606:4700::6812:dfe4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.donordrive.com/themes/carryforward/img/CharityNav.png?v=202108171130
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:dfe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a30b40d1b588d3fd600f1288337ac742140783b3b27b4736238f0d6751106576

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:28 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA53-C1
cf-polished: origFmt=png, origSize=9708
cf-ray: 681294af1bff4e14-FRA
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="CharityNav.webp"
content-length: 8674
last-modified: Wed, 11 Nov 2020 14:25:38 GMT
server: cloudflare
etag: "0263065318f2b6f6edc3ea97b0da677c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-version-id: A9Vu0FkdRpNPuSLu3rfqdz7U49yAbnnX
expires: Thu, 19 Aug 2021 14:08:28 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/webp
x-amz-cf-id: eLXpFhBbVVziM2JdkDjIgw0qzCSs1AhE7ie2YC-mckYQostyflttxg==
cf-bgj: imgq:100,h2pri

GET
H2 200 email-decode.min.js Show response
carryforward.woundedwarriorproject.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
837 B 14ms
14ms Script
application/javascript 2606:4700::6812:195c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://carryforward.woundedwarriorproject.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:195c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
cookie: AWSALB=2WOvxZ0G53o7V1Cbmg3soyGf+1QbeEXouLu9D1bCCOHRdfggtKqCudebnNOGwYB23YqjmGB+CL3jt52y8pZpZr1GdYJZQkFvgxrCmuiPlySKZEoXWtArxqjE1aRs; AWSALBCORS=2WOvxZ0G53o7V1Cbmg3soyGf+1QbeEXouLu9D1bCCOHRdfggtKqCudebnNOGwYB23YqjmGB+CL3jt52y8pZpZr1GdYJZQkFvgxrCmuiPlySKZEoXWtArxqjE1aRs; CFID=502375; CFTOKEN=dc66a4a39677e791-AAD55617-C6AF-DAC5-B2A6EC154454B0FC; PUBLICAPPLANGUAGE=DEFAULT%3Ben%5FUS; COOKIETEST=1; __cf_bm=b9d3e0cc92c69cba5700d7c182f0ce2a0e12fc3f-1629367707-1800-AbvY5U1CWsmgAMEWJbyw2daoSnB2w2psRyc/CMA5vX0aR3IGvYTY9do35mIN90TjOOrGct7mMzx/4pmICbp0KCs=; __cfruid=db8529e052eca4e90c177991b83968fc692bec2f-1629367707
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: carryforward.woundedwarriorproject.org
referer: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 10:09:00 GMT
server: cloudflare
etag: W/"6114f33c-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800 public
cf-ray: 681294aeefd22b1e-FRA
vary: Accept-Encoding
expires: Sat, 21 Aug 2021 10:08:27 GMT

GET
H2 200 theme.js Show response
assets.donordrive.com/themes/carryforward/js/theme/ 3 KB
2 KB 455ms
455ms Script
application/javascript 2606:4700::6812:dfe4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.donordrive.com/themes/carryforward/js/theme/theme.js?v=202108171130
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:dfe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efd88c50a998b162ddd3fbea4afbcdb6c0e92277d355823dd0cf1cb164c11017

Request headers

Origin: https://carryforward.woundedwarriorproject.org
Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:28 GMT
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA2-C1
cf-polished: origSize=4424
cf-ray: 681294af0d364e07-FRA
x-cache: Miss from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: gzip
last-modified: Mon, 14 Dec 2020 18:34:48 GMT
server: cloudflare
etag: W/"0363f4c20e9f5aa404309dec3782f033"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
x-amz-version-id: rfPTBB8_My3r7iS_3.RJCIkCVaRRlYNI
access-control-allow-origin: *
expires: Thu, 19 Aug 2021 14:08:28 GMT
cache-control: public, max-age=14400
content-type: application/javascript
x-amz-cf-id: XDQI10bpvDZlnvf1zNozuIqzhUuUe6PtNARdgq-ynygjwRWOVPxFaA==
cf-bgj: minify

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 22ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

61926168edd801a81323a46e45a3ccf2c9c5def4d3fad4f7b187d38f6ba94608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: MLTP6e4Z9yUqL18OHThkSw==
cross-origin-resource-policy: cross-origin
expires: Thu, 19 Aug 2021 10:22:29 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: Ofvj4XvM8/jMTUTS5jJJH2NF3FXg8p6ogKRovyxUrmClBuel34BsAEMNQaAE6qhfD0f5Ojgmv8sHroaaX9oy4A==
x-fb-trip-id: 917726464
x-fb-content-md5: d08f5276161b9d3a1071e486ee695c1a
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Thu, 19 Aug 2021 10:08:28 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "701913f7a7282ec4bc7446d223ac1418"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 3287
date: Thu, 19 Aug 2021 09:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Thu, 19 Aug 2021 11:13:41 GMT

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,700|Roboto+Slab:700|Zilla+Slab:700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://carryforward.woundedwarriorproject.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 00:31:26 GMT
x-content-type-options: nosniff
age: 207422
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20040
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:44 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 00:31:26 GMT

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,700|Roboto+Slab:700|Zilla+Slab:700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://carryforward.woundedwarriorproject.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 00:32:15 GMT
x-content-type-options: nosniff
age: 207373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19868
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:31 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 00:32:15 GMT

GET
H3-29 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
19 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,700|Roboto+Slab:700|Zilla+Slab:700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://carryforward.woundedwarriorproject.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 00:32:15 GMT
x-content-type-options: nosniff
age: 207373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 00:32:15 GMT

GET
H2 200 fontawesome-webfont.woff
assets.donordrive.com/resources/font/ 43 KB
43 KB 428ms
428ms Font
binary/octet-stream 2606:4700::6812:dfe4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.donordrive.com/resources/font/fontawesome-webfont.woff?v=3.2.1
Requested by: Host: assets.donordrive.com
URL: https://assets.donordrive.com/resources/css/dd-public.css?v=202108171130
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:dfe4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f

Request headers

Origin: https://carryforward.woundedwarriorproject.org
Referer: https://assets.donordrive.com/resources/css/dd-public.css?v=202108171130
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:28 GMT
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: binary/octet-stream
x-amz-replication-status: COMPLETED
content-length: 43572
last-modified: Wed, 11 Nov 2020 14:24:21 GMT
server: cloudflare
etag: "b683029bafe0305ac2234038a03e1541"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: Gq6uI.IxaR7D_0N6OMmqvoifXuBq29Q8
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 681294af2d9d4e07-FRA
x-amz-cf-id: Y9JJ2l5NMdpcpp1jx-07ZWpFE5aK_tY75pvH2et1VVPRko3EmMzVPA==
expires: Thu, 19 Aug 2021 14:08:28 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 28ms
14ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-117302294-1&cid=116484929.1629367708&jid=409308621&gjid=567515953&_gid=1528050139.1629367708&_u=IGBAgAABAAAAAE~&z=966094336

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 19 Aug 2021 10:08:28 GMT
content-type: text/plain
access-control-allow-origin: https://carryforward.woundedwarriorproject.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=557694713&t=pageview&_s=1&dl=https%3A%2F%2Fcarryforward.woundedwarriorproject.org%2Findex.cfm%3Ffuseaction%3Dcms.page%26id%3D1021&ul=en-us&de=UTF-8&dt=Carry%20Forward%20FAQs%20%7C%20Questions%20about%20Wounded%20Warrior%20Project%205K&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgAAB~&jid=409308621&gjid=567515953&cid=116484929.1629367708&tid=UA-117302294-1&_gid=1528050139.1629367708&z=1625051110

Requested by

Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 10:55:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83607
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 230 KB
67 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=24d8323917d53118a8a87654ebd0ad17

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a491991df4c5942bcf0469efac2add4659d262dfea2f82da4356dce615c065a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://carryforward.woundedwarriorproject.org
Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: FWLt+O2AsV800Kt2lgyz+g==
cross-origin-resource-policy: cross-origin
expires: Fri, 19 Aug 2022 08:45:15 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 68285
x-fb-rlafr: 0
x-fb-debug: 9ClP7Jr/wuKQz94S3p7GNIWkhjj8EsKtrgtE/oZDnOQiBi1G7tx6S8iSQsRFkvICK5Nammp32+whHqQSi9acpQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-content-md5: 5de98950c1ac42e02288896c95c0a4cf
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 19 Aug 2021 10:08:28 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "594d91ce97d32920fa751cf1f649874f"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=557694713&t=pageview&_s=1&dl=https%3A%2F%2Fcarryforward.woundedwarriorproject.org%2Findex.cfm%3Ffuseaction%3Dcms.page%26id%3D1021&ul=en-us&de=UTF-8&dt=Carry%20Forward%20FAQs%20%7C%20Questions%20about%20Wounded%20Warrior%20Project%205K&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAAABAAAAAG~&jid=944127246&gjid=673197123&cid=116484929.1629367708&tid=UA-2342200-1&_gid=1528050139.1629367708&_r=1&gtm=2wg8g0KM3NBCV&z=1040363823

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 10:08:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://carryforward.woundedwarriorproject.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

activityi;dc_pre=CLCq09zrvPICFYr_UQodycwIBA;src=6871501;type=wwp;cat=carry0;ord=9414320716321;gtm=2wg8g0;auiddc=837213777.1629367708;ps=1;~oref=https%3A%2F%2Fcarryforward.woundedwarriorproject.org%... Show response
6871501.fls.doubleclick.net/ Frame CC1E
Redirect Chain

https://6871501.fls.doubleclick.net/activityi;src=6871501;type=wwp;cat=carry0;ord=9414320716321;gtm=2wg8g0;auiddc=837213777.1629367708;ps=1;~oref=https%3A%2F%2Fcarryforward.woundedwarriorproject.or...
https://6871501.fls.doubleclick.net/activityi;dc_pre=CLCq09zrvPICFYr_UQodycwIBA;src=6871501;type=wwp;cat=carry0;ord=9414320716321;gtm=2wg8g0;auiddc=837213777.1629367708;ps=1;~oref=https%3A%2F%2Fcar...

