fundraiser.sesameworkshop.org Open in urlscan Pro
52.188.24.159 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.e.sesame.org/?qs=d9e0d9d6c548b9455bc536c3649ef037bff51bcc80f586390fd87f03d0938be619d44a76ec6642306ba99cf4442c...
Effective URL:
https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73...
Submission: On June 01 via api (June 1st 2023, 11:05:43 pm UTC) from US — Scanned from DE

Summary HTTP 133 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 47 IPs in 7 countries across 41 domains to perform 133 HTTP transactions. The main IP is 52.188.24.159, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is fundraiser.sesameworkshop.org.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 28th 2023. Valid for: 6 months.

This is the only time fundraiser.sesameworkshop.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	128.245.146.212 128.245.146.212	14340 (SALESFORCE) (SALESFORCE)
4	52.188.24.159 52.188.24.159	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
6	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
13	2600:9000:215... 2600:9000:2156:0:d:7e10:cb00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:4e:1... 2620:1ec:4e:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
16	52.151.222.61 52.151.222.61	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:310... 2a02:26f0:3100::1735:2baa	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6 9	2620:12a:8000::3 2620:12a:8000::3	54113 (FASTLY) (FASTLY)
2 4	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1	2600:9000:214... 2600:9000:214f:4e00:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.0.114 151.101.0.114	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
4 6	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
4	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 4	65.9.66.84 65.9.66.84	16509 (AMAZON-02) (AMAZON-02)
4 4	3.225.23.173 3.225.23.173	14618 (AMAZON-AES) (AMAZON-AES)
2	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1 2	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	52.16.141.94 52.16.141.94	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.57.150.20 52.57.150.20	16509 (AMAZON-02) (AMAZON-02)
1	95.101.148.20 95.101.148.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.158.245.95 54.158.245.95	14618 (AMAZON-AES) (AMAZON-AES)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	23.212.211.126 23.212.211.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2600:1f18:612... 2600:1f18:612b:4280:b81b:c2a7:74de:5e7e	14618 (AMAZON-AES) (AMAZON-AES)
1	18.196.21.37 18.196.21.37	16509 (AMAZON-02) (AMAZON-02)
1	54.76.219.151 54.76.219.151	16509 (AMAZON-02) (AMAZON-02)
1 2	3.69.149.154 3.69.149.154	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
2	52.35.165.45 52.35.165.45	16509 (AMAZON-02) (AMAZON-02)
5	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
12	52.179.73.44 52.179.73.44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
133	47

1 128.245.146.212 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: click.e.sesame.org

click.e.sesame.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.188.24.159 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

fundraiser.sesameworkshop.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:2156:0:d:7e10:cb00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn3.rallybound.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:4e:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

js.monitor.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 52.151.222.61 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

payments.rallybound.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3100::1735:2baa (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

image.e.sesame.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2620:12a:8000::3 (United States) 6 redirects

ASN54113 (FASTLY, US)

www.sesameworkshop.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sesameworkshop.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

10123262.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:4e00:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.114 (United States)

ASN54113 (FASTLY, US)

cdn.evgnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 193.0.160.131 (United States) 4 redirects

ASN54312 (ROCKETFUEL, US)

20826432p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.66.84 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-84.fra56.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.225.23.173 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-23-173.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.84 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.16.141.94 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-141-94.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.150.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.158.245.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-245-95.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.211.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-211-126.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:b81b:c2a7:74de:5e7e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.21.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-21-37.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.219.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-219-151.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.69.149.154 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-149-154.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.35.165.45 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-165-45.us-west-2.compute.amazonaws.com

sesameworkshop.us-7.evergage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.179.73.44 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

eastus-0.in.applicationinsights.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	rallybound.com cdn3.rallybound.com — Cisco Umbrella Rank: 465330 payments.rallybound.com	2 MB
13	azure.com js.monitor.azure.com — Cisco Umbrella Rank: 1600 eastus-0.in.applicationinsights.azure.com — Cisco Umbrella Rank: 117164	46 KB
13	sesameworkshop.org 6 redirects fundraiser.sesameworkshop.org www.sesameworkshop.org sesameworkshop.org — Cisco Umbrella Rank: 748979	188 KB
10	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49 region1.google-analytics.com — Cisco Umbrella Rank: 1866	21 KB
8	google.com www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 103	48 KB
7	doubleclick.net 3 redirects 10123262.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 51 stats.g.doubleclick.net — Cisco Umbrella Rank: 111 cm.g.doubleclick.net — Cisco Umbrella Rank: 231	5 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 66 ajax.googleapis.com — Cisco Umbrella Rank: 398	55 KB
6	rfihub.com 4 redirects 20826432p.rfihub.com p.rfihub.com — Cisco Umbrella Rank: 859 a.rfihub.com — Cisco Umbrella Rank: 3319	9 KB
5	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 2296	233 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	400 KB
4	liadm.com 4 redirects i.liadm.com — Cisco Umbrella Rank: 618	2 KB
4	rezync.com 4 redirects live.rezync.com — Cisco Umbrella Rank: 1961	3 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	249 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	312 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 165	222 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 383	13 KB
3	sesame.org 1 redirects click.e.sesame.org image.e.sesame.org	450 KB
2	evergage.com sesameworkshop.us-7.evergage.com	3 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 702	642 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 340	917 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 741	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 568	2 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 216	2 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 239	2 KB
2	pippio.com pippio.com — Cisco Umbrella Rank: 885	140 B
2	google.de www.google.de — Cisco Umbrella Rank: 5230	562 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 530	7 KB
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 634	338 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 517	377 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1168	175 B
1	addthis.com x.dlx.addthis.com — Cisco Umbrella Rank: 1414	182 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 419	98 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 1699	109 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 638	625 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1123	344 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 474	273 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 899	424 B
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1144	632 B
1	evgnet.com cdn.evgnet.com — Cisco Umbrella Rank: 3991	50 KB
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 5587	6 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 745	8 KB
133	41

	Domain	Requested by
16	payments.rallybound.com	cdn3.rallybound.com payments.rallybound.com
13	cdn3.rallybound.com	fundraiser.sesameworkshop.org cdn3.rallybound.com
12	eastus-0.in.applicationinsights.azure.com	az416426.vo.msecnd.net js.monitor.azure.com
8	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com fundraiser.sesameworkshop.org
6	sesameworkshop.org	3 redirects fundraiser.sesameworkshop.org
6	www.google.com	fundraiser.sesameworkshop.org www.gstatic.com www.google.com
6	fonts.googleapis.com	fundraiser.sesameworkshop.org payments.rallybound.com
5	az416426.vo.msecnd.net	payments.rallybound.com
4	i.liadm.com	4 redirects
4	p.rfihub.com	3 redirects fundraiser.sesameworkshop.org
4	live.rezync.com	4 redirects
4	www.facebook.com	fundraiser.sesameworkshop.org
4	10123262.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	www.googletagmanager.com	fundraiser.sesameworkshop.org www.googletagmanager.com
4	fundraiser.sesameworkshop.org	fundraiser.sesameworkshop.org
3	connect.facebook.net	fundraiser.sesameworkshop.org connect.facebook.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com fundraiser.sesameworkshop.org
3	www.sesameworkshop.org	3 redirects
3	www.gstatic.com	www.google.com
2	sesameworkshop.us-7.evergage.com	js.monitor.azure.com cdn.evgnet.com
2	sync-tm.everesttech.net	2 redirects
2	x.bidswitch.net	1 redirects fundraiser.sesameworkshop.org
2	sync.search.spotxchange.com	1 redirects fundraiser.sesameworkshop.org
2	dsum-sec.casalemedia.com	1 redirects fundraiser.sesameworkshop.org
2	dpm.demdex.net	1 redirects fundraiser.sesameworkshop.org
2	ib.adnxs.com	1 redirects fundraiser.sesameworkshop.org
2	pippio.com
2	www.google.de	fundraiser.sesameworkshop.org
2	adservice.google.com	10123262.fls.doubleclick.net
2	s.yimg.com	fundraiser.sesameworkshop.org js.monitor.azure.com
2	image.e.sesame.org	fundraiser.sesameworkshop.org
2	region1.google-analytics.com	www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
1	beacon.krxd.net	fundraiser.sesameworkshop.org
1	aa.agkn.com	fundraiser.sesameworkshop.org
1	partners.tremorhub.com	fundraiser.sesameworkshop.org
1	x.dlx.addthis.com	fundraiser.sesameworkshop.org
1	idsync.rlcdn.com	fundraiser.sesameworkshop.org
1	bpi.rtactivate.com	fundraiser.sesameworkshop.org
1	contextual.media.net	fundraiser.sesameworkshop.org
1	ps.eyeota.net	fundraiser.sesameworkshop.org
1	us-u.openx.net	fundraiser.sesameworkshop.org
1	image2.pubmatic.com	fundraiser.sesameworkshop.org
1	a.rfihub.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	sp.analytics.yahoo.com	fundraiser.sesameworkshop.org
1	20826432p.rfihub.com	c1.rfihub.net
1	stats.g.doubleclick.net	js.monitor.azure.com
1	cdn.evgnet.com	www.googletagmanager.com
1	c1.rfihub.net	fundraiser.sesameworkshop.org
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	js.monitor.azure.com	fundraiser.sesameworkshop.org
1	ajax.googleapis.com	fundraiser.sesameworkshop.org
1	code.jquery.com	fundraiser.sesameworkshop.org
1	click.e.sesame.org	1 redirects
133	55

This site contains links to these domains. Also see Links.

Domain
www.sesameworkshop.org
policies.google.com
neonone.com
www.guidestar.org
www.bbb.org
www.globalgiving.org

Subject Issuer	Validity	Valid
rallybound.com Go Daddy Secure Certificate Authority - G2	`2023-03-28` - `2023-10-04`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.rallybound.com Go Daddy Secure Certificate Authority - G2	`2023-04-18` - `2024-05-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
js.monitor.azure.com Microsoft Azure TLS Issuing CA 01	`2023-03-23` - `2024-03-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
san-22-s12.tlsprovisioning.exacttarget.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2023-05-29` - `2024-06-28`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-11` - `2023-06-09`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-22` - `2023-07-12`	2 months	crt.sh
*.rfihub.net Amazon RSA 2048 M01	`2023-02-24` - `2023-12-29`	10 months	crt.sh
cdn.evergage.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-06` - `2024-03-04`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-27` - `2024-04-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-30` - `2023-11-22`	6 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
rtactivate.com Amazon RSA 2048 M01	`2023-03-14` - `2024-04-11`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.us-7.evergage.com Amazon RSA 2048 M01	`2023-02-07` - `2023-09-29`	8 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2023-05-05` - `2024-04-28`	a year	crt.sh
prod.ai.ingestion.msftcloudes.com Microsoft Azure TLS Issuing CA 02	`2023-03-20` - `2024-03-14`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Frame ID: 74B96E5D61E168C9E5AB5CA648D878B9
Requests: 68 HTTP requests in this frame

Frame: https://payments.rallybound.com/iframe/Root?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3
Frame ID: 6C42282651233B3266E8C056B040966D
Requests: 6 HTTP requests in this frame

Frame: https://10123262.fls.doubleclick.net/activityi;dc_pre=CKGen8uXo_8CFcWpUQodsUIMfQ;src=10123262;type=site40;cat=sesam00;ord=9858740425486;gtm=45He35v0;auiddc=935958600.1685660736;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680
Frame ID: 3C7FEBFF6EE0734A59353882FC51E6A2
Requests: 2 HTTP requests in this frame

Frame: https://10123262.fls.doubleclick.net/activityi;dc_pre=CNPcn8uXo_8CFWsgBgAdOdACag;src=10123262;type=site40;cat=sesam0;ord=4106698050473;gtm=45He35v0;auiddc=935958600.1685660736;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680
Frame ID: 697CA91F5AA90B4FB634DBBD55025FCF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeyosgUAAAAAK6tAS0BOKqSTbWkAYwuL98JvcVE&co=aHR0cHM6Ly9mdW5kcmFpc2VyLnNlc2FtZXdvcmtzaG9wLm9yZzo0NDM.&hl=de&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=dxfmpdqzwmci
Frame ID: 3D9D0EB1B519E60B72E379E4BCAB558E
Requests: 5 HTTP requests in this frame

Frame: https://20826432p.rfihub.com/ca.html?ver=9&rb=42543&ca=20826432&_o=42543&_t=20826432&pe=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680&pf=&ra=04404115554320476
Frame ID: 28C66067F1A8D1057EF35F1A07832328
Requests: 19 HTTP requests in this frame

Frame: https://payments.rallybound.com/iframe/CardNumber?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3&rb-placeholder=Card%20Number&rb-class=newFormInput%20&rb-showissuer=1
Frame ID: 12562DF634D6C333B34BDE17CA38CDEF
Requests: 7 HTTP requests in this frame

Frame: https://payments.rallybound.com/iframe/CardMonth?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3&rb-placeholder=MM&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=12
Frame ID: 550431935028B9925035033744214F23
Requests: 6 HTTP requests in this frame

Frame: https://payments.rallybound.com/iframe/CardYear?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3&rb-placeholder=YYYY&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=10
Frame ID: 7E60E4BFCB8934720751E42212179D58
Requests: 6 HTTP requests in this frame

Frame: https://payments.rallybound.com/iframe/CardCvv?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3&rb-placeholder=CVV&rb-class=newFormInput%20
Frame ID: B8DEBE529FC902A7771019B48725ED25
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate - Donate | Sesame Workshop

Page URL History Show full URLs

https://click.e.sesame.org/?qs=d9e0d9d6c548b9455bc536c3649ef037bff51bcc80f586390fd87f03d0938be619d44a76... HTTP 302
https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&test... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

133
Requests

91 %
HTTPS

46 %
IPv6

41
Domains

55
Subdomains

47
IPs

7
Countries

3794 kB
Transfer

6679 kB
Size

54
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sesameworkshop.org/
Title: Sesame Workshop

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms

Search URL Search Domain Scan URL

URL: https://neonone.com/products/neon-fundraise/

Search URL Search Domain Scan URL

URL: https://neonone.com/privacypolicy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.guidestar.org/profile/13-2655731

Search URL Search Domain Scan URL

URL: https://www.bbb.org/new-york-city/charity-reviews/charity-children-and-youth/sesame-workshop-in-new-york-ny-153900/#sealclick

Search URL Search Domain Scan URL

URL: https://www.globalgiving.org/

Search URL Search Domain Scan URL

URL: https://www.sesameworkshop.org/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.sesameworkshop.org/contact-us
Title: Contact Us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.e.sesame.org/?qs=d9e0d9d6c548b9455bc536c3649ef037bff51bcc80f586390fd87f03d0938be619d44a76ec6642306ba99cf4442c32d54ffdcfa183c4bd2d7268c157b28a1931 HTTP 302
https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://www.sesameworkshop.org/assets/images/seal_transparencygold2019.png HTTP 301
https://sesameworkshop.org/assets/images/seal_transparencygold2019.png HTTP 301
https://sesameworkshop.org/wp-content/uploads/2023/04/candid-seal-gold-2023.png

Request Chain 31

https://www.sesameworkshop.org/assets/images/seal_bbb.png HTTP 301
https://sesameworkshop.org/assets/images/seal_bbb.png HTTP 301
https://sesameworkshop.org/wp-content/uploads/2023/04/seal_bbb.png

Request Chain 32

https://www.sesameworkshop.org/assets/images/seal_topranked2020.png HTTP 301
https://sesameworkshop.org/assets/images/seal_topranked2020.png HTTP 301
https://sesameworkshop.org/wp-content/uploads/2023/04/seal_topranked2020.png

Request Chain 33

https://10123262.fls.doubleclick.net/activityi;src=10123262;type=site40;cat=sesam00;ord=9858740425486;gtm=45He35v0;auiddc=935958600.1685660736;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680 HTTP 302
https://10123262.fls.doubleclick.net/activityi;dc_pre=CKGen8uXo_8CFcWpUQodsUIMfQ;src=10123262;type=site40;cat=sesam00;ord=9858740425486;gtm=45He35v0;auiddc=935958600.1685660736;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680

Request Chain 34

https://10123262.fls.doubleclick.net/activityi;src=10123262;type=site40;cat=sesam0;ord=4106698050473;gtm=45He35v0;auiddc=935958600.1685660736;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680 HTTP 302
https://10123262.fls.doubleclick.net/activityi;dc_pre=CNPcn8uXo_8CFWsgBgAdOdACag;src=10123262;type=site40;cat=sesam0;ord=4106698050473;gtm=45He35v0;auiddc=935958600.1685660736;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680

Request Chain 68

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455419462380425&referrer=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=0bd5341e-a85f-4955-b360-c1ab515623cc%3A1685660736.8133814&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D0bd5341e-a85f-4955-b360-c1ab515623cc%253A1685660736.8133814%26pid%3D500040%26it%3D1%26iv%3D0bd5341e-a85f-4955-b360-c1ab515623cc%253A1685660736.8133814%26_%3D1685660736.8144987&cb=1685660736.814537 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455419462380425&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D0bd5341e-a85f-4955-b360-c1ab515623cc%253A1685660736.8133814%26pid%3D500040%26it%3D1%26iv%3D0bd5341e-a85f-4955-b360-c1ab515623cc%253A1685660736.8133814%26_%3D1685660736.8144987 HTTP 302
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=0bd5341e-a85f-4955-b360-c1ab515623cc%3A1685660736.8133814&pid=500040&it=1&iv=0bd5341e-a85f-4955-b360-c1ab515623cc%3A1685660736.8133814&_=1685660736.8144987 HTTP 303
https://i.liadm.com/s/56409?bidder_id=200442&it=1&bidder_uuid=0bd5341e-a85f-4955-b360-c1ab515623cc:1685660736.8133814&pid=500040&_li_chk=true&_=1685660736.8144987&iv=0bd5341e-a85f-4955-b360-c1ab515623cc:1685660736.8133814&previous_uuid=e6da1317230d47988ba89fcaad9647a0 HTTP 303
https://pippio.com/api/sync?it=1&pid=500040&_=1685660736.8144987&iv=0bd5341e-a85f-4955-b360-c1ab515623cc:1685660736.8133814

Request Chain 69

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzNDQ1NTQxOTQ2MjM4MDQyNQ==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEPRV65g6To1q-DhgzQQmJGk&google_cver=1 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455419462380425&referrer={encSite}&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=0bd5341e-a85f-4955-b360-c1ab515623cc%3A1685660736.8133814&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D0bd5341e-a85f-4955-b360-c1ab515623cc%253A1685660736.8133814%26pid%3D500040%26it%3D1%26iv%3D0bd5341e-a85f-4955-b360-c1ab515623cc%253A1685660736.8133814%26_%3D1685660736.9978933&cb=1685660736.9979343 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455419462380425&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D0bd5341e-a85f-4955-b360-c1ab515623cc%253A1685660736.8133814%26pid%3D500040%26it%3D1%26iv%3D0bd5341e-a85f-4955-b360-c1ab515623cc%253A1685660736.8133814%26_%3D1685660736.9978933 HTTP 302
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=0bd5341e-a85f-4955-b360-c1ab515623cc%3A1685660736.8133814&pid=500040&it=1&iv=0bd5341e-a85f-4955-b360-c1ab515623cc%3A1685660736.8133814&_=1685660736.9978933 HTTP 303
https://i.liadm.com/s/56409?bidder_id=200442&it=1&bidder_uuid=0bd5341e-a85f-4955-b360-c1ab515623cc:1685660736.8133814&pid=500040&_li_chk=true&_=1685660736.9978933&iv=0bd5341e-a85f-4955-b360-c1ab515623cc:1685660736.8133814&previous_uuid=05f302fe71c74e2e810284f600ff4689 HTTP 303
https://pippio.com/api/sync?it=1&pid=500040&_=1685660736.9978933&iv=0bd5341e-a85f-4955-b360-c1ab515623cc:1685660736.8133814

Request Chain 70

https://ib.adnxs.com/setuid?entity=18&code=5134455419462380425 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5134455419462380425

Request Chain 71

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5134455419462380425&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5134455419462380425&redir=

Request Chain 74

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5134455419462380425&bid=omt9pi0

Request Chain 77

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5134455419462380425&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5134455419462380425&forward=&C=1

Request Chain 80

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5134455419462380425&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5134455419462380425&img=1&__user_check__=1&sync_id=d1d1d03e-00d0-11ee-abe4-153cf9b00506

Request Chain 84

https://x.bidswitch.net/sync?dsp_id=119&user_id=5134455419462380425&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD} HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5134455419462380425&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}

Request Chain 85

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZHkkQAAAAMpAgABI HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZHkkQAAAAMpAgABI&_test=ZHkkQAAAAMpAgABI

133 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Donate Show response
fundraiser.sesameworkshop.org/donate-main/
Redirect Chain

https://click.e.sesame.org/?qs=d9e0d9d6c548b9455bc536c3649ef037bff51bcc80f586390fd87f03d0938be619d44a76ec6642306ba99cf4442c32d54ffdcfa183c4bd2d7268c157b28a1931
https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680

121 KB
121 KB

544ms
128ms

Document
text/html

52.188.24.159
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.188.24.159 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a61c3c57beeee91aa25ea36f90c7801d17bcd24136cb19a47a8c8e9bb85a3a57

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' admin.rallybound.com sesameworkshop.org *.sesameworkshop.org; report-uri https://rest.rallybound.com/api/cspreport;
Strict-Transport-Security	max-age=15552000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: Request-Context
cache-control: no-cache, no-store
content-length: 123624
content-security-policy: frame-ancestors 'self' admin.rallybound.com sesameworkshop.org *.sesameworkshop.org; report-uri https://rest.rallybound.com/api/cspreport;
content-type: text/html; charset=utf-8
date: Thu, 01 Jun 2023 23:05:35 GMT
expires: -1
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458
strict-transport-security: max-age=15552000;

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 273
Content-Type: text/html; charset=utf-8
Date: Thu, 01 Jun 2023 23:05:34 GMT
Location: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 172 KB
63 KB 43ms
20ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-38313123-1&l=analyticsDataLayer

Requested by

Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a40ffe9c5fb27fd8127958c24627c81664e6985a6b16c2854e3e2cc681b9dff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:05:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 64268
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jun 2023 23:05:35 GMT

GET
H2 200 jquery-ui.css
code.jquery.com/ui/1.11.2/themes/smoothness/ 34 KB
8 KB 34ms
9ms Stylesheet
text/css 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.11.2/themes/smoothness/jquery-ui.css
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 95d5b67a78f81f3c071b01f888c9a468c13c8288597b64c99ff829e35b51a012

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:05:35 GMT
content-encoding: gzip
last-modified: Sun, 04 Dec 2022 10:56:54 GMT
server: nginx
etag: W/"638c7cf6-898c"
vary: Accept-Encoding
x-hw: 1685660735.dop109.fr8.t,1685660735.cds248.fr8.hn,1685660735.cds217.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 8056

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
867 B 53ms
31ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

Requested by

Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

01ceac19d4db649328dab8cb759c7bcba6e3ca9f3605723bc0fdd80c1c4d2c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Jun 2023 23:05:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 21:12:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Jun 2023 23:05:35 GMT

GET
H2 200 alldash-fonts.css
fundraiser.sesameworkshop.org/Content/Global/css/ 5 KB
1 KB 180ms
179ms Stylesheet
text/css 52.188.24.159
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://fundraiser.sesameworkshop.org/Content/Global/css/alldash-fonts.css
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.188.24.159 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fc2e5798ba2f836daefe1fa3dbcabc1a80a7f918495b8cbbdd10fc5fb7f6b2d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:05:35 GMT
content-encoding: gzip
last-modified: Wed, 17 Feb 2021 03:57:16 GMT
etag: "0f6f0fae04d71:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 1125
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 18069.standalone-override.B5DD40CA5F6DDFD7F8D37304E92CD4A2.min.css
cdn3.rallybound.com/Content/css/ 414 KB
415 KB 64ms
9ms Stylesheet
text/css 2600:9000:2156:0:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.rallybound.com/Content/css/18069.standalone-override.B5DD40CA5F6DDFD7F8D37304E92CD4A2.min.css
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a6f55bd1aa72f9f186f5b15cdec0785bfb182ed99ca9f4f068c0822af18506df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 24 May 2023 10:14:12 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
last-modified: Wed, 24 May 2023 04:33:20 GMT
x-amz-cf-pop: FRA50-C1
age: 737483
etag: "17284cdef88dd91:0"
x-cache: Hit from cloudfront
content-type: text/css
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 423891
x-amz-cf-id: DgBzbYEmsZ_S2gCRLe8udnrhruwxr_qBSpdeHbtTV5pmK1oV4pUi2g==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 jquery-1.7.1.1C74CFE599A12FDF6817158BE44B4A39.min.js Show response
cdn3.rallybound.com/Content/js/ 122 KB
122 KB 72ms
17ms Script
application/javascript 2600:9000:2156:0:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.rallybound.com/Content/js/jquery-1.7.1.1C74CFE599A12FDF6817158BE44B4A39.min.js
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4122ec76cfe36f6e64359e81f16dc9902781dae082df0f497232692792485ad8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 04:04:01 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
last-modified: Thu, 30 Mar 2023 03:38:59 GMT
x-amz-cf-pop: FRA50-C1
age: 5511694
etag: "8fd4bd29b962d91:0"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 124532
x-amz-cf-id: MtdX5umXGmjfYoNA1ToArLNsgMspq4Fs59KNUgwKiE_lttQVaW2rkQ==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/ 197 KB
52 KB 43ms
6ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/jquery-ui.min.js

Requested by

Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72d9830a52597d534ae8f47eabb35eef20d343180a2e06417b7aa9784fc8e40c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 09:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 480448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52222
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 09:38:07 GMT

GET
H2 200 terms.7F7F0F19BF16F27E50DE2AD3D58B79F1.min.js Show response
cdn3.rallybound.com/Content/js/ 168 KB
169 KB 85ms
30ms Script
application/javascript 2600:9000:2156:0:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.rallybound.com/Content/js/terms.7F7F0F19BF16F27E50DE2AD3D58B79F1.min.js
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 16bba487f50382d9ef82108ff741d919fca20b314b987224c9a18b5f4ed4a761

Request headers

Referer: https://fundraiser.sesameworkshop.org/
Origin: https://fundraiser.sesameworkshop.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 24 May 2023 04:36:18 GMT
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
last-modified: Wed, 24 May 2023 04:30:03 GMT
x-amz-cf-pop: FRA50-C1
age: 757757
etag: "8735b168f88dd91:0"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 172461
x-amz-cf-id: XwT_FvsWX5-FYAzOio4ra04FcHCQrHOPJZlzUTG-83309sE4y2-owQ==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 mobile-detect.js Show response
cdn3.rallybound.com/Content/Global/js/ 73 KB
73 KB 89ms
35ms Script
application/javascript 2600:9000:2156:0:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.rallybound.com/Content/Global/js/mobile-detect.js
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 85926acd66622d5a7ead093a3910facfe721a772b5f855b22c25e639e90ede05