461 B
402 B

99ms
55ms

Document
text/html

142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6871501.fls.doubleclick.net/activityi;dc_pre=CLCq09zrvPICFYr_UQodycwIBA;src=6871501;type=wwp;cat=carry0;ord=9414320716321;gtm=2wg8g0;auiddc=837213777.1629367708;ps=1;~oref=https%3A%2F%2Fcarryforward.woundedwarriorproject.org%2Findex.cfm%3Ffuseaction%3Dcms.page%26id%3D1021?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KM3NBCV

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

ff254ff8b44fa2c68c16fb8d993b7d3312e8695bdcaceffad1788a7224364555

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6871501.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CLCq09zrvPICFYr_UQodycwIBA;src=6871501;type=wwp;cat=carry0;ord=9414320716321;gtm=2wg8g0;auiddc=837213777.1629367708;ps=1;~oref=https%3A%2F%2Fcarryforward.woundedwarriorproject.org%2Findex.cfm%3Ffuseaction%3Dcms.page%26id%3D1021?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://carryforward.woundedwarriorproject.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 19 Aug 2021 10:08:30 GMT
expires: Thu, 19 Aug 2021 10:08:30 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 377
x-xss-protection: 0
set-cookie: IDE=AHWqTUkb_53deJZUUEGD98B2_XbQGUYqyCWRaSGGpsYaJTy4Q6LMRZ-KNVOH-zpxPN8; expires=Tue, 13-Sep-2022 10:08:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 19 Aug 2021 10:08:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6871501.fls.doubleclick.net/activityi;dc_pre=CLCq09zrvPICFYr_UQodycwIBA;src=6871501;type=wwp;cat=carry0;ord=9414320716321;gtm=2wg8g0;auiddc=837213777.1629367708;ps=1;~oref=https%3A%2F%2Fcarryforward.woundedwarriorproject.org%2Findex.cfm%3Ffuseaction%3Dcms.page%26id%3D1021?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 49ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KM3NBCV
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:28 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 18:27:37 GMT
x-msedge-ref: Ref A: 6E931286B98A458C96E63FC72F992F04 Ref B: FRAEDGE1212 Ref C: 2021-08-19T10:08:28Z
etag: "80f2963dde83d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9024

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 2127ms
2027ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KM3NBCV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

1c3bd00be556bf95f92a2ab1119b8b26544a1997ab0c09f86490bc32339ad32e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13981
x-xss-protection: 0
server: cafe
etag: 6132654052448080839
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 10:08:30 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
1 KB 43ms
21ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55397b2aa29ac9fe384bd2f35e60359322fe3451011e4d31b51d97aae6b85a05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
accept-ch-lifetime: 2592000
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
expires: Thu, 19 Aug 2021 10:08:28 GMT

GET
H3-29 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 15ms
14ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25940
x-xss-protection: 0
pragma: public
x-fb-debug: iKWm6rdJiKddeQ8+tjsNRfPf+xMhqE3/bImlN8E0gX4kC9fhj6eSvf+GVkRCnla5+ycl9xGiBv4rVy8+C3wHdw==
x-frame-options: DENY
date: Thu, 19 Aug 2021 10:08:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 45ms
12ms Script
application/x-javascript 2600:9000:2190:3e00:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:3e00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 09:20:49 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 09:20:39 GMT
server: Jetty(9.3.29.v20201019)
age: 2859
x-cache: Hit from cloudfront
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: ZRH50-C1
content-type: application/x-javascript
content-length: 6162
x-amz-cf-id: b8dGwNtGAWYkTbAcm-GmIKcaBcVb_P3EuKiEa-UGEeR7coKV77mHTw==
expires: Thu, 19 Aug 2021 10:20:49 GMT

GET
H/1.1 200
OK x51181r752159779 Show response
rs.gwallet.com/r1/pixel/ Frame 1A0F 43 B
385 B 2375ms
102ms Document
image/gif 199.127.207.184
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.gwallet.com/r1/pixel/x51181r752159779
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.127.207.184 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Host: rs.gwallet.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://carryforward.woundedwarriorproject.org/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://carryforward.woundedwarriorproject.org/

Response headers

Server: nginx/1.10.3
Date: Thu, 19 Aug 2021 10:08:30 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
P3p: CP="PSAo PSDo OUR BUS DSP NON COR"
Vary: Origin
Pragma: no-cache
Cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Origin: *
useSecure: true

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ 1 KB
2 KB 2225ms
54ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1341475&mt_adid=210975&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KM3NBCV
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3853 9552a83 master cdg-pixel-x24 /
Resource Hash: 0071cf1a37018d7b72d37127869284b1ca124f77c75185df76a09d4035d11c7d

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 10:08:30 GMT
Server: MT3 3853 9552a83 master cdg-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1411
Expires: Thu, 19 Aug 2021 10:10:48 GMT

GET
H2 200 rokoInstabot.js Show response
widget.instabot.io/jsapi/ 771 KB
275 KB 62ms
13ms Script
application/javascript 2600:9000:20eb:3e00:4:d371:a680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.instabot.io/jsapi/rokoInstabot.js
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3e00:4:d371:a680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 393fcae2d2c94717f243586da03a373927a4b8bcaaf110b972a903b90a17c30a

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 09:15:26 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 14:08:33 GMT
age: 3182
etag: "1d78df1340f8cfb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=0
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: LcfSY8AQk0r7RDFqKDst_tQcRR2wzZ-ZzD7NqQO6lYSfkyN8hO_uLQ==
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)

GET
H2 200 scevent.min.js Show response
sc-static.net/ 15 KB
6 KB 2252ms
82ms Script
application/javascript 13.224.96.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-84.zrh50.r.cloudfront.net
Software: CloudFront /
Resource Hash: a92b99b413aa8afe65e9a4943c148fdedab142e7b913dafc52a040d850a5b197

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:30 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: ZRH50-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 5873
via: 1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
x-amz-cf-id: 0UOxCjfdD0H17ZMnFHQX7PFTeFOTkoPcKRYJ2oP5z_bERphSX7DN_w==

GET
H2 200 hotjar-1445902.js Show response
static.hotjar.com/c/ 4 KB
2 KB 2097ms
2097ms Script
application/javascript 13.224.96.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1445902.js?sv=6

Requested by

Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-91.zrh50.r.cloudfront.net

Software

Resource Hash

a79d63d011a2e105dbfd8cbd0f50f655f2613a9a82d128436390c415fd176d21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: ZRH50-C1
etag: W/602cbd0df1e5a829916df996a29a1a2f
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1886
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
x-amz-cf-id: qNdXZSfJ820fae6-DP6BsfDtjqcTczd5y57z-zSE9YEPDsXP9M-0eQ==

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/QJ53RBJ53NFGZG743KAKA6/ 50 KB
16 KB 234ms
205ms Script
text/javascript 2a02:26f0:6c00::210:baab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/QJ53RBJ53NFGZG743KAKA6/roundtrip.js
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb046dc1578571f496bbfdc5d16c9577a49d54112b96450771b600d39a069905

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: fps8RYP7i3n9bYxr9iEuwqpFAv2RyfbI
Content-Encoding: gzip
ETag: "3370824d1f492382a313510d2776a0d1"
x-amz-request-id: 0H3A7TZENR2TAQW8
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 15579
x-amz-id-2: cYVBBFKzN/NfWMlmlzRbYNx9SaCHGwD7nCxarZNzp+xO/qyANweYZkBB4DL5YZerIkK/aJLEbWg=
Last-Modified: Wed, 18 Aug 2021 22:09:00 GMT
Server: AmazonS3
Date: Thu, 19 Aug 2021 10:08:28 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1

200
OK

pixel
pixel.mediaiqdigital.com/
Redirect Chain

https://secure.adnxs.com/px?id=990172&seg=12573244&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3Fu3%3D%26u4%3D%26pixel_id%3D990172%26uid%3D%24UID&...
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D990172%26seg%3D12573244%26redir%3Dhttps%253A%252F%252Fsecure.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fpixel.mediaiqdigital.com%252Fpixel%253Fu3%253D...
https://secure.adnxs.com/getuid?https://pixel.mediaiqdigital.com/pixel?u3=&u4=&pixel_id=990172&uid=$UID
https://pixel.mediaiqdigital.com/pixel?u3=&u4=&pixel_id=990172&uid=1936169914872536063

2 B
500 B

146ms
28ms

Image
application/json

52.28.242.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.mediaiqdigital.com/pixel?u3=&u4=&pixel_id=990172&uid=1936169914872536063

Requested by

Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.242.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-242-97.eu-central-1.compute.amazonaws.com

Software

nginx/1.19.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 10:08:30 GMT
Server: nginx/1.19.0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH,OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Access-Control-Allow-Origin,x-requested-with,origin,Content-Type,accept,X-PINGARUNER
Content-Length: 2