Request headers

Referer: https://fundraiser.sesameworkshop.org/
Origin: https://fundraiser.sesameworkshop.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 07:33:14 GMT
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
last-modified: Wed, 17 Feb 2021 03:57:17 GMT
x-amz-cf-pop: FRA50-C1
age: 29172740
etag: "56d595fbe04d71:0"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 74643
x-amz-cf-id: oTRYv-498tLaq-JDCFkScwqz-gieSAq3-2I2zBRU0NlrEjY1ERbUdQ==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 main-top-w-standalone.DD23FFDBB4503265FB00696FA6939A4C.min.js Show response
cdn3.rallybound.com/Content/js/ 274 KB
275 KB 63ms
9ms Script
application/javascript 2600:9000:2156:0:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.rallybound.com/Content/js/main-top-w-standalone.DD23FFDBB4503265FB00696FA6939A4C.min.js
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 119e52a813937de0e484171a541a11e87f6d241aa9f7cbc1075d85db417f94b4

Request headers

Referer: https://fundraiser.sesameworkshop.org/
Origin: https://fundraiser.sesameworkshop.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 04:13:08 GMT
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
last-modified: Thu, 23 Mar 2023 03:56:43 GMT
x-amz-cf-pop: FRA50-C1
age: 6115946
etag: "e21d37b3b5dd91:0"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 280773
x-amz-cf-id: gWvgwBLyv75fqS_AjZj-SbUGoYnH_b9taJPayQB-fptV5g7jwIvczA==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 912 B
900 B 39ms
15ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit&onload=renderAllCaptchas

Requested by

Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3424da374fb8f6646c5f047c9e76f004deacad9c33eba4fad193c5759c89cf49

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 580
x-xss-protection: 1; mode=block
expires: Thu, 01 Jun 2023 23:05:36 GMT

GET
H2 200 ps2pdf.com.png
cdn3.rallybound.com/Content/images/img/18069/675187/w0-h90-keep-height/ 9 KB
9 KB 9ms
9ms Image
image/png 2600:9000:2156:0:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.rallybound.com/Content/images/img/18069/675187/w0-h90-keep-height/ps2pdf.com.png
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2a0f5e908edc7c3a3bfbdcf0467d3b9b565eabdb53bf0673b9720dfd1fa71455

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 13 May 2023 02:19:13 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
last-modified: Fri, 11 Sep 2020 14:41:11 GMT
x-amz-cf-pop: FRA50-C1
age: 1716383
etag: "4badf9974988d61:0"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 9003
x-amz-cf-id: 6t78GYp6popa1nuqVh2ASKQMfxD3QXpm55bVuHim5jYwPGZmCkpR5A==

GET
H2 200 a2551c4c-09c3-4402-a7cc-4453e48659b7.gif
cdn3.rallybound.com/Content/images/img/18069/675192/w618-h270/ 11 KB
11 KB 8ms
8ms Image
image/gif 2600:9000:2156:0:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.rallybound.com/Content/images/img/18069/675192/w618-h270/a2551c4c-09c3-4402-a7cc-4453e48659b7.gif
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9c938e105c420a6d888921eac6b0982446d4efa32eb50cb45a201b90ee6cdbb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 13 May 2023 02:19:13 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
last-modified: Fri, 11 Sep 2020 14:41:12 GMT
x-amz-cf-pop: FRA50-C1
age: 1716383
etag: "f0dc3c984988d61:0"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 11032
x-amz-cf-id: TsuTmRHx6p3TBsVp5yeTCfEWk5vtGTZ9hvnT4I5Z1US58Ssc7mjytQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
76 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KYX847QR49&l=analyticsDataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38313123-1&l=analyticsDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4533479f21f5a89a89d9c5e0302f66a60393cc80c9348b576e6f21be12ecf388

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:05:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77754
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jun 2023 23:05:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 43ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38313123-1&l=analyticsDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 01 Jun 2023 22:35:34 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1802
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 02 Jun 2023 00:35:34 GMT

GET
H2 200 donate-new.50826B9166C7B74D4496ACE84DA9DF1B.min.js Show response
cdn3.rallybound.com/Content/js/ 321 KB
322 KB 8ms
7ms Script
application/javascript 2600:9000:2156:0:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.rallybound.com/Content/js/donate-new.50826B9166C7B74D4496ACE84DA9DF1B.min.js
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a00b85b2ed10af5203603496831d3add957ee00560ad9c55ccdfcbbcf1b00e41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 24 May 2023 04:44:51 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
last-modified: Wed, 24 May 2023 04:30:21 GMT
x-amz-cf-pop: FRA50-C1
age: 757244
etag: "55e4af73f88dd91:0"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 328572
x-amz-cf-id: ltArD19o6oyEdW3f9Ro94EUpjGKgK3oLCKgFVNC-nJIsh41F_E6EMg==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 siteseal_gd_3_h_l_m.gif
cdn3.rallybound.com/Content/Global/img/ 17 KB
17 KB 22ms
20ms Image
image/gif 2600:9000:2156:0:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.rallybound.com/Content/Global/img/siteseal_gd_3_h_l_m.gif
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0201106038df301456922c2a5367249f9a0904ac57ff35f20641a2fe3ddc325c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:00:29 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
last-modified: Wed, 17 Feb 2021 03:57:16 GMT
x-amz-cf-pop: FRA50-C1
age: 29196306
etag: "418787fbe04d71:0"
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 16946
x-amz-cf-id: g7aNlPG9kgwycJHYZHgm16He3Vd6d4n140Xs2pCW-RGnwtIXCgYjfA==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 on-light.svg
cdn3.rallybound.com/content/fundraise/ 21 KB
21 KB 21ms
19ms Image
image/svg+xml 2600:9000:2156:0:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.rallybound.com/content/fundraise/on-light.svg
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e51b49fdc555edf2005782e0381211b85b4acec4f60df3710a04358005a4b82b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 01 Apr 2023 09:47:46 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
last-modified: Wed, 17 Feb 2021 03:57:16 GMT
x-amz-cf-pop: FRA50-C1
age: 5318270
etag: "f97717fbe04d71:0"
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 21348
x-amz-cf-id: MoUFS9md6-3mKiuXeBzJ_s-S58rhqQKo1J-LeNCt32UzNIfMaT1n6w==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 main-btm.1650F4FAFA2901739E4B0502ACDFCBB4.min.js Show response
cdn3.rallybound.com/Content/js/ 13 KB
14 KB 21ms
19ms Script
application/javascript 2600:9000:2156:0:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.rallybound.com/Content/js/main-btm.1650F4FAFA2901739E4B0502ACDFCBB4.min.js
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0d1dc8f528b6811119e1ab0cec7fa47d3d77c04484224b40efae1a5ae359088d

Request headers

Referer: https://fundraiser.sesameworkshop.org/
Origin: https://fundraiser.sesameworkshop.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 05:07:28 GMT
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
last-modified: Thu, 08 Dec 2022 05:02:28 GMT
x-amz-cf-pop: FRA50-C1
age: 15184688
etag: "55c1345c2ad91:0"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 13448
x-amz-cf-id: sQNf1hYWN1z1u7Bbk6OGAHw5qpInMg913vq7lR00pwWwxIBEQ1sYUQ==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 spacer.png
fundraiser.sesameworkshop.org/Content/Global/img/ 184 B
271 B 100ms
99ms Image
image/png 52.188.24.159
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fundraiser.sesameworkshop.org/Content/Global/img/spacer.png
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.188.24.159 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 767ede4ae50d636fb229ebc63fed6a93e12067c52434a37f55c3eb93caea4421

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:05:35 GMT
last-modified: Wed, 17 Feb 2021 03:57:17 GMT
etag: "7be989fbe04d71:0"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 184
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 nav-bar-org.png
fundraiser.sesameworkshop.org/Content/Global/img/ 1 KB
2 KB 101ms
100ms Image
image/png 52.188.24.159
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fundraiser.sesameworkshop.org/Content/Global/img/nav-bar-org.png
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.188.24.159 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ad4269a4b821427897a9544eaa3a79d43ac5e29a26e3bffb26a403e160d9648c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:05:35 GMT
last-modified: Wed, 17 Feb 2021 03:57:16 GMT
etag: "bcfd7dfbe04d71:0"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 1517
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 262 KB
89 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NPFGTHZ

Requested by

Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

57888fa39daac1c07c787aea9bc07b651d78f3edd102eb8760b41d12e0ec622c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:05:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91457
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 21:08:48 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 01 Jun 2023 23:05:36 GMT

GET
H2 200 ai.2.min.js Show response
js.monitor.azure.com/scripts/b/ 119 KB
45 KB 45ms
9ms Script
text/javascript 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a602657a3336b260818e5fbba8659e8a971327a571562652c1d46f7c4863d403

Request headers

Referer: https://fundraiser.sesameworkshop.org/
Origin: https://fundraiser.sesameworkshop.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:05:36 GMT
content-encoding: br
x-azure-ref-originshield: 0oB15ZAAAAADYm+aAZmB3RKLC7hEoCFnnRlJBMjMxMDUwNDE3MDI5AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-md5: AaaPIcFvUz/xMluxz3SEEw==
x-cache: TCP_HIT
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.14.min.js
last-modified: Wed, 31 May 2023 16:55:54 GMT
x-ms-meta-aijssdkver: 2.8.14
etag: 0x8DB61F7E60C0E87
x-azure-ref: 0QCR5ZAAAAADWaGhxu6tHRYmS16THGmWVRlJBMzFFREdFMDkwNwBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 15218f7a-f01e-00c9-0fd6-946fdc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-ms-version: 2009-09-19

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/ 410 KB
165 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&onload=renderAllCaptchas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e2831acb97097ce89e609e9ff841c6c6293ffeb1ce3e2acc07dfcdeeaa621fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fundraiser.sesameworkshop.org/
Origin: https://fundraiser.sesameworkshop.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 19:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168302
x-xss-protection: 0
last-modified: Mon, 22 May 2023 20:58:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 May 2024 19:50:42 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 33ms
6ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fundraiser.sesameworkshop.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 15:41:45 GMT
x-content-type-options: nosniff
age: 458631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 15:41:45 GMT

GET
H2 200 Root Show response
payments.rallybound.com/iframe/ Frame 6C42 6 KB
4 KB 335ms
100ms Document
text/html 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/iframe/Root?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3

Requested by

Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/js/main-top-w-standalone.DD23FFDBB4503265FB00696FA6939A4C.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

17ea5e84c47264c4e1a6409174f06e02ba166fbfe0033aa9d2dfec0d6c380323

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

Referer: https://fundraiser.sesameworkshop.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
content-type: text/html; charset=utf-8
date: Thu, 01 Jun 2023 23:05:36 GMT
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport

POST
H2 204 collect
region1.google-analytics.com/g/ 0
264 B 35ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KYX847QR49&gtm=45je35v0&_p=270692134&cid=1810834223.1685660736&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1685660736&sct=1&seg=0&dl=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680&dt=Donate%20-%20Donate%20%7C%20Sesame%20Workshop&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KYX847QR49&l=analyticsDataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:05:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fundraiser.sesameworkshop.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 245 KB
84 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SSQ4JJ0H65&l=analyticsDataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38313123-1&l=analyticsDataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d3e376a71e5736021bde821e3a47c3ed4b3d8b4ca01817d4e438a2802b89c5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:05:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85761
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jun 2023 23:05:36 GMT

GET
H/1.1 200
OK 3880a4b7-cbcf-4788-adef-fe5db36557d5.jpeg
image.e.sesame.org/lib/fe2d11737164047c721278/m/1/ 446 KB
447 KB 632ms
416ms Image
image/jpeg 2a02:26f0:3100::1735:2baa
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.e.sesame.org/lib/fe2d11737164047c721278/m/1/3880a4b7-cbcf-4788-adef-fe5db36557d5.jpeg
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:2baa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 108d55b077edd025776aaf4994b6000187ddb4812de4b4e15ed853b1eccb6927

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Thu, 01 Jun 2023 23:05:36 GMT
Last-Modified: Tue, 14 Feb 2023 19:20:36 GMT
Server: AkamaiNetStorage
ETag: "09646c10e815aa87d423a42b1cfab7ab:1676402436.962329"
Content-Type: image/jpeg
Cache-Control: max-age=600, s-maxage=600, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 457059

GET
H/1.1 200
OK 6501280c-1189-4bd3-8d55-be68eb225a60.png
image.e.sesame.org/lib/fe2d11737164047c721278/m/1/ 2 KB
3 KB 747ms
531ms Image
image/png 2a02:26f0:3100::1735:2baa
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.e.sesame.org/lib/fe2d11737164047c721278/m/1/6501280c-1189-4bd3-8d55-be68eb225a60.png
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:2baa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: dd630127427deb2a902c8f7b1dfe7394936449ff7f1c19873ad07d49771459da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Thu, 01 Jun 2023 23:05:37 GMT
Last-Modified: Tue, 14 Feb 2023 19:40:08 GMT
Server: AkamaiNetStorage
ETag: "105a0977e993ecc7dc41cd087fb68a65:1676403608.496678"
Content-Type: image/png
Cache-Control: max-age=600, s-maxage=600, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2465

GET
H2

200

candid-seal-gold-2023.png
sesameworkshop.org/wp-content/uploads/2023/04/
Redirect Chain

https://www.sesameworkshop.org/assets/images/seal_transparencygold2019.png
https://sesameworkshop.org/assets/images/seal_transparencygold2019.png
https://sesameworkshop.org/wp-content/uploads/2023/04/candid-seal-gold-2023.png

3 KB
3 KB

115ms
114ms

Image
image/png

2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sesameworkshop.org/wp-content/uploads/2023/04/candid-seal-gold-2023.png

Requested by

Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680

Protocol

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d236db48a51d929fedfa6a110b401a2d4753669e3a8380a34339eb333cf18616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-a-56cf57f445-5x2n2
strict-transport-security: max-age=31622400; includeSubDomains; preload
date: Thu, 01 Jun 2023 23:05:36 GMT
via: 1.1 varnish, 1.1 varnish
expires: Thu, 09 May 2024 09:10:20 GMT
age: 25165
x-cache: HIT, HIT
content-length: 3139
x-served-by: cache-chi-kigq8000164-CHI, cache-fra-eddf8230131-FRA
last-modified: Tue, 11 Apr 2023 16:49:47 GMT
server: nginx
x-timer: S1685660737.580137,VS0,VE107
etag: "64358fab-c43"
content-type: image/png
x-styx-req-id: 5294c4ab-ee49-11ed-99c2-92699fb73012
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 2, 1

Redirect headers

x-pantheon-styx-hostname: styx-fe3-a-58f57df86f-fxl28
strict-transport-security: max-age=31622400; includeSubDomains; preload
date: Thu, 01 Jun 2023 23:05:36 GMT
via: 1.1 varnish, 1.1 varnish
expires: Thu, 01 Jun 2023 23:29:57 GMT
age: 2139
x-redirect-by: redirection
x-cache: HIT, MISS
content-length: 0
x-served-by: cache-chi-klot8100038-CHI, cache-fra-eddf8230131-FRA
server: nginx
x-timer: S1685660736.465037,VS0,VE106
vary: Cookie, Cookie
content-type: text/html; charset=UTF-8
location: /wp-content/uploads/2023/04/candid-seal-gold-2023.png
x-styx-req-id: d652c1fa-00cb-11ee-a332-0ebd32190676
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 7, 0

GET
H2

200

seal_bbb.png
sesameworkshop.org/wp-content/uploads/2023/04/
Redirect Chain

https://www.sesameworkshop.org/assets/images/seal_bbb.png
https://sesameworkshop.org/assets/images/seal_bbb.png
https://sesameworkshop.org/wp-content/uploads/2023/04/seal_bbb.png

8 KB
8 KB

113ms
112ms

Image
image/png

2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sesameworkshop.org/wp-content/uploads/2023/04/seal_bbb.png

Requested by

Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680

Protocol

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c00887310bf33e6c21678200deef8dda19ec23378a705dc83b318f10dbba3fc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-b-59f59d9dc-c97r2
strict-transport-security: max-age=31622400; includeSubDomains; preload
date: Thu, 01 Jun 2023 23:05:36 GMT
via: 1.1 varnish, 1.1 varnish
expires: Thu, 02 May 2024 12:08:40 GMT
age: 25165
x-cache: HIT, HIT
content-length: 7994
x-served-by: cache-chi-kigq8000071-CHI, cache-fra-eddf8230131-FRA
last-modified: Tue, 11 Apr 2023 16:54:08 GMT
server: nginx
x-timer: S1685660737.580082,VS0,VE106
etag: "643590b0-1f3a"
content-type: image/png
x-styx-req-id: 13be97f1-e8e2-11ed-b70f-32ae9369ead0
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

Redirect headers

x-pantheon-styx-hostname: styx-fe3-a-58f57df86f-shgvv
strict-transport-security: max-age=31622400; includeSubDomains; preload
date: Thu, 01 Jun 2023 23:05:36 GMT
via: 1.1 varnish, 1.1 varnish
expires: Thu, 01 Jun 2023 23:29:57 GMT
age: 2139
x-redirect-by: redirection
x-cache: HIT, MISS
content-length: 0
x-served-by: cache-chi-kigq8000023-CHI, cache-fra-eddf8230131-FRA
server: nginx
x-timer: S1685660736.465149,VS0,VE105
vary: Cookie, Cookie
content-type: text/html; charset=UTF-8
location: /wp-content/uploads/2023/04/seal_bbb.png
x-styx-req-id: d6564939-00cb-11ee-b295-2a78d5d52e81
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 7, 0

GET
H2

200

seal_topranked2020.png
sesameworkshop.org/wp-content/uploads/2023/04/
Redirect Chain

https://www.sesameworkshop.org/assets/images/seal_topranked2020.png
https://sesameworkshop.org/assets/images/seal_topranked2020.png
https://sesameworkshop.org/wp-content/uploads/2023/04/seal_topranked2020.png

51 KB
51 KB

114ms
114ms

Image
image/png

2620:12a:8000::3
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sesameworkshop.org/wp-content/uploads/2023/04/seal_topranked2020.png

Requested by

Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680

Protocol

Server

2620:12a:8000::3 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

1491e1a4d6f5ffb1cb069d33983e8fa7a94c04b93dfee7a6523e677f940f42e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-a-56cf57f445-vdc69
strict-transport-security: max-age=31622400; includeSubDomains; preload
date: Thu, 01 Jun 2023 23:05:36 GMT
via: 1.1 varnish, 1.1 varnish
expires: Thu, 09 May 2024 16:02:12 GMT
age: 25165
x-cache: HIT, HIT
content-length: 51943
x-served-by: cache-chi-klot8100131-CHI, cache-fra-eddf8230131-FRA
last-modified: Tue, 11 Apr 2023 16:54:06 GMT
server: nginx
x-timer: S1685660737.580398,VS0,VE108
etag: "643590ae-cae7"
content-type: image/png
x-styx-req-id: dc548608-ee82-11ed-8085-2ab4fc865cab
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

Redirect headers

x-pantheon-styx-hostname: styx-fe3-b-6cc6f6987-t2pj8
strict-transport-security: max-age=31622400; includeSubDomains; preload
date: Thu, 01 Jun 2023 23:05:36 GMT
via: 1.1 varnish, 1.1 varnish
expires: Thu, 01 Jun 2023 23:29:57 GMT
age: 2139
x-redirect-by: redirection
x-cache: HIT, MISS
content-length: 0
x-served-by: cache-chi-klot8100045-CHI, cache-fra-eddf8230131-FRA
server: nginx
x-timer: S1685660736.464990,VS0,VE108
vary: Cookie, Cookie
content-type: text/html; charset=UTF-8
location: /wp-content/uploads/2023/04/seal_topranked2020.png
x-styx-req-id: d652c049-00cb-11ee-b63c-8231ad0bd0a5
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 7, 0

GET
H2

200

activityi;dc_pre=CKGen8uXo_8CFcWpUQodsUIMfQ;src=10123262;type=site40;cat=sesam00;ord=9858740425486;gtm=45He35v0;auiddc=935958600.1685660736;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https... Show response
10123262.fls.doubleclick.net/ Frame 3C7F
Redirect Chain

https://10123262.fls.doubleclick.net/activityi;src=10123262;type=site40;cat=sesam00;ord=9858740425486;gtm=45He35v0;auiddc=935958600.1685660736;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=ht...
https://10123262.fls.doubleclick.net/activityi;dc_pre=CKGen8uXo_8CFcWpUQodsUIMfQ;src=10123262;type=site40;cat=sesam00;ord=9858740425486;gtm=45He35v0;auiddc=935958600.1685660736;uaa=;uab=;uafvl=;uam...

579 B
687 B

38ms
36ms

Document
text/html

142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10123262.fls.doubleclick.net/activityi;dc_pre=CKGen8uXo_8CFcWpUQodsUIMfQ;src=10123262;type=site40;cat=sesam00;ord=9858740425486;gtm=45He35v0;auiddc=935958600.1685660736;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPFGTHZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

a993cd5edf9ffb5c5a6fa18c4d7889953966db05af0d121d14cacc48223f29b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fundraiser.sesameworkshop.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 347
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 23:05:36 GMT
expires: Thu, 01 Jun 2023 23:05:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 23:05:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10123262.fls.doubleclick.net/activityi;dc_pre=CKGen8uXo_8CFcWpUQodsUIMfQ;src=10123262;type=site40;cat=sesam00;ord=9858740425486;gtm=45He35v0;auiddc=935958600.1685660736;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CNPcn8uXo_8CFWsgBgAdOdACag;src=10123262;type=site40;cat=sesam0;ord=4106698050473;gtm=45He35v0;auiddc=935958600.1685660736;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%... Show response
10123262.fls.doubleclick.net/ Frame 697C
Redirect Chain

https://10123262.fls.doubleclick.net/activityi;src=10123262;type=site40;cat=sesam0;ord=4106698050473;gtm=45He35v0;auiddc=935958600.1685660736;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=htt...
https://10123262.fls.doubleclick.net/activityi;dc_pre=CNPcn8uXo_8CFWsgBgAdOdACag;src=10123262;type=site40;cat=sesam0;ord=4106698050473;gtm=45He35v0;auiddc=935958600.1685660736;uaa=;uab=;uafvl=;uam=...

578 B
644 B

65ms
64ms

Document
text/html

142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10123262.fls.doubleclick.net/activityi;dc_pre=CNPcn8uXo_8CFWsgBgAdOdACag;src=10123262;type=site40;cat=sesam0;ord=4106698050473;gtm=45He35v0;auiddc=935958600.1685660736;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPFGTHZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

7d8b4dc8178140921e9e860294e5732bccc8b20be3204309174ba4ebf0f77da4

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fundraiser.sesameworkshop.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 344
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 23:05:36 GMT
expires: Thu, 01 Jun 2023 23:05:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 23:05:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10123262.fls.doubleclick.net/activityi;dc_pre=CNPcn8uXo_8CFWsgBgAdOdACag;src=10123262;type=site40;cat=sesam0;ord=4106698050473;gtm=45He35v0;auiddc=935958600.1685660736;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/625300379/ 3 KB
2 KB 43ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/625300379/?random=1685660736343&cv=11&fst=1685660736343&bg=ffffff&guid=ON&async=1&gtm=45He35v0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680&hn=www.googleadservices.com&frm=0&tiba=Donate%20-%20Donate%20%7C%20Sesame%20Workshop&auid=935958600.1685660736&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPFGTHZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18b96b1e962b89a95a8425f427341c7238f1e0b5a38aa039ec6cbb6bb295c0cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:05:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1395
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 66ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPFGTHZ

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 01 Jun 2023 23:05:35 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3700C973C979429FA8FDBF31D1AD120A Ref B: FRAEDGE1314 Ref C: 2023-06-01T23:05:36Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 21ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8fbf7e16e3604db25ab37c4a496865033167bb550e3b2e92f1070424f48723a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 01 Jun 2023 23:05:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27497
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: U3FrOPttC3XQezSvOG/0E2JdYNynidR6ogd2GP2FlLZj8Adni+XMS/SYzdErMWkRJ/h/7HuNpu8ee7/xg49Ovw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 17 KB
7 KB 57ms
15ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

72750dc5cdcaa538491728c6a58d6d1d97d28024f227ce7f13e63ddeba908226

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:05:04 GMT
x-amz-version-id: JGW8wXvjjj83MVu5c5k1Bd2u8_DD2rYy
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 0M3WB02WBE55RQ1W
age: 33
x-amz-server-side-encryption: AES256
x-amz-id-2: aMqeNRRJqKAy/EUumGJGaOnwtMVfzmuF+4c/90m5iBI+ELH6etpzmcfl+lXT6kIUi5UJfz4j8kQ=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 31 May 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 26 Apr 2023 11:08:30 GMT
server: ATS
etag: "e896178ac557f4e393e0a05405c33633-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 50ms
6ms Script
application/x-javascript 2600:9000:214f:4e00:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4e00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 22:15:36 GMT
content-encoding: gzip
via: 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
last-modified: Thu, 01 Jun 2023 22:15:26 GMT
server: Jetty(9.4.51.v20230217)
x-amz-cf-pop: FRA53-C1
age: 3000
x-cache: Hit from cloudfront
content-type: application/x-javascript
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
content-length: 6162
x-amz-cf-id: o-Lzy0r2pLdPg7GFcvvDa0lczxrjBgp15uIHpg2746IvtnP2DkYuSg==
expires: Thu, 01 Jun 2023 23:15:36 GMT

GET
H2 200 evergage.min.js Show response
cdn.evgnet.com/beacon/sesameworkshop/prod/scripts/ 204 KB
50 KB 33ms
7ms Script
application/javascript 151.101.0.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.evgnet.com/beacon/sesameworkshop/prod/scripts/evergage.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPFGTHZ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 15a3f7e8bb652629149835ed88c06327c781f326dbf320653544c2073d636622

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id: zbF7MzVyGS3pfoakb9gzHebk2HyG1nUy
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Thu, 01 Jun 2023 23:05:36 GMT
x-amz-request-id: WS893QWE5CZ14V62
age: 66
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-replication-status: PENDING
content-length: 50696
x-amz-id-2: n1Iub3DVIDIS4EK57zZkmwIDbMog3zE0em3bA/+9NCsDixHIIGq14Swid2ygO9s8xjMPrEg45Ps=
x-served-by: cache-iad-kjyo7100125-IAD, cache-fra-eddf8230130-FRA
x-amz-meta-evergage-sum: dcf1da1ce0c76945f5365b63c3aeaf70f430fb98
last-modified: Mon, 15 May 2023 22:54:10 GMT
server: AmazonS3
x-timer: S1685660736.379318,VS0,VE1
etag: "98bb0f78540a42b38fb299b02f4e7b18"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
x-amz-meta-evergage-beacon-ver: 16
x-cache-hits: 96621, 1