Redirect headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 10:08:30 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ac93637b-5fce-4791-9733-f7e80c377544
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://pixel.mediaiqdigital.com/pixel?u3=&u4=&pixel_id=990172&uid=1936169914872536063
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 activityi;register_conversion=1;src=6871501;type=wwp;cat=carry0;ord=9414320716321;gtm=2wg8g0;auiddc=837213777.1629367708;ps=1;~oref=https%3A%2F%2Fcarryforward.woundedwarriorproject.org%2Findex.cfm%...
6871501.fls.doubleclick.net/ 0
0 2075ms
2022ms Image
text/html 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6871501.fls.doubleclick.net/activityi;register_conversion=1;src=6871501;type=wwp;cat=carry0;ord=9414320716321;gtm=2wg8g0;auiddc=837213777.1629367708;ps=1;~oref=https%3A%2F%2Fcarryforward.woundedwarriorproject.org%2Findex.cfm%3Ffuseaction%3Dcms.page%26id%3D1021?
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29

200

src=6164705;dc_pre=CJ_W4NzrvPICFWYCogMd0wMBlg;type=invmedia;cat=rrjkso5b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://secure.adnxs.com/px?id=1009411&seg=13738727&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1009411%26seg%3D13738727%26t%3D2
https://ad.doubleclick.net/ddm/activity/src=6164705;type=invmedia;cat=rrjkso5b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=6164705;dc_pre=CJ_W4NzrvPICFWYCogMd0wMBlg;type=invmedia;cat=rrjkso5b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://adservice.google.com/ddm/fls/z/src=6164705;dc_pre=CJ_W4NzrvPICFWYCogMd0wMBlg;type=invmedia;cat=rrjkso5b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
63 B

52ms
29ms

Image
image/gif

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=6164705;dc_pre=CJ_W4NzrvPICFWYCogMd0wMBlg;type=invmedia;cat=rrjkso5b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Requested by

Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 10:08:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 10:08:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=6164705;dc_pre=CJ_W4NzrvPICFWYCogMd0wMBlg;type=invmedia;cat=rrjkso5b;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-2342200-1&cid=116484929.1629367708&jid=944127246&gjid=673197123&_gid=1528050139.1629367708&_u=aGDAAAABAAAAAG~&z=1393740422

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 19 Aug 2021 10:08:28 GMT
content-type: text/plain
access-control-allow-origin: https://carryforward.woundedwarriorproject.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 117ms
102ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=415600945569625&input_token&origin=1&redirect_uri=https%3A%2F%2Fcarryforward.woundedwarriorproject.org%2Findex.cfm%3Ffuseaction%3Dcms.page%26id%3D1021&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=24d8323917d53118a8a87654ebd0ad17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info *.atdmt.com blob: android-webview-video-poster:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com fbsbx.com *.atdmt.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/;
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 0mu5C/IVhZzgxCRBJqA1gmNNH6jurrTgYxNFAku00ohAq/hJhtxzMTVe0DLKTddYkdQjg60/itOm8dF0nvo8JA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 19 Aug 2021 10:08:28 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://carryforward.woundedwarriorproject.org
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 32ms
32ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-2342200-1&cid=116484929.1629367708&jid=944127246&_u=aGDAAAABAAAAAG~&z=1731954743

Requested by

Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 10:08:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 45ms
30ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-2342200-1&cid=116484929.1629367708&jid=944127246&_u=aGDAAAABAAAAAG~&z=1731954743

Requested by

Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 10:08:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 169607157061587 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 143ms
142ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/169607157061587?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a2d151e02826e56d0e28b8b5fc268b9e6f3a86048f748c8c6d2a8dbc19beee38

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: Bo/rwWgWfHgxFcmKp+A2OLsc92OrLgChZVahFWG/SjBclgRYdgCc+rcnI9QNm7VBqGrRfJNLpyHAdTZ2tGmUoQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 19 Aug 2021 10:08:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 www-widgetapi.js Show response
www.youtube.com/s/player/9f749502/www-widgetapi.vflset/ 125 KB
42 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9f749502/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6648b04e414e1e9fe5291e31e47fae11425d5180dd7c1da6743e5cf840f3e37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 09:27:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 18 Aug 2021 00:17:27 GMT
server: sffe
age: 2460
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42716
x-xss-protection: 0
expires: Fri, 19 Aug 2022 09:27:28 GMT

GET
H/1.1 200
OK Cookie set ca.html Show response
20801397p.rfihub.com/ Frame 9B8C 3 KB
4 KB 3170ms
34ms Document
text/html 193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20801397p.rfihub.com/ca.html?ver=9&rb=28347&ca=20801397&_o=28347&_t=20801397&pe=https%3A%2F%2Fcarryforward.woundedwarriorproject.org%2Findex.cfm%3Ffuseaction%3Dcms.page%26id%3D1021&pf=&ra=1317692458410069
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 00a5a021da3615664424196cd950673027f4f1cf8bec0cccf5704112f70677b2

Request headers

Host: 20801397p.rfihub.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://carryforward.woundedwarriorproject.org/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://carryforward.woundedwarriorproject.org/

Response headers

Date: Thu, 19 Aug 2021 10:08:31 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAAAJvFyGtoZmRpbGZubmhoYmS0Co1_Co3_Co3_C40_iQmVPwuNvwiNvwqNvwmNvwuN_wldPwuaflY0_dxo7kXjLxJG5T9C4wMANStoXiABAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 13 Sep 2022 10:08:31 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwByILS3MjE3MDCzMTUyNjIT5DXaMkiygfj8Rgz2TdAileQzMjS2Mzc3NDQxNDSwDH_7N7NAAAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 13 Sep 2022 10:08:31 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwByILS3MjE3MDCzMTUyNjIT5DXaMkiygfj8Rgz2TdAgAMelJRJQAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Cache-Control: no-cache
Content-Type: text/html;charset=utf-8
Content-Length: 2918
Server: Jetty(9.3.29.v20201019)

GET
H2 204 16004014.js Show response
bat.bing.com/p/action/ 0
109 B 124ms
123ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/16004014.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 19 Aug 2021 10:08:28 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 7A0D163444B8473B8D9D660B010BF8D7 Ref B: FRAEDGE1212 Ref C: 2021-08-19T10:08:28Z
x-cache: CONFIG_NOCACHE

OPTIONS
H2 200 4H5BoB7Plrvntg3JtcRCl8BQjYh2V3kffkaFYh_NTl0
static.instabot.io/storage/ Frame 0
0 467ms
388ms Preflight 2600:9000:2156:5a00:4:eb35:4040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.instabot.io/storage/4H5BoB7Plrvntg3JtcRCl8BQjYh2V3kffkaFYh_NTl0
Protocol: H2
Server: 2600:9000:2156:5a00:4:eb35:4040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-requested-with
Origin: https://carryforward.woundedwarriorproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Thu, 19 Aug 2021 10:08:29 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-headers: content-type, x-requested-with
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: kPsakEdjMP63RLrznISZaV6uN-rWgvQT6TUYc2selmal6VpQaAIqSA==

OPTIONS
H2 204 getConversationsStorage
widgetapi.instabot.io/instabot/ Frame 0
0 3266ms
100ms Preflight 44.193.181.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetapi.instabot.io/instabot/getConversationsStorage?apiKey=4H5BoB7Plrvntg3JtcRCl8BQjYh2V3kffkaFYh%2FNTl0%3D&referrer=https%3A%2F%2Fcarryforward.woundedwarriorproject.org%2Findex.cfm%3Ffuseaction%3Dcms.page%26id%3D1021&selfHosted=false&resolveClientUserInfo=true&isAWS=true&cacheTypes=0
Protocol: H2
Server: 44.193.181.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-181-128.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: applicationsessionuuid,content-type,x-requested-with
Origin: https://carryforward.woundedwarriorproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 19 Aug 2021 10:08:31 GMT
access-control-allow-headers: applicationsessionuuid,content-type,x-requested-with
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400

GET
H2 200 4H5BoB7Plrvntg3JtcRCl8BQjYh2V3kffkaFYh_NTl0 Show response
static.instabot.io/storage/ 312 KB
39 KB 441ms
441ms XHR
application/json 2600:9000:2156:5a00:4:eb35:4040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.instabot.io/storage/4H5BoB7Plrvntg3JtcRCl8BQjYh2V3kffkaFYh_NTl0
Requested by: Host: widget.instabot.io
URL: https://widget.instabot.io/jsapi/rokoInstabot.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5a00:4:eb35:4040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d584300dde62ca51c299d22e9041cd3e4da79137f4402ae86aa7a943ef92b54

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://carryforward.woundedwarriorproject.org/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Thu, 19 Aug 2021 10:08:30 GMT
content-encoding: gzip
last-modified: Sat, 07 Aug 2021 20:22:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"bc4c51aed29cb44ef2d8940754d06696"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
content-disposition: attachment; filename*=UTF-8''storage.json
access-control-allow-methods: GET, HEAD
x-amz-cf-id: Et_2cc2xMhdL7EI9X9JIiTsWGTtUYWz0bzcxerODyjSwDWroT0kCCg==
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)

GET
H2 200 getConversationsStorage Show response
widgetapi.instabot.io/instabot/ 875 B
911 B 132ms
132ms XHR
application/json 44.193.181.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetapi.instabot.io/instabot/getConversationsStorage?apiKey=4H5BoB7Plrvntg3JtcRCl8BQjYh2V3kffkaFYh%2FNTl0%3D&referrer=https%3A%2F%2Fcarryforward.woundedwarriorproject.org%2Findex.cfm%3Ffuseaction%3Dcms.page%26id%3D1021&selfHosted=false&resolveClientUserInfo=true&isAWS=true&cacheTypes=0
Requested by: Host: widget.instabot.io
URL: https://widget.instabot.io/jsapi/rokoInstabot.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.181.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-181-128.compute-1.amazonaws.com
Software: /
Resource Hash: 2c1dfbf8036edd001f5269940af89bac71bdf154b9da41eb82a915fd5818e7c9

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://carryforward.woundedwarriorproject.org/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
ApplicationSessionUuid: b865f9f8-1e17-44f8-ad0e-bc30f536b1a9
Content-Type: application/json; charset=utf-8

Response headers

date: Thu, 19 Aug 2021 10:08:31 GMT
content-encoding: br
etag: "UIJ1x6r1uMIUyyrtAEYaxw==lUBQTL17yJOI/JRVSSWzJA=="
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private
x-responded-json: {"sessionExpired":false,"accessDenied":false,"metrics":{},"error":null,"httpRequestError":null,"requestId":"|46b1d3c0-4396ec73e9399b81."}

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/QJ53RBJ53NFGZG743KAKA6/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

6ms
6ms

Script
application/javascript

2a02:26f0:6c00::210:baab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baab Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: negMAsSEs.M1Zq1srV8VMS7DU8lxhds7
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: PVEJB32D62PZ7QQB
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: +lA2lXF/kq/ujOvt+INtw08Fx4bZTFRaEiOA0eOd2jl3+U7b/XkzWjlVjEUaPxszx8mmbr8ofFk=
Last-Modified: Mon, 19 Jul 2021 22:23:14 GMT
Server: AmazonS3
Date: Thu, 19 Aug 2021 10:08:29 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Thu, 19 Aug 2021 10:08:29 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H2

200

/ Show response
d.adroll.com/consent/check/QJ53RBJ53NFGZG743KAKA6/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/QJ53RBJ53NFGZG743KAKA6?_s=15f77d889523f60c378711ab12719260&_b=2
https://d.adroll.com/consent/check/QJ53RBJ53NFGZG743KAKA6/?_s=15f77d889523f60c378711ab12719260&_b=2

396 B
488 B

53ms
36ms

Script
application/javascript

52.213.68.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/QJ53RBJ53NFGZG743KAKA6/?_s=15f77d889523f60c378711ab12719260&_b=2
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.68.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-68-56.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 1c53b8e59577a7352e8234fdcde0bc7f799a023a1d2d1db910ab4cc34162d3d4

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:31 GMT
server: nginx/1.20.0
content-length: 396
content-type: application/javascript

Redirect headers

location: https://d.adroll.com/consent/check/QJ53RBJ53NFGZG743KAKA6/?_s=15f77d889523f60c378711ab12719260&_b=2
date: Thu, 19 Aug 2021 10:08:31 GMT
server: nginx/1.20.0
content-length: 105

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 51ms
12ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6713) /
Resource Hash: 8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 10:08:28 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:34:57 GMT
Server: ECS (frb/6713)
Age: 1167
Etag: "d405b816322f9770c70cbd10cfa87be4+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28872

GET
H2 204 0
bat.bing.com/action/ 0
149 B 31ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=16004014&tm=gtm002&Ver=2&mid=6e0a9415-5b93-4f3a-8fa2-6ce6c724527e&sid=6640579000d511eca9004b474fff0921&vid=6640765000d511ec9916f3cafe3a9010&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Carry%20Forward%20FAQs%20%7C%20Questions%20about%20Wounded%20Warrior%20Project%205K&p=https%3A%2F%2Fcarryforward.woundedwarriorproject.org%2Findex.cfm%3Ffuseaction%3Dcms.page%26id%3D1021&r=&lt=1718&evt=pageLoad&msclkid=N&sv=1&rn=439420
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 19 Aug 2021 10:08:28 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 2F79CB89BB0442D9BD33AD49DE0709EF Ref B: FRAEDGE1212 Ref C: 2021-08-19T10:08:28Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 179986756007824 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 127ms
127ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/179986756007824?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1039eab32fed7d3c66502cf1edc14d051b8f3b9742bceef598f75617191ddc22

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: BXH/Zcgg9rMMVmD/RcYZRJQ3hZp+gy99IjIQJTLVqtDOYjuWEUuPGZeje+rboEvQdmc0At2nZpzl5YtJi4/Plg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 19 Aug 2021 10:08:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
91 B 14ms
14ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=169607157061587&ev=PageView&dl=https%3A%2F%2Fcarryforward.woundedwarriorproject.org%2Findex.cfm%3Ffuseaction%3Dcms.page%26id%3D1021&rl=&if=false&ts=1629367708562&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1629367708560.1922851728&it=1629367708258&coo=false&rqm=GET

Requested by

Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 19 Aug 2021 10:08:28 GMT

GET
H/1.1 200
OK widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html Show response
platform.twitter.com/widgets/ Frame D8C9 319 KB
103 KB 8ms
8ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fcarryforward.woundedwarriorproject.org
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6724) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://carryforward.woundedwarriorproject.org/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://carryforward.woundedwarriorproject.org/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 52194
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 19 Aug 2021 10:08:28 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 02 Aug 2021 20:33:53 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6724)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 settings Show response
syndication.twitter.com/ Frame D8C9 232 B
431 B 2941ms
151ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=fd61b331fa1b89ab75fd4211cd93defa0f417ee6

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fcarryforward.woundedwarriorproject.org

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:31 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 10:08:31 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 2e568f79cec9a46c051f9c1cbc34408cd0d31d54c8ee7c771e2b0d5121cd9932
content-length: 166

GET
H2 200 lightbox_inline.js Show response
www.lightboxcdn.com/vendor/b01dd994-81c9-4db1-8953-bc334fa249ea/ 2 KB
1 KB 654ms
634ms Script
application/javascript 2606:4700::6810:4ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/b01dd994-81c9-4db1-8953-bc334fa249ea/lightbox_inline.js?mb=1629367708717
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e821dce79820bb07776b4a29341814407425baced821209e7b29b4633875ae70

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 19 Aug 2021 10:08:29 GMT
content-encoding: br
cf-cache-status: REVALIDATED
content-md5: h02gVYw3OxYaI+AWBDSGWA==
cf-polished: origSize=2379
x-ms-lease-status: unlocked
last-modified: Thu, 29 Jul 2021 18:09:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 2bd9fbe1-601e-0110-52be-842572000000
x-ms-version: 2009-09-19
cf-ray: 681294b39f9f0eab-FRA
cf-bgj: minify

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=179986756007824&ev=PageView&dl=https%3A%2F%2Fcarryforward.woundedwarriorproject.org%2Findex.cfm%3Ffuseaction%3Dcms.page%26id%3D1021&rl=&if=false&ts=1629367708886&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1629367708560.1922851728&it=1629367708258&coo=false&rqm=GET

Requested by

Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 19 Aug 2021 10:08:28 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=169607157061587&ev=Microdata&dl=https%3A%2F%2Fcarryforward.woundedwarriorproject.org%2Findex.cfm%3Ffuseaction%3Dcms.page%26id%3D1021&rl=&if=false&ts=1629367709065&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Carry%20Forward%20FAQs%20%7C%20Questions%20about%20Wounded%20Warrior%20Project%205K%22%2C%22meta%3Adescription%22%3A%22Interested%20in%20supporting%20our%20Carry%20Forward%205K%20mission%2C%20but%20unsure%20of%20where%20to%20start%3F%20Our%20FAQs%20contain%20the%20answers%20to%20all%20of%20your%20questions!%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Wounded%20Warrior%20Project%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fcarryforward.woundedwarriorproject.org%2F%3Ffuseaction%3Dcms.page%26id%3D1021%22%2C%22og%3Atitle%22%3A%22Help%20put%20the%20mission%20in%20motion.%22%2C%22og%3Adescription%22%3A%22Take%20action%20for%20injured%20veterans%20at%20the%20Wounded%20Warrior%20Project%20Carry%20Forward%205K%20%E2%80%94%20one%20of%20the%20most%20unique%20and%20powerful%20events%20you%E2%80%99ll%20ever%20experience!%20%23WWPCARRYFORWARD%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fassets.donordrive.com%2Fcarryforward%2Fimages%2Fwwp_carryforward_logo_vertical_400x400.png%3Fv%3D202108171130%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1629367708560.1922851728&it=1629367708258&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 19 Aug 2021 10:08:29 GMT

GET
H2 200 lightbox.js Show response
www.lightboxcdn.com/vendor/b01dd994-81c9-4db1-8953-bc334fa249ea/ Frame 28F7 326 B
288 B 334ms
333ms Script
application/javascript 2606:4700::6810:4ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/b01dd994-81c9-4db1-8953-bc334fa249ea/lightbox.js?mb=1629367709378&lv=1
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4f64293f9dbca185e686a3eed21fa8f2d0a377c6601c12aabd409c8111367199

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:29 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 681294b7bebd0eab-FRA

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=179986756007824&ev=Microdata&dl=https%3A%2F%2Fcarryforward.woundedwarriorproject.org%2Findex.cfm%3Ffuseaction%3Dcms.page%26id%3D1021&rl=&if=false&ts=1629367709400&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Carry%20Forward%20FAQs%20%7C%20Questions%20about%20Wounded%20Warrior%20Project%205K%22%2C%22meta%3Adescription%22%3A%22Interested%20in%20supporting%20our%20Carry%20Forward%205K%20mission%2C%20but%20unsure%20of%20where%20to%20start%3F%20Our%20FAQs%20contain%20the%20answers%20to%20all%20of%20your%20questions!%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Wounded%20Warrior%20Project%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fcarryforward.woundedwarriorproject.org%2F%3Ffuseaction%3Dcms.page%26id%3D1021%22%2C%22og%3Atitle%22%3A%22Help%20put%20the%20mission%20in%20motion.%22%2C%22og%3Adescription%22%3A%22Take%20action%20for%20injured%20veterans%20at%20the%20Wounded%20Warrior%20Project%20Carry%20Forward%205K%20%E2%80%94%20one%20of%20the%20most%20unique%20and%20powerful%20events%20you%E2%80%99ll%20ever%20experience!%20%23WWPCARRYFORWARD%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fassets.donordrive.com%2Fcarryforward%2Fimages%2Fwwp_carryforward_logo_vertical_400x400.png%3Fv%3D202108171130%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1629367708560.1922851728&it=1629367708258&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 19 Aug 2021 10:08:29 GMT