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
216 B 15ms
14ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=270692134&t=pageview&_s=1&dl=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680&ul=en-us&de=UTF-8&dt=Donate%20-%20Donate%20%7C%20Sesame%20Workshop&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CDAAQABAAAAACAAI~&jid=1076123000&gjid=76910615&cid=1810834223.1685660736&tid=UA-38313123-1&_gid=1171096435.1685660736&_r=1&gtm=457e35v0&cd3=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.90%20Safari%2F537.36&cd4=STANDALONE&z=1206012679

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fundraiser.sesameworkshop.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:05:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fundraiser.sesameworkshop.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
71 B 17ms
17ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=270692134&t=pageview&_s=1&dl=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680&ul=en-us&de=UTF-8&dt=Donate%20-%20Donate%20%7C%20Sesame%20Workshop&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CjACUABBAAAACAEO~&jid=575003523&gjid=305687785&cid=1810834223.1685660736&tid=UA-98721936-3&_gid=1081182183.1685660736&_r=1&_slc=1&gtm=45He35v0n81NPFGTHZ&cd3=1810834223.1685660736&cd4=gtm.js&cd2=1810834223.1685660736&cd5=1685660736&cd6=c4634848-e3d5-41ab-9627-b32756db1163&cd7=GTM-NPFGTHZ&z=1984642484

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fundraiser.sesameworkshop.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:05:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fundraiser.sesameworkshop.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
70 B 15ms
15ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=270692134&t=pageview&_s=1&dl=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680&ul=en-us&de=UTF-8&dt=Donate%20-%20Donate%20%7C%20Sesame%20Workshop&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CnACUABBAAAACAEO~&jid=98675999&gjid=828696647&cid=1810834223.1685660736&tid=%5Bobject%20Object%5D&_gid=1171096435.1685660736&_r=1&_slc=1&gtm=45He35v0n81NPFGTHZ&z=321470951

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fundraiser.sesameworkshop.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:05:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fundraiser.sesameworkshop.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 7ms
7ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=270692134&t=pageview&_s=2&dl=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680&ul=en-us&de=UTF-8&dt=Donate%20-%20Donate%20%7C%20Sesame%20Workshop&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CDAAQABAAAAACAAI~&jid=&gjid=&cid=1810834223.1685660736&tid=UA-38313123-1&_gid=1171096435.1685660736&gtm=457e35v0&cd5=false&cg3=Standalone%20Donation&z=1746623215

Requested by

Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 13:28:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34608
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
359 B 61ms
20ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-98721936-3&cid=1810834223.1685660736&jid=575003523&gjid=305687785&_gid=1081182183.1685660736&_u=4CjACUABBAAAACAEO~&z=495981148

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fundraiser.sesameworkshop.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 01 Jun 2023 23:05:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fundraiser.sesameworkshop.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 3D9D 50 KB
28 KB 26ms
25ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeyosgUAAAAAK6tAS0BOKqSTbWkAYwuL98JvcVE&co=aHR0cHM6Ly9mdW5kcmFpc2VyLnNlc2FtZXdvcmtzaG9wLm9yZzo0NDM.&hl=de&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=dxfmpdqzwmci

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a3350caedc84405b568c40447d793a5f1f5bbb8dfb6b395da25b037b52fc96d9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-U_bcr2HUNG0eyzDoiz7qEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fundraiser.sesameworkshop.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27787
content-security-policy: script-src 'report-sample' 'nonce-U_bcr2HUNG0eyzDoiz7qEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 01 Jun 2023 23:05:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SSQ4JJ0H65&gtm=45je35v0&_p=270692134&cid=1810834223.1685660736&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1685660736&sct=1&seg=0&dl=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680&dt=Donate%20-%20Donate%20%7C%20Sesame%20Workshop&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.90%20Safari%2F537.36&ep.etype=STANDALONE
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SSQ4JJ0H65&l=analyticsDataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:05:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fundraiser.sesameworkshop.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ca.html Show response
20826432p.rfihub.com/ Frame 28C6 3 KB
4 KB 111ms
20ms Document
text/html 193.0.160.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20826432p.rfihub.com/ca.html?ver=9&rb=42543&ca=20826432&_o=42543&_t=20826432&pe=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680&pf=&ra=04404115554320476
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 8c9416d3ca780de33a092904a9e130716d7e74d3c727dc3ee913f7cf12962164

Request headers

Referer: https://fundraiser.sesameworkshop.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 2806
Content-Type: text/html;charset=utf-8
Date: Thu, 01 Jun 2023 23:05:36 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2 200 10110654.json Show response
s.yimg.com/wi/config/ 2 B
486 B 136ms
110ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10110654.json

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 1D8GV5MDGHP00EV6
age: 0
content-length: 22
x-amz-id-2: nrwg4QzEnJGXoKqv8ewzl1V/A0RKZdmIgOiOGmDFAhJYEmZQeXCnXQCh5zNkWBwhwA2BgZ796pE=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 dc_pre=CKGen8uXo_8CFcWpUQodsUIMfQ;src=10123262;type=site40;cat=sesam00;ord=9858740425486;gtm=45He35v0;auiddc=*;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Ffundraiser.sesamewor...
adservice.google.com/ddm/fls/z/ Frame 3C7F 42 B
107 B 82ms
46ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKGen8uXo_8CFcWpUQodsUIMfQ;src=10123262;type=site40;cat=sesam00;ord=9858740425486;gtm=45He35v0;auiddc=*;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680

Requested by

Host: 10123262.fls.doubleclick.net
URL: https://10123262.fls.doubleclick.net/activityi;dc_pre=CKGen8uXo_8CFcWpUQodsUIMfQ;src=10123262;type=site40;cat=sesam00;ord=9858740425486;gtm=45He35v0;auiddc=935958600.1685660736;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10123262.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:05:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/625300379/ 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/625300379/?random=1685660736343&cv=11&fst=1685660400000&bg=ffffff&guid=ON&async=1&gtm=45He35v0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680&frm=0&tiba=Donate%20-%20Donate%20%7C%20Sesame%20Workshop&fmt=3&is_vtc=1&random=485486900&rmt_tld=0&ipr=y

Requested by

Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:05:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/625300379/ 42 B
455 B 39ms
17ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/625300379/?random=1685660736343&cv=11&fst=1685660400000&bg=ffffff&guid=ON&async=1&gtm=45He35v0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680&frm=0&tiba=Donate%20-%20Donate%20%7C%20Sesame%20Workshop&fmt=3&is_vtc=1&random=485486900&rmt_tld=1&ipr=y

Requested by

Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:05:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CNPcn8uXo_8CFWsgBgAdOdACag;src=10123262;type=site40;cat=sesam0;ord=4106698050473;gtm=45He35v0;auiddc=*;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Ffundraiser.sesamework...
adservice.google.com/ddm/fls/z/ Frame 697C 42 B
401 B 75ms
46ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNPcn8uXo_8CFWsgBgAdOdACag;src=10123262;type=site40;cat=sesam0;ord=4106698050473;gtm=45He35v0;auiddc=*;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680

Requested by

Host: 10123262.fls.doubleclick.net
URL: https://10123262.fls.doubleclick.net/activityi;dc_pre=CNPcn8uXo_8CFWsgBgAdOdACag;src=10123262;type=site40;cat=sesam0;ord=4106698050473;gtm=45He35v0;auiddc=935958600.1685660736;uaa=;uab=;uafvl=;uam=;uamb=0;uap=;uapv=;uaw=0;~oref=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://10123262.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:05:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/ Frame 3D9D 55 KB
24 KB 23ms
6ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeyosgUAAAAAK6tAS0BOKqSTbWkAYwuL98JvcVE&co=aHR0cHM6Ly9mdW5kcmFpc2VyLnNlc2FtZXdvcmtzaG9wLm9yZzo0NDM.&hl=de&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=dxfmpdqzwmci

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 19:50:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 22 May 2023 20:58:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 May 2024 19:50:46 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/ Frame 3D9D 410 KB
164 KB 27ms
10ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e2831acb97097ce89e609e9ff841c6c6293ffeb1ce3e2acc07dfcdeeaa621fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 19:50:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168302
x-xss-protection: 0
last-modified: Mon, 22 May 2023 20:58:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 May 2024 19:50:42 GMT

GET
H2 200 192812268277246 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 69ms
68ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/192812268277246?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f58910881bc0b682bb3a7957166b50539b04b7d5feef109ca027dba9d7114786

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 01 Jun 2023 23:05:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 93FzouP+l0Cb/Rtrhvleqcg8C+MM326mCK7WPuGq/mUu2yrbA0JNbmu4hFY8zuuIthFDLGY4Gtin6d90P2h/4A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 21012477.js Show response
bat.bing.com/p/action/ 0
117 B 107ms
106ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/21012477.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 01 Jun 2023 23:05:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9D5D795C3C704399B7059C3CF6626126 Ref B: FRAEDGE1314 Ref C: 2023-06-01T23:05:36Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
285 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=21012477&tm=gtm002&Ver=2&mid=821ebfe9-ba4b-44bc-bd07-14405c3a36a7&sid=d1a0526000d011ee8e4091f7c8512ca9&vid=d1a0e25000d011ee8b760376b7514b3c&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20-%20Donate%20%7C%20Sesame%20Workshop&kw=Donate%20%7C%20Sesame%20Workshop,%20Sesame%20Workshop,%20Donate%20%7C%20Sesame%20Workshop%200,%20&p=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680&r=&lt=1495&evt=pageLoad&sv=1&rn=619110

Requested by

Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 01 Jun 2023 23:05:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AD80E7F83B924ED99D0F5D41F07146B9 Ref B: FRAEDGE1314 Ref C: 2023-06-01T23:05:36Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 19ms
18ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-98721936-3&cid=1810834223.1685660736&jid=575003523&_u=4CjACUABBAAAACAEO~&z=387100465

Requested by

Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:05:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-98721936-3&cid=1810834223.1685660736&jid=575003523&_u=4CjACUABBAAAACAEO~&z=387100465

Requested by

Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:05:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6C42 3 KB
539 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/Root?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b7f2d6fa91de80a618910ccc2b98c110dc46b459c956f018dc23cd73411f5905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Jun 2023 23:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:58:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Jun 2023 23:05:36 GMT

GET
H2 200 main.css
payments.rallybound.com/css/ Frame 6C42 4 KB
2 KB 101ms
100ms Stylesheet
text/css 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/css/main.css?v=icJLdN2CrphQ1yVcoLPxHKIGRMueYx8sRu0N1AVcMyE

Requested by

Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/Root?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

89c24b74dd82ae9850d7255ca0b3f11ca20644cb9e631f2c46ed0dd4055c3321

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/iframe/Root?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
last-modified: Thu, 18 May 2023 18:21:52 GMT
strict-transport-security: max-age=2592000
etag: "1d989b59e2d711c"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1341
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 3b.min.js Show response
payments.rallybound.com/min/ Frame 6C42 107 KB
47 KB 102ms
102ms Script
application/javascript 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/min/3b.min.js?v=iyGoLigZm3gtW2XEHGY7sInYG0HUGgoqZCcu8Frx-i0

Requested by

Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/Root?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8b21a82e28199b782d5b65c41c663bb089d81b41d41a0a2a64272ef05af1fa2d

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/iframe/Root?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
last-modified: Wed, 24 May 2023 19:09:42 GMT
strict-transport-security: max-age=2592000
etag: "1d98e734b4eb439"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 3D9D 102 B
134 B 15ms
15ms Other
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=CDFvp7CXAHw7k3HxO47Gm1O9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d7bd1344379eb2ac9631066d92e8675977cfdac8dd9ce4b751c01c3f13725a87

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeyosgUAAAAAK6tAS0BOKqSTbWkAYwuL98JvcVE&co=aHR0cHM6Ly9mdW5kcmFpc2VyLnNlc2FtZXdvcmtzaG9wLm9yZzo0NDM.&hl=de&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=dxfmpdqzwmci
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 01 Jun 2023 23:05:36 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
632 B 99ms
31ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2001%20Jun%202023%2023%3A05%3A36%20GMT&n=0&b=Donate%20-%20Donate%20%7C%20Sesame%20Workshop&.yp=10110654&f=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680&enc=UTF-8&yv=1.14.0&tagmgr=gtm

Requested by

Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:05:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Thu, 01 Jun 2023 23:05:33 GMT

GET
H3 200 1592996031002940 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 67ms
66ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1592996031002940?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

351e352b237fa33434844727ab9aeb1f3f097e9868fe69b37d4c44b4c0899ad3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 01 Jun 2023 23:05:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: aK0wvt0lgMO+WG+TonvHvdnp/s8KV9VfQJ5MhE2+jIKgXFi7gOUhfl0d0K0PBwdLhv53uGaYbS6Kx2s3pxqUSQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 22ms
6ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=192812268277246&ev=PageView&dl=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680&rl=&if=false&ts=1685660736692&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1685660736691.1880930741&it=1685660736513&coo=false&rqm=GET

Requested by

Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 01 Jun 2023 23:05:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