GET
H2 200 user.js Show response
www.lightboxcdn.com/vendor/b01dd994-81c9-4db1-8953-bc334fa249ea/ Frame 28F7 644 KB
137 KB 35ms
34ms Script
application/javascript 2606:4700::6810:4ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/b01dd994-81c9-4db1-8953-bc334fa249ea/user.js?cb=637646298034980969
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/b01dd994-81c9-4db1-8953-bc334fa249ea/lightbox.js?mb=1629367709378&lv=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 062b837e94358739b1f2f6968687761958fdbe26c7e5fce0b28b30150ed022e0

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 19 Aug 2021 10:08:29 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: kh/3/Mk+KSxtWsadxFL26Q==
age: 329561
cf-polished: origSize=1097538
last-modified: Thu, 29 Jul 2021 18:09:31 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 8175186b-d01e-0060-78e2-9110e3000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 681294b9da7a0eab-FRA
expires: Fri, 19 Aug 2022 10:08:29 GMT

GET
H2 200 fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 4 KB
1 KB 15ms
15ms Stylesheet
text/css 2606:4700::6810:4ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637631789708698558
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/b01dd994-81c9-4db1-8953-bc334fa249ea/user.js?cb=637646298034980969
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 19 Aug 2021 10:08:29 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: q4B4xYJoZwx9ikt94o1nCA==
age: 565546
cf-polished: origSize=6016
x-ms-meta-cbmodifiedtime: Wed, 10 Apr 2019 18:50:43 GMT
last-modified: Wed, 10 Apr 2019 19:06:17 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-ms-request-id: bc2546b6-601e-0132-32a6-844b44000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 681294ba5b6e0eab-FRA
expires: Fri, 19 Aug 2022 10:08:29 GMT

GET
H/1.1 200
OK z Show response
lightboxapi.azurewebsites.net/z9gd/41619/carryforward.woundedwarriorproject.org/jsonp/ 515 B
775 B 1539ms
129ms Script
application/javascript 20.40.202.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://lightboxapi.azurewebsites.net/z9gd/41619/carryforward.woundedwarriorproject.org/jsonp/z?cb=1629367709842&callback=jQuery17102784939380249092_1629367709800&_=1629367709843
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/b01dd994-81c9-4db1-8953-bc334fa249ea/user.js?cb=637646298034980969
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 89ed596b3b87203d8092c53f2df5da8cda45a97fb56ac7d38d4b1f19ab219dbf

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 10:08:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
260 B 24ms
24ms Image
image/gif 2606:4700::6810:4ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1629367709813&h=carryforward.woundedwarriorproject.org&e=p&u=41619
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 19 Aug 2021 10:08:29 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 824704
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
content-length: 35
x-ms-lease-status: unlocked
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: 98f468b3-801e-0096-0e5e-1f37f5000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 681294ba8bb60eab-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 modules.e763089bec9f2503d752.js Show response
script.hotjar.com/ 221 KB
59 KB 45ms
45ms Script
application/javascript 13.224.96.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e763089bec9f2503d752.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1445902.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-63.zrh50.r.cloudfront.net

Software

Resource Hash

b8e39dad2211fe2aafd3c487471c94934a5230aeb00608f59b80c880ce777440

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 10:32:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84985
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59555
access-control-allow-origin: *
last-modified: Wed, 18 Aug 2021 10:31:58 GMT
etag: "59b0bd2bf71a6ea4a84151c51b91fba8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: S_W-bWdxdfd5NL2N-xTsoe_iyFM2-ACw_3UJnzpNoMErTyeGI2fmUg==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/755404405/ 2 KB
2 KB 54ms
20ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/755404405/?random=1629367710356&cv=9&fst=1629367710356&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcarryforward.woundedwarriorproject.org%2Findex.cfm%3Ffuseaction%3Dcms.page%26id%3D1021&tiba=Carry%20Forward%20FAQs%20%7C%20Questions%20about%20Wounded%20Warrior%20Project%205K&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b2d9ab41e9f217cd0c02b188e174e84b4027f5ce480e11fe8c069917d6604d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 10:08:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1070
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-25a418976ea02a6f393fbbe77cec94bb.html Show response
vars.hotjar.com/ Frame 9BA3 2 KB
1 KB 51ms
44ms Document
text/html 13.224.96.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1445902.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-92.zrh50.r.cloudfront.net
Software: /
Resource Hash: 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-25a418976ea02a6f393fbbe77cec94bb.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://carryforward.woundedwarriorproject.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://carryforward.woundedwarriorproject.org/

Response headers

content-type: text/html
content-length: 1044
date: Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "76922233be8bdb14c053af468d29404a"
last-modified: Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: T3AyKaZwAtudaenBPcfXyNR1KNnQmJ8hXkYFvvojAz4_wGRFpAiA2g==
age: 2800320

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/755404405/ 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/755404405/?random=1629367710356&cv=9&fst=1629367200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8g0&sendb=1&frm=0&url=https%3A%2F%2Fcarryforward.woundedwarriorproject.org%2Findex.cfm%3Ffuseaction%3Dcms.page%26id%3D1021&tiba=Carry%20Forward%20FAQs%20%7C%20Questions%20about%20Wounded%20Warrior%20Project%205K&async=1&fmt=3&is_vtc=1&random=3755718561&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 10:08:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/755404405/ 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/755404405/?random=1629367710356&cv=9&fst=1629367200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8g0&sendb=1&frm=0&url=https%3A%2F%2Fcarryforward.woundedwarriorproject.org%2Findex.cfm%3Ffuseaction%3Dcms.page%26id%3D1021&tiba=Carry%20Forward%20FAQs%20%7C%20Questions%20about%20Wounded%20Warrior%20Project%205K&async=1&fmt=3&is_vtc=1&random=3755718561&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 10:08:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame 8A14 631 B
948 B 61ms
54ms Document
text/html 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=581e611e-2d9e-4100-b66d-15b4fba74497&no_iframe=1&mt_adid=210975&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1341475&mt_adid=210975&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3853 9552a83 master cdg-pixel-x4 /
Resource Hash: 304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65

Request headers

Host: pixel.mathtag.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://carryforward.woundedwarriorproject.org/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid=581e611e-2d9e-4100-b66d-15b4fba74497
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://carryforward.woundedwarriorproject.org/

Response headers

Content-Type: text/html
Content-Length: 631
Server: MT3 3853 9552a83 master cdg-pixel-x4
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Thu, 19 Aug 2021 10:10:48 GMT
Date: Thu, 19 Aug 2021 10:08:30 GMT
Connection: keep-alive

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ 43 B
479 B 109ms
47ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3853 9552a83 master cdg-pixel-x1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 10:08:30 GMT
Server: MT3 3853 9552a83 master cdg-pixel-x1
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 19 Aug 2021 10:10:48 GMT

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 47BE 0
262 B 87ms
29ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=9b86f21c-5652-4a91-ad8e-dd438f02be91

Requested by

Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: tr.snapchat.com
:scheme: https
:path: /cm/i?pid=9b86f21c-5652-4a91-ad8e-dd438f02be91
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://carryforward.woundedwarriorproject.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://carryforward.woundedwarriorproject.org/

Response headers

server: nginx/1.17.3
date: Thu, 19 Aug 2021 10:08:30 GMT
content-type: text/html
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc_pre=CLCq09zrvPICFYr_UQodycwIBA;src=6871501;type=wwp;cat=carry0;ord=9414320716321;gtm=2wg8g0;auiddc=*;ps=1;~oref=https%3A%2F%2Fcarryforward.woundedwarriorproject.org%2Findex.cfm%3Ffuseaction%3Dcm...
adservice.google.com/ddm/fls/z/ Frame CC1E 42 B
515 B 79ms
29ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLCq09zrvPICFYr_UQodycwIBA;src=6871501;type=wwp;cat=carry0;ord=9414320716321;gtm=2wg8g0;auiddc=*;ps=1;~oref=https%3A%2F%2Fcarryforward.woundedwarriorproject.org%2Findex.cfm%3Ffuseaction%3Dcms.page%26id%3D1021

Requested by

Host: 6871501.fls.doubleclick.net
URL: https://6871501.fls.doubleclick.net/activityi;dc_pre=CLCq09zrvPICFYr_UQodycwIBA;src=6871501;type=wwp;cat=carry0;ord=9414320716321;gtm=2wg8g0;auiddc=837213777.1629367708;ps=1;~oref=https%3A%2F%2Fcarryforward.woundedwarriorproject.org%2Findex.cfm%3Ffuseaction%3Dcms.page%26id%3D1021?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6871501.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 10:08:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js-sha256-v1.min.js Show response
sc-static.net/ 22 KB
8 KB 140ms
54ms Script
application/javascript 13.224.96.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/js-sha256-v1.min.js
Requested by: Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-84.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253

Request headers

Origin: https://carryforward.woundedwarriorproject.org
Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 00:58:40 GMT
content-encoding: gzip
age: 32991
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 05 Apr 2019 00:32:08 GMT
server: AmazonS3
etag: W/"68f2467c84878293c9ee497dbc99a17f"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Type
cache-control: public, s-maxage=86400, max-age=600
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: GDYSfBnt_Ifxk9jRFj7IeKcNCsF5mHYHefQbs8s0kEjHMzMFqAsP6g==