451

sync
pippio.com/api/ Frame 28C6
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455419462380425&referrer=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_sourc...
https://p.rfihub.com/cm?pub=39342&in=0&userid=0bd5341e-a85f-4955-b360-c1ab515623cc%3A1685660736.8133814&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D0bd5341e-a85f-4955...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455419462380425&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D0bd534...
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=0bd5341e-a85f-4955-b360-c1ab515623cc%3A1685660736.8133814&pid=500040&it=1&iv=0bd5341e-a85f-4955-b360-c1ab515623cc%3A1685660736.8133814&_=168...
https://i.liadm.com/s/56409?bidder_id=200442&it=1&bidder_uuid=0bd5341e-a85f-4955-b360-c1ab515623cc:1685660736.8133814&pid=500040&_li_chk=true&_=1685660736.8144987&iv=0bd5341e-a85f-4955-b360-c1ab515...
https://pippio.com/api/sync?it=1&pid=500040&_=1685660736.8144987&iv=0bd5341e-a85f-4955-b360-c1ab515623cc:1685660736.8133814

0
98 B

139ms
118ms

Image
text/plain

107.178.254.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync?it=1&pid=500040&_=1685660736.8144987&iv=0bd5341e-a85f-4955-b360-c1ab515623cc:1685660736.8133814
Protocol: H2
Server: 107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826432p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:05:37 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

Location: https://pippio.com/api/sync?it=1&pid=500040&_=1685660736.8144987&iv=0bd5341e-a85f-4955-b360-c1ab515623cc:1685660736.8133814
Date: Thu, 01 Jun 2023 23:05:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H2

451

sync
pippio.com/api/ Frame 28C6
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzNDQ1NTQxOTQ2MjM4MDQyNQ==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEPRV65g6To1q-DhgzQQmJGk&google_cver=1
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455419462380425&referrer={encSite}&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=0bd5341e-a85f-4955-b360-c1ab515623cc%3A1685660736.8133814&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D0bd5341e-a85f-4955...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455419462380425&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D0bd534...
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=0bd5341e-a85f-4955-b360-c1ab515623cc%3A1685660736.8133814&pid=500040&it=1&iv=0bd5341e-a85f-4955-b360-c1ab515623cc%3A1685660736.8133814&_=168...
https://i.liadm.com/s/56409?bidder_id=200442&it=1&bidder_uuid=0bd5341e-a85f-4955-b360-c1ab515623cc:1685660736.8133814&pid=500040&_li_chk=true&_=1685660736.9978933&iv=0bd5341e-a85f-4955-b360-c1ab515...
https://pippio.com/api/sync?it=1&pid=500040&_=1685660736.9978933&iv=0bd5341e-a85f-4955-b360-c1ab515623cc:1685660736.8133814

0
42 B

117ms
117ms

Image
text/plain

107.178.254.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync?it=1&pid=500040&_=1685660736.9978933&iv=0bd5341e-a85f-4955-b360-c1ab515623cc:1685660736.8133814
Protocol: H2
Server: 107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826432p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:05:37 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

Location: https://pippio.com/api/sync?it=1&pid=500040&_=1685660736.9978933&iv=0bd5341e-a85f-4955-b360-c1ab515623cc:1685660736.8133814
Date: Thu, 01 Jun 2023 23:05:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 28C6
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=5134455419462380425
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5134455419462380425

43 B
1 KB

13ms
13ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5134455419462380425

Requested by

Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680

Protocol

HTTP/1.1

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826432p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 23:05:36 GMT
AN-X-Request-Uuid: 4e8a73be-251e-4d08-b48b-5d53d65f16f0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 23:05:36 GMT
AN-X-Request-Uuid: 7793466b-59c9-403d-b5c0-bb47bbd4593e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5134455419462380425
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 28C6
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5134455419462380425&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5134455419462380425&redir=

42 B
942 B

32ms
32ms

Image
image/gif

52.16.141.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5134455419462380425&redir=

Requested by

Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680

Protocol

HTTP/1.1

Server

52.16.141.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-141-94.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826432p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v048-0f7ff0385.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: AssovGBlSAI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v048-0377fc047.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: spsvlynZRCI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5134455419462380425&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame 28C6 42 B
424 B 61ms
13ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5134455419462380425&r=
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826432p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 01 Jun 2023 23:05:36 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sd
us-u.openx.net/w/1.0/ Frame 28C6 43 B
273 B 62ms
14ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073062&val=5134455419462380425&r=
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826432p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:05:36 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 28C6
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5134455419462380425&bid=omt9pi0

0
344 B

42ms
6ms

Image
text/plain

52.57.150.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5134455419462380425&bid=omt9pi0
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: HTTP/1.1
Server: 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826432p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Thu, 01 Jun 2023 23:05:36 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5134455419462380425&bid=omt9pi0
Date: Thu, 01 Jun 2023 23:05:36 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cksync.php
contextual.media.net/ Frame 28C6 61 B
625 B 72ms
37ms Image
image/gif 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5134455419462380425

Requested by

Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826432p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 01 Jun 2023 23:05:36 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Thu, 01 Jun 2023 23:05:36 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 28C6 43 B
109 B 368ms
149ms Image
image/gif 54.158.245.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5134455419462380425
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.245.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-245-95.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826432p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:05:37 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 28C6
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5134455419462380425&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5134455419462380425&forward=&C=1

43 B
766 B

9ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5134455419462380425&forward=&C=1
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826432p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 23:05:36 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 01 Jun 2023 23:05:36 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=57&external_user_id=5134455419462380425&forward=&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 451 360947.gif
idsync.rlcdn.com/ Frame 28C6 0
98 B 50ms
18ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5134455419462380425
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826432p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:05:36 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame 28C6 43 B
182 B 1015ms
289ms Image
image/gif 23.212.211.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5134455419462380425

Requested by

Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.212.211.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-211-126.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826432p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires: Thu, 01 Jun 2023 23:05:37 GMT
pragma: no-cache
date: Thu, 01 Jun 2023 23:05:37 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 28C6
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5134455419462380425&img=1
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5134455419462380425&img=1&__user_check__=1&sync_id=d1d1d03e-00d0-11ee-abe4-153cf9b00506

43 B
548 B

14ms
14ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5134455419462380425&img=1&__user_check__=1&sync_id=d1d1d03e-00d0-11ee-abe4-153cf9b00506
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826432p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Thu, 01 Jun 2023 23:05:36 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 94
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Thu, 01 Jun 2023 23:05:36 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=7180&uid=5134455419462380425&img=1&__user_check__=1&sync_id=d1d1d03e-00d0-11ee-abe4-153cf9b00506
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 122
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame 28C6 43 B
175 B 324ms
100ms Image
image/gif 2600:1f18:612b:4280:b81b:c2a7:74de:5e7e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5134455419462380425&r=tp8HJ7uUUZid
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4280:b81b:c2a7:74de:5e7e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826432p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Thu, 01 Jun 2023 23:05:37 GMT
server: nginx
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 28C6 43 B
377 B 45ms
8ms Image
image/gif 18.196.21.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5134455419462380425
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.21.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-21-37.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826432p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 23:05:36 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 28C6 0
338 B 119ms
28ms Image
text/plain 54.76.219.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5134455419462380425
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.219.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-219-151.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826432p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-served-by: beacon-n024-dub-prod.krxd.net
date: Thu, 01 Jun 2023 23:05:36 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1685660736
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 28C6
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=5134455419462380425&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5134455419462380425&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}

43 B
345 B

9ms
8ms

Image
image/gif

3.69.149.154
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5134455419462380425&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: H2
Server: 3.69.149.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-149-154.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826432p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:05:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5134455419462380425&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
date: Thu, 01 Jun 2023 23:05:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 28C6
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZHkkQAAAAMpAgABI
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZHkkQAAAAMpAgABI&_test=ZHkkQAAAAMpAgABI

42 B
1 KB

15ms
15ms

Image
image/gif

193.0.160.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZHkkQAAAAMpAgABI&_test=ZHkkQAAAAMpAgABI
Requested by: Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680
Protocol: HTTP/1.1
Server: 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20826432p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type: image/gif
Date: Thu, 01 Jun 2023 23:05:37 GMT
Cache-Control: no-cache
Server: Jetty(9.4.51.v20230217)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-fra-eddf8230043-FRA
pragma: no-cache
date: Thu, 01 Jun 2023 23:05:37 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1685660737.005358,VS0,VE0
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZHkkQAAAAMpAgABI&_test=ZHkkQAAAAMpAgABI
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

POST
H2 200 prod Show response
sesameworkshop.us-7.evergage.com/api2/event/ 10 KB
3 KB 2124ms
1682ms XHR
application/json 52.35.165.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sesameworkshop.us-7.evergage.com/api2/event/prod

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.35.165.45 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-165-45.us-west-2.compute.amazonaws.com

Software

Resource Hash

a466e38b6bd6d94eff778aa4208b4b2ac79897778cf6bb84af9227ae63641880

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://fundraiser.sesameworkshop.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 01 Jun 2023 23:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://fundraiser.sesameworkshop.org
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 ai.2.min.js Show response
az416426.vo.msecnd.net/scripts/b/ Frame 6C42 119 KB
47 KB 69ms
12ms Script
text/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by: Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/Root?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/489E) /
Resource Hash: a602657a3336b260818e5fbba8659e8a971327a571562652c1d46f7c4863d403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 01 Jun 2023 23:05:36 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-07 00:07:47
content-md5: AaaPIcFvUz/xMluxz3SEEw==
age: 979
x-cache: HIT
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.14.min.js
content-length: 47508
x-ms-lease-status: unlocked
last-modified: Wed, 31 May 2023 16:55:54 GMT
server: ECAcc (ama/489E)
x-ms-meta-aijssdkver: 2.8.14
etag: 0x8DB61F7E60C0E87
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 609858cc-501e-00d3-05db-94d1eb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-ms-version: 2009-09-19
expires: Thu, 01 Jun 2023 23:35:36 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 7ms
6ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1592996031002940&ev=PageView&dl=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680&rl=&if=false&ts=1685660736928&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1685660736691.1880930741&cs_est=true&it=1685660736513&coo=false&rqm=GET

Requested by

Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 01 Jun 2023 23:05:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 3D9D 33 KB
19 KB 63ms
62ms XHR
application/json 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LeyosgUAAAAAK6tAS0BOKqSTbWkAYwuL98JvcVE

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bdf862f096094e5d9856104312d5e8b66cdbd6552a1dcae3e42cabc98e408eb7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeyosgUAAAAAK6tAS0BOKqSTbWkAYwuL98JvcVE&co=aHR0cHM6Ly9mdW5kcmFpc2VyLnNlc2FtZXdvcmtzaG9wLm9yZzo0NDM.&hl=de&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=dxfmpdqzwmci
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 01 Jun 2023 23:05:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19243
x-xss-protection: 1; mode=block
expires: Thu, 01 Jun 2023 23:05:36 GMT

GET
H2 200 CardNumber Show response
payments.rallybound.com/iframe/ Frame 1256 11 KB
5 KB 103ms
103ms Document
text/html 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/iframe/CardNumber?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3&rb-placeholder=Card%20Number&rb-class=newFormInput%20&rb-showissuer=1

Requested by

Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/js/jquery-1.7.1.1C74CFE599A12FDF6817158BE44B4A39.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f4e694f8dea963d15ccd3f93eec61cd65674d68a0dab9e4dba52d28017cc76ac

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

Referer: https://fundraiser.sesameworkshop.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
content-type: text/html; charset=utf-8
date: Thu, 01 Jun 2023 23:05:37 GMT
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport

GET
H2 200 CardMonth Show response
payments.rallybound.com/iframe/ Frame 5504 9 KB
4 KB 106ms
105ms Document
text/html 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/iframe/CardMonth?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3&rb-placeholder=MM&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=12

Requested by

Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/js/jquery-1.7.1.1C74CFE599A12FDF6817158BE44B4A39.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ed4b49c773f3c46694e0ab27dc694a762e1b5d0ea2f09f04f0c19638e5970f45

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

Referer: https://fundraiser.sesameworkshop.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 4258
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
content-type: text/html; charset=utf-8
date: Thu, 01 Jun 2023 23:05:37 GMT
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport

GET
H2 200 CardYear Show response
payments.rallybound.com/iframe/ Frame 7E60 9 KB
4 KB 108ms
108ms Document
text/html 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/iframe/CardYear?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3&rb-placeholder=YYYY&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=10

Requested by

Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/js/jquery-1.7.1.1C74CFE599A12FDF6817158BE44B4A39.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

121154b71f8c708a2dc31837cc70016408b8cfc5b0ba21f07a097a15e4f84067

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

Referer: https://fundraiser.sesameworkshop.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
content-type: text/html; charset=utf-8
date: Thu, 01 Jun 2023 23:05:37 GMT
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport

GET
H2 200 CardCvv Show response
payments.rallybound.com/iframe/ Frame B8DE 9 KB
4 KB 106ms
106ms Document
text/html 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/iframe/CardCvv?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3&rb-placeholder=CVV&rb-class=newFormInput%20

Requested by

Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/js/jquery-1.7.1.1C74CFE599A12FDF6817158BE44B4A39.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a54751935d6b1ad64b2e36132b7a13791137ed819b32550d62afe19261c05f14

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

Referer: https://fundraiser.sesameworkshop.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
content-type: text/html; charset=utf-8
date: Thu, 01 Jun 2023 23:05:37 GMT
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport

GET
H3 200 css
fonts.googleapis.com/ Frame 1256 3 KB
443 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/CardNumber?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3&rb-placeholder=Card%20Number&rb-class=newFormInput%20&rb-showissuer=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b7f2d6fa91de80a618910ccc2b98c110dc46b459c956f018dc23cd73411f5905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Jun 2023 23:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 21:18:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Jun 2023 23:05:37 GMT

GET
H2 200 main.css
payments.rallybound.com/css/ Frame 1256 4 KB
2 KB 102ms
101ms Stylesheet
text/css 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/css/main.css?v=icJLdN2CrphQ1yVcoLPxHKIGRMueYx8sRu0N1AVcMyE

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

89c24b74dd82ae9850d7255ca0b3f11ca20644cb9e631f2c46ed0dd4055c3321

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/iframe/CardNumber?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3&rb-placeholder=Card%20Number&rb-class=newFormInput%20&rb-showissuer=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
last-modified: Thu, 18 May 2023 18:21:52 GMT
strict-transport-security: max-age=2592000
etag: "1d989b59e2d711c"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1341
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 3b.min.js Show response
payments.rallybound.com/min/ Frame 1256 107 KB
47 KB 102ms
102ms Script
application/javascript 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/min/3b.min.js?v=iyGoLigZm3gtW2XEHGY7sInYG0HUGgoqZCcu8Frx-i0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8b21a82e28199b782d5b65c41c663bb089d81b41d41a0a2a64272ef05af1fa2d

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/iframe/CardNumber?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3&rb-placeholder=Card%20Number&rb-class=newFormInput%20&rb-showissuer=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
last-modified: Wed, 24 May 2023 19:09:42 GMT
strict-transport-security: max-age=2592000
etag: "1d98e734b4eb439"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H3 200 css
fonts.googleapis.com/ Frame 5504 3 KB
443 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/CardMonth?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3&rb-placeholder=MM&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b7f2d6fa91de80a618910ccc2b98c110dc46b459c956f018dc23cd73411f5905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Jun 2023 23:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 21:05:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Jun 2023 23:05:37 GMT

GET
H2 200 main.css
payments.rallybound.com/css/ Frame 5504 4 KB
2 KB 186ms
185ms Stylesheet
text/css 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/css/main.css?v=icJLdN2CrphQ1yVcoLPxHKIGRMueYx8sRu0N1AVcMyE

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

89c24b74dd82ae9850d7255ca0b3f11ca20644cb9e631f2c46ed0dd4055c3321

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/iframe/CardMonth?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3&rb-placeholder=MM&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
last-modified: Thu, 18 May 2023 18:21:52 GMT
strict-transport-security: max-age=2592000
etag: "1d989b59e2d711c"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1341
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 3b.min.js Show response
payments.rallybound.com/min/ Frame 5504 107 KB
47 KB 187ms
186ms Script
application/javascript 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/min/3b.min.js?v=iyGoLigZm3gtW2XEHGY7sInYG0HUGgoqZCcu8Frx-i0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8b21a82e28199b782d5b65c41c663bb089d81b41d41a0a2a64272ef05af1fa2d

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/iframe/CardMonth?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3&rb-placeholder=MM&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
last-modified: Wed, 24 May 2023 19:09:42 GMT
strict-transport-security: max-age=2592000
etag: "1d98e734b4eb439"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H3 200 css
fonts.googleapis.com/ Frame 7E60 3 KB
443 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/CardYear?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3&rb-placeholder=YYYY&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b7f2d6fa91de80a618910ccc2b98c110dc46b459c956f018dc23cd73411f5905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Jun 2023 23:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 23:01:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Jun 2023 23:05:37 GMT

GET
H2 200 main.css
payments.rallybound.com/css/ Frame 7E60 4 KB
2 KB 181ms
180ms Stylesheet
text/css 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/css/main.css?v=icJLdN2CrphQ1yVcoLPxHKIGRMueYx8sRu0N1AVcMyE

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

89c24b74dd82ae9850d7255ca0b3f11ca20644cb9e631f2c46ed0dd4055c3321

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/iframe/CardYear?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3&rb-placeholder=YYYY&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
last-modified: Thu, 18 May 2023 18:21:52 GMT
strict-transport-security: max-age=2592000
etag: "1d989b59e2d711c"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1341
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 3b.min.js Show response
payments.rallybound.com/min/ Frame 7E60 107 KB
47 KB 181ms
180ms Script
application/javascript 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/min/3b.min.js?v=iyGoLigZm3gtW2XEHGY7sInYG0HUGgoqZCcu8Frx-i0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8b21a82e28199b782d5b65c41c663bb089d81b41d41a0a2a64272ef05af1fa2d

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/iframe/CardYear?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3&rb-placeholder=YYYY&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
last-modified: Wed, 24 May 2023 19:09:42 GMT
strict-transport-security: max-age=2592000
etag: "1d98e734b4eb439"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H3 200 css
fonts.googleapis.com/ Frame B8DE 3 KB
443 B 19ms
19ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/CardCvv?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3&rb-placeholder=CVV&rb-class=newFormInput%20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b7f2d6fa91de80a618910ccc2b98c110dc46b459c956f018dc23cd73411f5905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 01 Jun 2023 23:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 23:02:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Jun 2023 23:05:37 GMT

GET
H2 200 main.css
payments.rallybound.com/css/ Frame B8DE 4 KB
2 KB 180ms
179ms Stylesheet
text/css 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/css/main.css?v=icJLdN2CrphQ1yVcoLPxHKIGRMueYx8sRu0N1AVcMyE

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

89c24b74dd82ae9850d7255ca0b3f11ca20644cb9e631f2c46ed0dd4055c3321

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/iframe/CardCvv?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3&rb-placeholder=CVV&rb-class=newFormInput%20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
last-modified: Thu, 18 May 2023 18:21:52 GMT
strict-transport-security: max-age=2592000
etag: "1d989b59e2d711c"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1341
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 3b.min.js Show response
payments.rallybound.com/min/ Frame B8DE 107 KB
47 KB 180ms
180ms Script
application/javascript 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.rallybound.com/min/3b.min.js?v=iyGoLigZm3gtW2XEHGY7sInYG0HUGgoqZCcu8Frx-i0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8b21a82e28199b782d5b65c41c663bb089d81b41d41a0a2a64272ef05af1fa2d

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/iframe/CardCvv?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3&rb-placeholder=CVV&rb-class=newFormInput%20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
last-modified: Wed, 24 May 2023 19:09:42 GMT
strict-transport-security: max-age=2592000
etag: "1d98e734b4eb439"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

POST
H2 200 track Show response
eastus-0.in.applicationinsights.azure.com//v2/ Frame 6C42 49 B
135 B 98ms
97ms XHR
application/json 52.179.73.44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.179.73.44 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

2f06451e2da9bcec5593f0e5f8be5aaf93a584def5560838666f6ddcc0f90a19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://payments.rallybound.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Thu, 01 Jun 2023 23:05:37 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
x-request-id: 41d5a223-bf37-4245-890c-0a26931851b3
content-type: application/json; charset=utf-8

OPTIONS
H2 200 track
eastus-0.in.applicationinsights.azure.com//v2/ Frame 0
0 412ms
91ms Preflight 52.179.73.44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.179.73.44 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://payments.rallybound.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Thu, 01 Jun 2023 23:05:37 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-request-id: fc7dedcb-297c-41d2-a594-8832a89ac5b7

GET
H2 200 card.svg
payments.rallybound.com/img/payment-icons-master/ Frame 1256 604 B
966 B 168ms
168ms Image
image/svg+xml 52.151.222.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payments.rallybound.com/img/payment-icons-master/card.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.151.222.61 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

da6299bb24777fe5d85158300b55a0c55374f6653b8ad396e57d3a64d2483dc5

Security Headers

Name	Value
Content-Security-Policy	report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; report=https://rest.rallybound.com/api/cspreport

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/iframe/CardNumber?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3&rb-placeholder=Card%20Number&rb-class=newFormInput%20&rb-showissuer=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 23:05:37 GMT
content-security-policy: report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
last-modified: Thu, 18 May 2023 18:21:52 GMT
etag: "1d989b59e2d625c"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 604
x-xss-protection: 1; report=https://rest.rallybound.com/api/cspreport
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 ai.2.min.js Show response
az416426.vo.msecnd.net/scripts/b/ Frame 1256 119 KB
47 KB 13ms
12ms Script
text/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by: Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/CardNumber?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3&rb-placeholder=Card%20Number&rb-class=newFormInput%20&rb-showissuer=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/489E) /
Resource Hash: a602657a3336b260818e5fbba8659e8a971327a571562652c1d46f7c4863d403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 01 Jun 2023 23:05:37 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-07 00:07:47
content-md5: AaaPIcFvUz/xMluxz3SEEw==
age: 980
x-cache: HIT
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.14.min.js
content-length: 47508
x-ms-lease-status: unlocked
last-modified: Wed, 31 May 2023 16:55:54 GMT
server: ECAcc (ama/489E)
x-ms-meta-aijssdkver: 2.8.14
etag: 0x8DB61F7E60C0E87
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 609858cc-501e-00d3-05db-94d1eb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-ms-version: 2009-09-19
expires: Thu, 01 Jun 2023 23:35:37 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 7ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=192812268277246&ev=Microdata&dl=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680&rl=&if=false&ts=1685660737198&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Donate%20-%20Donate%20%7C%20Sesame%20Workshop%22%2C%22meta%3Adescription%22%3A%22Help%20support%20Sesame%20Workshop%20today!%22%2C%22meta%3Akeywords%22%3A%22Donate%20%7C%20Sesame%20Workshop%2C%20Sesame%20Workshop%2C%20Donate%20%7C%20Sesame%20Workshop%200%2C%20%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn.rallybound.org%2FContent%2Fimages%2Fimg%2F18069%2Fsw_socialshare.jpg%22%2C%22og%3Atitle%22%3A%22Donate%20today!%22%2C%22og%3Adescription%22%3A%22Support%20the%20next%2050%20years%20of%20sunny%20days.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&ec=1&o=30&fbp=fb.1.1685660736691.1880930741&it=1685660736513&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: fundraiser.sesameworkshop.org
URL: https://fundraiser.sesameworkshop.org/donate-main/Donate?utm_medium=email&utm_source=sfmc&utm_campaign=193909&testind=false&sfmcsub=73169680

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 01 Jun 2023 23:05:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 ai.2.min.js Show response
az416426.vo.msecnd.net/scripts/b/ Frame 5504 119 KB
46 KB 13ms
12ms Script
text/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by: Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/CardMonth?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3&rb-placeholder=MM&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=12
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/489E) /
Resource Hash: a602657a3336b260818e5fbba8659e8a971327a571562652c1d46f7c4863d403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 01 Jun 2023 23:05:37 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-07 00:07:47
content-md5: AaaPIcFvUz/xMluxz3SEEw==
age: 980
x-cache: HIT
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.14.min.js
content-length: 47508
x-ms-lease-status: unlocked
last-modified: Wed, 31 May 2023 16:55:54 GMT
server: ECAcc (ama/489E)
x-ms-meta-aijssdkver: 2.8.14
etag: 0x8DB61F7E60C0E87
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 609858cc-501e-00d3-05db-94d1eb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-ms-version: 2009-09-19
expires: Thu, 01 Jun 2023 23:35:37 GMT

GET
H2 200 ai.2.min.js Show response
az416426.vo.msecnd.net/scripts/b/ Frame 7E60 119 KB
46 KB 13ms
12ms Script
text/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by: Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/CardYear?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3&rb-placeholder=YYYY&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/489E) /
Resource Hash: a602657a3336b260818e5fbba8659e8a971327a571562652c1d46f7c4863d403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 01 Jun 2023 23:05:37 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-07 00:07:47
content-md5: AaaPIcFvUz/xMluxz3SEEw==
age: 980
x-cache: HIT
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.14.min.js
content-length: 47508
x-ms-lease-status: unlocked
last-modified: Wed, 31 May 2023 16:55:54 GMT
server: ECAcc (ama/489E)
x-ms-meta-aijssdkver: 2.8.14
etag: 0x8DB61F7E60C0E87
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 609858cc-501e-00d3-05db-94d1eb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-ms-version: 2009-09-19
expires: Thu, 01 Jun 2023 23:35:37 GMT

GET
H2 200 ai.2.min.js Show response
az416426.vo.msecnd.net/scripts/b/ Frame B8DE 119 KB
46 KB 13ms
13ms Script
text/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by: Host: payments.rallybound.com
URL: https://payments.rallybound.com/iframe/CardCvv?rb-url=https%3A%2F%2Ffundraiser.sesameworkshop.org&rb-pageSource=newForm37661912&rb-jsVersion=3&rb-placeholder=CVV&rb-class=newFormInput%20
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/489E) /
Resource Hash: a602657a3336b260818e5fbba8659e8a971327a571562652c1d46f7c4863d403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payments.rallybound.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 01 Jun 2023 23:05:37 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-07 00:07:47
content-md5: AaaPIcFvUz/xMluxz3SEEw==
age: 980
x-cache: HIT
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.14.min.js
content-length: 47508
x-ms-lease-status: unlocked
last-modified: Wed, 31 May 2023 16:55:54 GMT
server: ECAcc (ama/489E)
x-ms-meta-aijssdkver: 2.8.14
etag: 0x8DB61F7E60C0E87
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 609858cc-501e-00d3-05db-94d1eb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-ms-version: 2009-09-19
expires: Thu, 01 Jun 2023 23:35:37 GMT

GET
H2 200 blue-cstm.png
cdn3.rallybound.com/Content/Global/vendor/icheck/skins/minimal/ 2 KB
2 KB 8ms
7ms Image
image/png 2600:9000:2156:0:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.rallybound.com/Content/Global/vendor/icheck/skins/minimal/blue-cstm.png
Requested by: Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/css/18069.standalone-override.B5DD40CA5F6DDFD7F8D37304E92CD4A2.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e98d83a980cf0254bc5414ba21000bc3f0ad82260054125cd887ad51b6a10489