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 8A14 43 B
480 B 56ms
49ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=581e611e-2d9e-4100-b66d-15b4fba74497&no_iframe=1&mt_adid=210975&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3853 9552a83 master cdg-pixel-x30 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=581e611e-2d9e-4100-b66d-15b4fba74497&no_iframe=1&mt_adid=210975&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 10:08:30 GMT
Server: MT3 3853 9552a83 master cdg-pixel-x30
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 19 Aug 2021 10:10:48 GMT

POST
H3-29 200 p Show response
tr.snapchat.com/ Frame 4137 0
15 B 56ms
34ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: POST
:authority: tr.snapchat.com
:scheme: https
:path: /p
content-length: 358
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://carryforward.woundedwarriorproject.org
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://carryforward.woundedwarriorproject.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://carryforward.woundedwarriorproject.org
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://carryforward.woundedwarriorproject.org/

Response headers

server: nginx/1.17.3
date: Thu, 19 Aug 2021 10:08:30 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgRGAMAgDwIm4A9GUjIOtmYLh/U89h/sra+C1u0Sr6DRJBHe495kJXEysFT7+AzEDoG4yAAAA;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame 9B8C
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTg3MTg3ODk3MjQ3MDg2NDUyMw==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESENmGed89-rYR5tTXzM9rjI0&google_cver=1

42 B
1 KB

125ms
33ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESENmGed89-rYR5tTXzM9rjI0&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://20801397p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 10:08:31 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 10:08:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESENmGed89-rYR5tTXzM9rjI0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK setuid
ib.adnxs.com/ Frame 9B8C 43 B
994 B 195ms
74ms Image
image/gif 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=18&code=1871878972470864523

Requested by

Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://20801397p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 10:08:31 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 7836bd97-0800-42d4-b897-76d85e7fe739
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 9B8C
Redirect Chain

https://stags.bluekai.com/site/4722?id=1871878972470864523&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D
https://p.rfihub.com/cm?bk_uuid=nsYSBy9999e%2Bwh8C&forward=

42 B
1 KB

142ms
31ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?bk_uuid=nsYSBy9999e%2Bwh8C&forward=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://20801397p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 10:08:31 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://p.rfihub.com/cm?bk_uuid=nsYSBy9999e%2Bwh8C&forward=
Date: Thu, 19 Aug 2021 10:08:31 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 6919
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 9B8C 0
239 B 171ms
33ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=1871878972470864523
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://20801397p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 9B8C
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1871878972470864523&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1871878972470864523&redir=

42 B
958 B

62ms
40ms

Image
image/gif

54.171.163.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1871878972470864523&redir=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.163.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-163-246.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://20801397p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v012-0921ed35a.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: +fKCtNUrSYs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v012-012f73cb5.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: TAntwuZOQUY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1871878972470864523&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9B8C
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1871878972470864523&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1871878972470864523&forward=&C=1

43 B
1006 B

70ms
48ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1871878972470864523&forward=&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://20801397p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 10:08:31 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 19 Aug 2021 10:08:31 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 10:08:31 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1871878972470864523&forward=&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 295
Expires: Thu, 19 Aug 2021 10:08:31 GMT

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 9B8C 0
445 B 27ms
6ms Image
text/plain 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~84c296ca4cae9f73fbcc48363a3cd4cd34be98f5&nwid=10000648372&sigv=1

Requested by

Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://20801397p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:31 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 200 360947.gif
idsync.rlcdn.com/ Frame 9B8C 42 B
415 B 95ms
45ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=1871878972470864523
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://20801397p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 10:08:31 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame 9B8C 43 B
191 B 290ms
169ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=1871878972470864523

Requested by

Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://20801397p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 10:08:31 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 19 Aug 2021 10:08:31 GMT
content-length: 43
strict-transport-security: max-age=2628000
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 9B8C
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1871878972470864523&img=1
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1871878972470864523&img=1&__user_check__=1&sync_id=682c97e2-00d5-11ec-b3ed-1afcdea00406

43 B
549 B

54ms
53ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1871878972470864523&img=1&__user_check__=1&sync_id=682c97e2-00d5-11ec-b3ed-1afcdea00406
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://20801397p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 10:08:31 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 110
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Thu, 19 Aug 2021 10:08:31 GMT
Server: nginx
Location: /partner?adv_id=7180&uid=1871878972470864523&img=1&__user_check__=1&sync_id=682c97e2-00d5-11ec-b3ed-1afcdea00406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 130
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame 9B8C 43 B
183 B 296ms
95ms Image
image/gif 2600:1f18:612b:4264:a698:31e8:5977:4024
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=1871878972470864523&r=vVAjg78x--xk
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:a698:31e8:5977:4024 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://20801397p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:31 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 9B8C 43 B
238 B 155ms
33ms Image
image/gif 18.158.92.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=1871878972470864523
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.92.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-92-16.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://20801397p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 10:08:31 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 9B8C 0
337 B 139ms
35ms Image
text/plain 52.210.205.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=1871878972470864523
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.205.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-205-137.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://20801397p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:31 GMT
cache-control: private, no-cache, no-store
x-request-time: D=30 t=1629367711
x-served-by: beacon-n002-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 9B8C
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=1871878972470864523&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1871878972470864523&expires=30

43 B
344 B

36ms
35ms

Image
image/gif

18.184.94.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1871878972470864523&expires=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.94.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-94-176.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://20801397p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1871878972470864523&expires=30
date: Thu, 19 Aug 2021 10:08:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 9B8C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YR4tnwADniaTogBg
https://p.rfihub.com/cm?in=1&pub=21653&userid=YR4tnwADniaTogBg&_test=YR4tnwADniaTogBg

42 B
1 KB

32ms
32ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=YR4tnwADniaTogBg&_test=YR4tnwADniaTogBg
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://20801397p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 10:08:32 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 10:08:31 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1629367712.997074,VS0,VE0
x-served-by: cache-fra19174-FRA
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=YR4tnwADniaTogBg&_test=YR4tnwADniaTogBg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 cksync.php
contextual.media.net/ Frame 9B8C 46 B
696 B 137ms
59ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=1871878972470864523

Requested by

Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://20801397p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Thu, 19 Aug 2021 10:08:31 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 46
x-mnet-hl2: E
expires: Thu, 19 Aug 2021 10:08:31 GMT

GET
H2 200 serving
bs.serving-sys.com/ Frame 9B8C 0
105 B 120ms
46ms Image
text/plain 3.125.192.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.192.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-192-222.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://20801397p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:31 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0
p3p: CP="NOI DEVa OUR BUS UNI"

GET
H2

200

pixel
fcmatch.youtube.com/ Frame 9B8C
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1871878972470864523&referrer=https%3A%2F%2Fcarryforward.woundedwarriorproject.org%2Findex.cfm%3Ffuseaction%3Dcms.page%26id%3D1021
https://p.rfihub.com/cm?pub=39342&in=0&userid=a0a68762-60fa-4985-bfa1-fe86b2167803%3A1629367712.01&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da0a68762-60fa-4985-bfa1-fe86b2167803...
https://idsync.rlcdn.com/501709.gif?partner_uid=a0a68762-60fa-4985-bfa1-fe86b2167803%3A1629367712.01
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwRS1lSFJBTFc1NXpRNkZnNGVmYzJzVDdISDZHMTM5TzJwOHJhYW9HWW9iOA==&google_cm
https://fcmatch.google.com/pixel?google_gm=AMnCDoomg7PbPtdSSfRkykNOKTIEhmX5Rb_xrfXnRgYE4hIjAy6Jd30PcaTla8UK4pXsRJdsymapWAzGn9Kykk7yVnCASmYo-VCPqWXXsmoiERiT4i8qvmQ7FN2MEgNjynf0H5dE5pK7lA1Ck7jKGAhkFu...
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoomg7PbPtdSSfRkykNOKTIEhmX5Rb_xrfXnRgYE4hIjAy6Jd30PcaTla8UK4pXsRJdsymapWAzGn9Kykk7yVnCASmYo-VCPqWXXsmoiERiT4i8qvmQ7FN2MEgNjynf0H5dE5pK7lA1Ck7jKGAhkF...

170 B
546 B

33ms
13ms

Image
image/png

2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDoomg7PbPtdSSfRkykNOKTIEhmX5Rb_xrfXnRgYE4hIjAy6Jd30PcaTla8UK4pXsRJdsymapWAzGn9Kykk7yVnCASmYo-VCPqWXXsmoiERiT4i8qvmQ7FN2MEgNjynf0H5dE5pK7lA1Ck7jKGAhkFu9kz54n9w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://20801397p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 10:08:32 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 10:08:32 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDoomg7PbPtdSSfRkykNOKTIEhmX5Rb_xrfXnRgYE4hIjAy6Jd30PcaTla8UK4pXsRJdsymapWAzGn9Kykk7yVnCASmYo-VCPqWXXsmoiERiT4i8qvmQ7FN2MEgNjynf0H5dE5pK7lA1Ck7jKGAhkFu9kz54n9w
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 403
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 9B8C 43 B
109 B 360ms
141ms Image
image/gif 34.239.62.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=1871878972470864523
Requested by: Host: carryforward.woundedwarriorproject.org
URL: https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.62.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-62-161.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://20801397p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 10:08:32 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2 200 plugins.js Show response
widgetapi.instabot.io/ 0
260 B 119ms
118ms XHR
application/javascript 44.193.181.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetapi.instabot.io/plugins.js?names=Statement%2CMultipleChoice%2CFreeText&v=2.0.9.18099
Requested by: Host: widget.instabot.io
URL: https://widget.instabot.io/jsapi/rokoInstabot.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.181.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-181-128.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 19 Aug 2021 10:08:31 GMT
cache-control: public,max-age=2147483647
x-responded-json: {"sessionExpired":false,"accessDenied":false,"metrics":{},"error":null,"httpRequestError":null,"requestId":"|d3329f15-4743e4a988aa3141."}
content-type: application/javascript
content-length: 0
access-control-expose-headers: *

GET
H2 200 rokoInstabot-widget.js Show response
widget.instabot.io/jsapi/ 235 KB
81 KB 45ms
12ms XHR
application/javascript 2600:9000:20eb:3e00:4:d371:a680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.instabot.io/jsapi/rokoInstabot-widget.js?v=2.0.9.18099
Requested by: Host: widget.instabot.io
URL: https://widget.instabot.io/jsapi/rokoInstabot.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3e00:4:d371:a680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1443830f4de482e4f4fc548d2938c685768f891c985e6d3aa933059c6e781b4e

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 01:03:28 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 14:08:33 GMT
age: 35523
etag: "1d78df134002b2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: Cp_HrIl_-NPlNtmdN6o-U0t3AmfWBEGZxzCEDhtGFNcy3xxuUywXXw==
via: 1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)

POST
H2 200 getClientUserInfo Show response
widgetapi.instabot.io/user/ 328 B
535 B 107ms
107ms XHR
application/json 44.193.181.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetapi.instabot.io/user/getClientUserInfo?apiKey=4H5BoB7Plrvntg3JtcRCl8BQjYh2V3kffkaFYh%2FNTl0%3D
Requested by: Host: widget.instabot.io
URL: https://widget.instabot.io/jsapi/rokoInstabot.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.181.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-181-128.compute-1.amazonaws.com
Software: /
Resource Hash: 790e45306570df8a6efd0a4de9408a022ee66b5ce21a2f42e3f2f4e8fe42c376

Request headers

DevCompanyId: 3526200
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=UTF-8
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://carryforward.woundedwarriorproject.org/
X-Requested-With: XMLHttpRequest
ApplicationSessionUuid: b865f9f8-1e17-44f8-ad0e-bc30f536b1a9
ApplicationId: 191175186

Response headers

access-control-allow-origin: *
date: Thu, 19 Aug 2021 10:08:32 GMT
content-encoding: br
x-responded-json: {"sessionExpired":false,"accessDenied":false,"metrics":{},"error":null,"httpRequestError":null,"requestId":"|46b1d3c7-4396ec73e9399b81."}
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-expose-headers: *

OPTIONS
H2 204 getClientUserInfo
widgetapi.instabot.io/user/ Frame 0
0 101ms
100ms Preflight 44.193.181.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetapi.instabot.io/user/getClientUserInfo?apiKey=4H5BoB7Plrvntg3JtcRCl8BQjYh2V3kffkaFYh%2FNTl0%3D
Protocol: H2
Server: 44.193.181.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-181-128.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: applicationid,applicationsessionuuid,content-type,devcompanyid,x-requested-with
Origin: https://carryforward.woundedwarriorproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 19 Aug 2021 10:08:32 GMT
access-control-allow-headers: applicationid,applicationsessionuuid,content-type,devcompanyid,x-requested-with
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ 43 B
635 B 50ms
50ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3853 9552a83 master cdg-pixel-x30 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://carryforward.woundedwarriorproject.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 10:08:40 GMT
Server: MT3 3853 9552a83 master cdg-pixel-x30
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 19 Aug 2021 10:10:58 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 8A14 43 B
489 B 50ms
50ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=581e611e-2d9e-4100-b66d-15b4fba74497&no_iframe=1&mt_adid=210975&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3853 9552a83 master cdg-pixel-x30 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=581e611e-2d9e-4100-b66d-15b4fba74497&no_iframe=1&mt_adid=210975&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 10:08:40 GMT
Server: MT3 3853 9552a83 master cdg-pixel-x30
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 19 Aug 2021 10:10:58 GMT

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.snapchat.com/	1970-01-20 05:57:43	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgRGAMAgDwIm4A9GUjIOtmYLh/U89h/sra+C1u0Sr6DRJBHe495kJXEysFT7+AzEDoG4yAAAA
.mathtag.com/	1970-01-19 21:19:19	Name: mt_misc Value: mt_bt:1
.mathtag.com/	1970-01-20 06:02:02	Name: uuid Value: 581e611e-2d9e-4100-b66d-15b4fba74497
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNrQwByILS3MjE3MDCzMTUyNjIT5DXaMkiygfj8Rgz2TdAgAMelJRJQAAAA
.rfihub.com/	1970-01-20 05:57:43	Name: rud Value: H4sIAAAAAAAAAOMSNrQwByILS3MjE3MDCzMTUyNjIT5DXaMkiygfj8Rgz2TdAileQzMjS2Mzc3NDQxNDSwDH_7N7NAAAAA
.woundedwarriorproject.org/	1970-01-23 12:12:07	Name: xdibx Value: N4Ig-mBGAeDGCuAnRIBcoAOGAuBnNAjAGwBMAnAMxEDs1BBFZJANCBgG6wB22hru-VMXJVa9Rizbtc3XkNaIkAGzQgQrJctUB6AJZcAJgFNoAOlgAzALYB-C.FxGAhrGy6A9lwC8sK7lMYTgDmRgBkugZeBAAMJATqIEp4hKSUNHQMTAC-rBAwGIhG7GigBk4AnoIA2sJpYgQALE0AujngUNBFRjyCwG15cBGqRACskESQTmSQALQjltQzDWQNBDNTBkRz1BZkFtEAHCQjaTO1otTRZEfxWUA___
.woundedwarriorproject.org/	1970-01-19 22:45:43	Name: _fbp Value: fb.1.1629367708560.1922851728
.woundedwarriorproject.org/	1970-01-20 06:05:54	Name: _scid Value: b67fbe16-620b-4725-a701-ab616c63c387
.woundedwarriorproject.org/	1970-01-20 05:57:43	Name: _uetvid Value: 6640765000d511ec9916f3cafe3a9010
.carryforward.woundedwarriorproject.org/	1970-01-20 05:21:43	Name: rokoAPI Value: %7B%22ApplicationSessionUuid%22%3A%22b865f9f8-1e17-44f8-ad0e-bc30f536b1a9%22%7D
carryforward.woundedwarriorproject.org/	1969-12-31 23:59:59	Name: rokoAPISession Value: b2af905c-dcff-48c5-af9e-fa2547817577
.woundedwarriorproject.org/	1970-01-19 20:37:34	Name: _uetsid Value: 6640579000d511eca9004b474fff0921
.carryforward.woundedwarriorproject.org/	1970-01-19 20:37:34	Name: _gid Value: GA1.3.1528050139.1629367708
.carryforward.woundedwarriorproject.org/	1970-01-19 20:36:07	Name: _gat_UA-2342200-1 Value: 1
.woundedwarriorproject.org/	1970-01-19 22:45:43	Name: _gcl_au Value: 1.1.837213777.1629367708
.woundedwarriorproject.org/	1970-01-20 05:21:43	Name: _hjid Value: a1ebd4c0-9cba-47bf-abb4-256e4b73b557
carryforward.woundedwarriorproject.org/	1969-12-31 23:59:59	Name: CFID Value: 502375
carryforward.woundedwarriorproject.org/	1969-12-31 23:59:59	Name: PUBLICAPPLANGUAGE Value: DEFAULT%3Ben%5FUS
.carryforward.woundedwarriorproject.org/	1970-01-19 20:36:07	Name: _gat Value: 1
.carryforward.woundedwarriorproject.org/	1970-01-20 14:07:19	Name: _ga Value: GA1.3.116484929.1629367708
.woundedwarriorproject.org/	1970-01-19 20:36:09	Name: __cf_bm Value: b9d3e0cc92c69cba5700d7c182f0ce2a0e12fc3f-1629367707-1800-AbvY5U1CWsmgAMEWJbyw2daoSnB2w2psRyc/CMA5vX0aR3IGvYTY9do35mIN90TjOOrGct7mMzx/4pmICbp0KCs=
.woundedwarriorproject.org/	1969-12-31 23:59:59	Name: __cfruid Value: db8529e052eca4e90c177991b83968fc692bec2f-1629367707
.rfihub.com/	1970-01-20 05:57:43	Name: eud Value: H4sIAAAAAAAAAJvFyGtoZmRpbGZubmhoYmS0Co1_Co3_Co3_C40_iQmVPwuNvwiNvwqNvwmNvwuN_wldPwuaflY0_dxo7kXjLxJG5T9C4wMANStoXiABAAA
.doubleclick.net/	1970-01-20 05:57:43	Name: IDE Value: AHWqTUkb_53deJZUUEGD98B2_XbQGUYqyCWRaSGGpsYaJTy4Q6LMRZ-KNVOH-zpxPN8
.woundedwarriorproject.org/	1970-01-19 20:36:09	Name: _hjFirstSeen Value: 1
carryforward.woundedwarriorproject.org/	1969-12-31 23:59:59	Name: COOKIETEST Value: 1
carryforward.woundedwarriorproject.org/	1969-12-31 23:59:59	Name: CFTOKEN Value: dc66a4a39677e791-AAD55617-C6AF-DAC5-B2A6EC154454B0FC
carryforward.woundedwarriorproject.org/	1970-01-19 20:46:12	Name: AWSALBCORS Value: 2WOvxZ0G53o7V1Cbmg3soyGf+1QbeEXouLu9D1bCCOHRdfggtKqCudebnNOGwYB23YqjmGB+CL3jt52y8pZpZr1GdYJZQkFvgxrCmuiPlySKZEoXWtArxqjE1aRs
carryforward.woundedwarriorproject.org/	1970-01-19 20:46:12	Name: AWSALB Value: 2WOvxZ0G53o7V1Cbmg3soyGf+1QbeEXouLu9D1bCCOHRdfggtKqCudebnNOGwYB23YqjmGB+CL3jt52y8pZpZr1GdYJZQkFvgxrCmuiPlySKZEoXWtArxqjE1aRs

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js(Line 2) Message: jQuery.Deferred exception: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at HTMLDocument.<anonymous> (https://carryforward.woundedwarriorproject.org/index.cfm?fuseaction=cms.page&id=1021:217:35) at l (https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js:2:29375) at c (https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js:2:29677) undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20801397p.rfihub.com
6871501.fls.doubleclick.net
a.rfihub.com
aa.agkn.com
ad.doubleclick.net
ads.yahoo.com
adservice.google.com
ajax.googleapis.com
assets.donordrive.com
bat.bing.com
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
c1.rfihub.net
carryforward.woundedwarriorproject.org
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
d.adroll.com
d.adroll.mgr.consensu.org
dpm.demdex.net
dsum-sec.casalemedia.com
fcmatch.google.com
fcmatch.youtube.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
lightboxapi.azurewebsites.net
live.rezync.com
p.rfihub.com
partners.tremorhub.com
pixel.mathtag.com
pixel.mediaiqdigital.com
pixel.rubiconproject.com
platform.twitter.com
rs.gwallet.com
s.adroll.com
sc-static.net
script.hotjar.com
secure.adnxs.com
stags.bluekai.com
static.hotjar.com
static.instabot.io
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
syndication.twitter.com
tr.snapchat.com
vars.hotjar.com
widget.instabot.io
widgetapi.instabot.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.lightboxcdn.com
www.youtube.com
x.bidswitch.net
x.dlx.addthis.com
104.111.215.191
104.244.42.136
13.224.96.41
13.224.96.63
13.224.96.84
13.224.96.91
13.224.96.92
142.250.181.230
142.250.186.34
142.250.74.194
151.101.14.49
172.217.23.102
18.158.92.16
18.184.94.176
185.33.221.11
185.33.221.89
185.94.180.126
193.0.160.128
193.0.160.129
199.127.207.184
2.18.233.201
2.18.234.21
2.18.235.93
20.40.202.0
2600:1f18:612b:4264:a698:31e8:5977:4024
2600:9000:20eb:3e00:4:d371:a680:93a1
2600:9000:2156:5a00:4:eb35:4040:93a1
2600:9000:2190:3e00:1:76cf:fe80:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700::6810:4ea5
2606:4700::6812:195c
2606:4700::6812:dfe4
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:800::200e
2a00:1450:4001:801::200a
2a00:1450:4001:803::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2003
2a00:1450:4001:812::2004
2a00:1450:4001:827::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200e
2a00:1450:400c:c08::9b
2a02:26f0:6c00::210:baab
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.125.192.222
34.239.62.161
35.186.226.184
35.244.174.68
44.193.181.128
52.210.205.137
52.213.68.56
52.28.242.97
54.171.163.246
69.173.144.139
0071cf1a37018d7b72d37127869284b1ca124f77c75185df76a09d4035d11c7d
00a5a021da3615664424196cd950673027f4f1cf8bec0cccf5704112f70677b2
062b837e94358739b1f2f6968687761958fdbe26c7e5fce0b28b30150ed022e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
1039eab32fed7d3c66502cf1edc14d051b8f3b9742bceef598f75617191ddc22
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
1443830f4de482e4f4fc548d2938c685768f891c985e6d3aa933059c6e781b4e
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1857c29af57acb9fd4981203cff9022305cb439c626da3e27e05422568296321
18a49c16534f3fb376a7dfedcb1251195c5432a08ae447c6cdf6068c4db28b94
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
1c3bd00be556bf95f92a2ab1119b8b26544a1997ab0c09f86490bc32339ad32e
1c53b8e59577a7352e8234fdcde0bc7f799a023a1d2d1db910ab4cc34162d3d4
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2c1dfbf8036edd001f5269940af89bac71bdf154b9da41eb82a915fd5818e7c9
2ec8f243f173a1bc2cac32f159d0dabd229ada6e6e4b15f1649b7f00f2440c1f
304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65
31bbe60bc77845a9203ff40235ce3f6731a1e68b870585b5be050018619ec40e
31de8f5493b30cf99ab1adb6974db3c2e978f43a8b2c42c0d6b7a0a1fbe32b62
393fcae2d2c94717f243586da03a373927a4b8bcaaf110b972a903b90a17c30a
426698875df85118c3acf694dc4a39795711fe59558893ce9a7367940494d013
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
475ee56bae90219803383818328726c434688fc75cb33a2276b3d98991124d2e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f64293f9dbca185e686a3eed21fa8f2d0a377c6601c12aabd409c8111367199
525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55397b2aa29ac9fe384bd2f35e60359322fe3451011e4d31b51d97aae6b85a05
579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4
5a445777b703cfaeacb4bcfbd22af71ccfbf031f4061249afa770f2a647f675c
5bd085ae9683aaf57ae67bb6bd1f645359b5a1150b548e79ee0c7be68a2e3a23
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257
61926168edd801a81323a46e45a3ccf2c9c5def4d3fad4f7b187d38f6ba94608
6567eb4bfeb13f49885b4b1cd141fd55488b23396ba4917cd5ddce71367318ec
66a1021ccf3d1d6623857492cf66ebf0ca2b40fba3fea582793bef9ed058bb75
6b2d9ab41e9f217cd0c02b188e174e84b4027f5ce480e11fe8c069917d6604d3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
790e45306570df8a6efd0a4de9408a022ee66b5ce21a2f42e3f2f4e8fe42c376
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7d584300dde62ca51c299d22e9041cd3e4da79137f4402ae86aa7a943ef92b54
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7f34bd4ca21fd0f0d45af6d848b6f3eda13c0b63316a5b6808e35ccf0a926228
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89ed596b3b87203d8092c53f2df5da8cda45a97fb56ac7d38d4b1f19ab219dbf
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
92de949a4c5c2259633274889620ab64bf9b333fce2666791bfb76a2ad01bdfd
941cc11ac0c50cdf210301b30fe80d9cc9b3559e9d7fd408130f37880a3d6811
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99f254c91f867085c0e31628acd61018e527b2043de3f9362a3729fd3b18c65a
9f28dcb1854b42b84b97f1032498d4b2f6596065c828952d5e9f53518c50a786
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2d151e02826e56d0e28b8b5fc268b9e6f3a86048f748c8c6d2a8dbc19beee38
a30b40d1b588d3fd600f1288337ac742140783b3b27b4736238f0d6751106576
a491991df4c5942bcf0469efac2add4659d262dfea2f82da4356dce615c065a1
a79d63d011a2e105dbfd8cbd0f50f655f2613a9a82d128436390c415fd176d21
a92b99b413aa8afe65e9a4943c148fdedab142e7b913dafc52a040d850a5b197
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8e39dad2211fe2aafd3c487471c94934a5230aeb00608f59b80c880ce777440
ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253
bf4e754e708ffd99468f3b9764a14e63e5e7409dff4630f7ee63313bdff1e97d
bfbe7861734f7e03adc7acf9e95743f20e0575a2da102d5c155e01ee47fc237b
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
cdeb142238b19ef6fca1d8a4b20a9fe33b87c5676784af6c3cb2852009553b86
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3bee6338f19ec6f2202022fcd9cdfb5f3c80d7f2bad08c16dfcd672f3da6de9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e35c3f8d7110331e2caf2049605d7b2409a56c51f9a66ea4be7243a705859eb6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e5606a0a254e0c87a339d40975fff730cff57442ccd98580ac5cd37f412678
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e6648b04e414e1e9fe5291e31e47fae11425d5180dd7c1da6743e5cf840f3e37
e821dce79820bb07776b4a29341814407425baced821209e7b29b4633875ae70
eb046dc1578571f496bbfdc5d16c9577a49d54112b96450771b600d39a069905
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efaa82490f1e59a161aac3b05e2b626ad2f24d87e803d61b0044d368272eca15
efd88c50a998b162ddd3fbea4afbcdb6c0e92277d355823dd0cf1cb164c11017
f2ac4bdad8dd297f3c818f3b1e718a1aaab505822e7dc9613c426057b74b372e
f4401f65be9f6f2c111a9c74d416b5c0dd3fca273220ee82577b37fc4f0bff1c
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
fa639fe6dbace4f02125808361febc2e69fff35d7a2d1b44b45f2070a032eb9d
fd625905ebe39a6a3782624374ecc59b75d68d40c0d2eea5dbfc83c1d2fdf029
ff254ff8b44fa2c68c16fb8d993b7d3312e8695bdcaceffad1788a7224364555

carryforward.woundedwarriorproject.org Open in urlscan Pro 2606:4700::6812:195c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

122 Requests

100 %HTTPS

43 %IPv6

46 Domains

63 Subdomains

54 IPs

5 Countries

1988 kBTransfer

5640 kBSize

29 Cookies

21 Outgoing links

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

carryforward.woundedwarriorproject.org Open in urlscan Pro
2606:4700::6812:195c Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

100 %
HTTPS

43 %
IPv6

46
Domains

63
Subdomains

54
IPs

5
Countries

1988 kB
Transfer

5640 kB
Size

29
Cookies

122 HTTP transactions
0 data transactions