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn3.rallybound.com/Content/css/18069.standalone-override.B5DD40CA5F6DDFD7F8D37304E92CD4A2.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 04:34:51 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
last-modified: Wed, 17 Feb 2021 03:57:17 GMT
x-amz-cf-pop: FRA50-C1
age: 15359446
etag: "34e8a8fbe04d71:0"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 2036
x-amz-cf-id: NbBRyUthH4UWPJEfKZHysHRRJMmVzhsw513CUWxymd4eNCOh-ebN4g==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 blackSelMod-w.png
cdn3.rallybound.com/Content/Global/img/ 1023 B
1 KB 8ms
7ms Image
image/png 2600:9000:2156:0:d:7e10:cb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.rallybound.com/Content/Global/img/blackSelMod-w.png
Requested by: Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/css/18069.standalone-override.B5DD40CA5F6DDFD7F8D37304E92CD4A2.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:d:7e10:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d645ed2e72da8bbed4824b0adc7214794f7c29fac2ede1728b56ae54eea61d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn3.rallybound.com/Content/css/18069.standalone-override.B5DD40CA5F6DDFD7F8D37304E92CD4A2.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 08:56:03 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
last-modified: Wed, 17 Feb 2021 03:57:16 GMT
x-amz-cf-pop: FRA50-C1
age: 21996574
etag: "ccc363fbe04d71:0"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Request-Context
accept-ranges: bytes
content-length: 1023
x-amz-cf-id: 1cRH7uJrLW-t-x0kaSHREx8MtdUcu01RK6LJIw1xRiy8OjGrIgUuEg==
request-context: appId=cid-v1:8b67e793-887f-494d-a6aa-37f174a5d458

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fundraiser.sesameworkshop.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 13:31:10 GMT
x-content-type-options: nosniff
age: 466467
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 13:31:10 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=270692134&t=timing&_s=3&dl=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680&ul=en-us&de=UTF-8&dt=Donate%20-%20Donate%20%7C%20Sesame%20Workshop&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2419&pdt=184&dns=228&rrt=408&srt=128&tcp=187&dit=1482&clt=1482&_gst=1030&_gbt=1392&_u=4CnACUABBAAAACAEO~&jid=&gjid=&cid=1810834223.1685660736&tid=UA-38313123-1&_gid=1171096435.1685660736&gtm=457e35v0&z=1915897130

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 11:28:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 41802
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=270692134&t=timing&_s=2&dl=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680&ul=en-us&de=UTF-8&dt=Donate%20-%20Donate%20%7C%20Sesame%20Workshop&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2419&pdt=184&dns=228&rrt=408&srt=128&tcp=187&dit=1482&clt=1482&_gst=1030&_gbt=1392&_u=4CnACUABBAAAACAEO~&jid=&gjid=&cid=1810834223.1685660736&tid=UA-98721936-3&_gid=1081182183.1685660736&gtm=45He35v0n81NPFGTHZ&cd3=1810834223.1685660736&cd4=gtm.js&cd2=1810834223.1685660736&cd5=1685660736&cd6=c4634848-e3d5-41ab-9627-b32756db1163&cd7=GTM-NPFGTHZ&z=832567051

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 11:28:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 41802
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=270692134&t=timing&_s=2&dl=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680&ul=en-us&de=UTF-8&dt=Donate%20-%20Donate%20%7C%20Sesame%20Workshop&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2419&pdt=184&dns=228&rrt=408&srt=128&tcp=187&dit=1482&clt=1482&_gst=1030&_gbt=1392&_u=4CnACUABBAAAACAEO~&jid=&gjid=&cid=1810834223.1685660736&tid=%5Bobject%20Object%5D&_gid=1171096435.1685660736&gtm=45He35v0n81NPFGTHZ&z=1646898627

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jun 2023 11:28:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 41802
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 track
eastus-0.in.applicationinsights.azure.com//v2/ Frame 0
0 142ms
92ms Preflight 52.179.73.44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.179.73.44 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://payments.rallybound.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Thu, 01 Jun 2023 23:05:37 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-request-id: f3034c85-3641-4efb-acdd-72261ca58db5

POST
H2 200 track Show response
eastus-0.in.applicationinsights.azure.com//v2/ Frame 5504 49 B
112 B 185ms
184ms XHR
application/json 52.179.73.44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.179.73.44 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

a0371d4fc59a21c844b13e45055c533e2410c7238808a8378e5f57d13f1db958

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://payments.rallybound.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Thu, 01 Jun 2023 23:05:37 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
x-request-id: 2d2a39ff-15ed-4197-8a5b-f0f1aa3e0041
content-type: application/json; charset=utf-8

OPTIONS
H2 200 track
eastus-0.in.applicationinsights.azure.com//v2/ Frame 0
0 133ms
91ms Preflight 52.179.73.44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.179.73.44 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://payments.rallybound.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Thu, 01 Jun 2023 23:05:37 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-request-id: c85c8bca-9052-45c4-9728-8ba340bbb42a

POST
H2 200 track Show response
eastus-0.in.applicationinsights.azure.com//v2/ Frame 7E60 49 B
111 B 98ms
97ms XHR
application/json 52.179.73.44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.179.73.44 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

a0371d4fc59a21c844b13e45055c533e2410c7238808a8378e5f57d13f1db958

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://payments.rallybound.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Thu, 01 Jun 2023 23:05:37 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
x-request-id: 8fb4a0cf-265c-4abe-ac46-ce862feef1eb
content-type: application/json; charset=utf-8

OPTIONS
H2 200 track
eastus-0.in.applicationinsights.azure.com//v2/ Frame 0
0 131ms
92ms Preflight 52.179.73.44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.179.73.44 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://payments.rallybound.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Thu, 01 Jun 2023 23:05:37 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-request-id: c32196c9-404c-471c-8083-cecc1f56040c

POST
H2 200 track Show response
eastus-0.in.applicationinsights.azure.com//v2/ Frame 1256 49 B
112 B 99ms
98ms XHR
application/json 52.179.73.44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.179.73.44 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

a0371d4fc59a21c844b13e45055c533e2410c7238808a8378e5f57d13f1db958

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://payments.rallybound.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Thu, 01 Jun 2023 23:05:37 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
x-request-id: d4b9a1fe-8a9a-4f6c-bb80-7d08e1c8b5ee
content-type: application/json; charset=utf-8

OPTIONS
H2 200 track
eastus-0.in.applicationinsights.azure.com//v2/ Frame 0
0 127ms
92ms Preflight 52.179.73.44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.179.73.44 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fundraiser.sesameworkshop.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Thu, 01 Jun 2023 23:05:37 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-request-id: 0a9958d7-e927-4d86-b7f3-325c0f856a91

POST
H2 200 track Show response
eastus-0.in.applicationinsights.azure.com//v2/ 51 B
114 B 191ms
190ms XHR
application/json 52.179.73.44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.179.73.44 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

257a956a04c6d4e9bb0c4452c175d5f032370c558d260f946109cfaee680906c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://fundraiser.sesameworkshop.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Thu, 01 Jun 2023 23:05:37 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
x-request-id: b46b190b-485b-4fc1-8419-fb6130ce72db
content-type: application/json; charset=utf-8

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1592996031002940&ev=Microdata&dl=https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680&rl=&if=false&ts=1685660737429&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Donate%20-%20Donate%20%7C%20Sesame%20Workshop%22%2C%22meta%3Adescription%22%3A%22Help%20support%20Sesame%20Workshop%20today!%22%2C%22meta%3Akeywords%22%3A%22Donate%20%7C%20Sesame%20Workshop%2C%20Sesame%20Workshop%2C%20Donate%20%7C%20Sesame%20Workshop%200%2C%20%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn.rallybound.org%2FContent%2Fimages%2Fimg%2F18069%2Fsw_socialshare.jpg%22%2C%22og%3Atitle%22%3A%22Donate%20today!%22%2C%22og%3Adescription%22%3A%22Support%20the%20next%2050%20years%20of%20sunny%20days.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Ffundraiser.sesameworkshop.org%2Fdonate-main%2FDonate%3Futm_medium%3Demail%26utm_source%3Dsfmc%26utm_campaign%3D193909%26testind%3Dfalse%26sfmcsub%3D73169680%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&ec=1&o=30&fbp=fb.1.1685660736691.1880930741&it=1685660736513&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fundraiser.sesameworkshop.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 01 Jun 2023 23:05:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

OPTIONS
H2 200 track
eastus-0.in.applicationinsights.azure.com//v2/ Frame 0
0 92ms
92ms Preflight 52.179.73.44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.179.73.44 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://payments.rallybound.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Thu, 01 Jun 2023 23:05:37 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-request-id: 64d5062a-8120-43ca-af60-74031a08a7b1

POST
H2 200 track Show response
eastus-0.in.applicationinsights.azure.com//v2/ Frame B8DE 49 B
112 B 166ms
166ms XHR
application/json 52.179.73.44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://eastus-0.in.applicationinsights.azure.com//v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.179.73.44 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

a0371d4fc59a21c844b13e45055c533e2410c7238808a8378e5f57d13f1db958

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://payments.rallybound.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Thu, 01 Jun 2023 23:05:37 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
x-request-id: 0ffbfa48-1845-4106-b8ab-d45e94994641
content-type: application/json; charset=utf-8

POST
H2 204 pr
sesameworkshop.us-7.evergage.com/ 0
454 B 173ms
172ms Ping
text/plain 52.35.165.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sesameworkshop.us-7.evergage.com/pr?.top=2294&item=%7B%22type%22%3A%22Product%22%2C%22_id%22%3A%227018a000001kythAAA%22%7D&action=View%20Catalog%20Object&.tt=2126&.ttdns=96&.dt=1495&.lt=2420&.btdns=8&.bv=16&_ak=sesameworkshop&_ds=prod&.scv=4&channel=Web&_r=712180&.anonId=15d107bf6d1b0cf0&_anon=true

Requested by

Host: cdn.evgnet.com
URL: https://cdn.evgnet.com/beacon/sesameworkshop/prod/scripts/evergage.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.35.165.45 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-165-45.us-west-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fundraiser.sesameworkshop.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://fundraiser.sesameworkshop.org
date: Thu, 01 Jun 2023 23:05:38 GMT
x-content-type-options: nosniff
timing-allow-origin: *

Verdicts & Comments Add Verdict or Comment

513 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 16:33:32	Name: _GRECAPTCHA Value: 09ALyjir81Abg3eR3vcZyQEM1kmiUXoj_bQ7M98CtsJ1C7dKoiDYgjMmNbe-aTF8NAWtiRnM0JCDWcI9c--FhQtqs
i.liadm.com/s	1970-01-20 12:57:32	Name: _li_ss Value: CgA
.fundraiser.sesameworkshop.org/	1969-12-31 23:59:59	Name: .rbsession4 Value: h1uk2425xvq1jspzlnpcu2l3
.sesameworkshop.org/	1970-01-20 21:50:20	Name: _ga_KYX847QR49 Value: GS1.1.1685660736.1.0.1685660736.0.0.0
.sesameworkshop.org/	1970-01-20 14:23:56	Name: _gcl_au Value: 1.1.935958600.1685660736
.fundraiser.sesameworkshop.org/	1970-01-20 21:50:20	Name: _ga Value: GA1.3.1810834223.1685660736
.fundraiser.sesameworkshop.org/	1970-01-20 12:15:47	Name: _gid Value: GA1.3.1171096435.1685660736
.fundraiser.sesameworkshop.org/	1970-01-20 12:14:20	Name: _gat_gtag_UA_38313123_1 Value: 1
.sesameworkshop.org/	1970-01-20 21:50:20	Name: _rollupGa Value: GA1.2.1810834223.1685660736
.sesameworkshop.org/	1970-01-20 12:15:47	Name: _rollupGa_gid Value: GA1.2.1081182183.1685660736
.sesameworkshop.org/	1970-01-20 12:14:20	Name: _gat_clientTracker Value: 1
.sesameworkshop.org/	1970-01-20 21:50:20	Name: _ga Value: GA1.2.1810834223.1685660736
.sesameworkshop.org/	1970-01-20 12:15:47	Name: _gid Value: GA1.2.1171096435.1685660736
.sesameworkshop.org/	1970-01-20 12:14:20	Name: _gat_%5Bobject%20Object%5D Value: 1
fundraiser.sesameworkshop.org/	1970-01-20 20:59:56	Name: ai_user Value: cZOwiPm4TG8p6xV4rMj7I4\|2023-06-01T23:05:36.380Z
fundraiser.sesameworkshop.org/	1970-01-20 12:14:22	Name: ai_session Value: ciPePl6287Hi+QGZ64FCgj\|1685660736385\|1685660736385
.fundraiser.sesameworkshop.org/	1970-01-20 21:50:20	Name: _ga_SSQ4JJ0H65 Value: GS1.3.1685660736.1.0.1685660736.0.0.0
.doubleclick.net/	1970-01-20 21:35:56	Name: IDE Value: AHWqTUlUZUtJq7ELElatnUIk_OxFOkxRCWNiTx6C-vTNbfvR0TYXVHma3tP_b3kVf_k
.sesameworkshop.org/	1970-01-20 12:15:47	Name: _uetsid Value: d1a0526000d011ee8e4091f7c8512ca9
.sesameworkshop.org/	1970-01-20 21:35:56	Name: _uetvid Value: d1a0e25000d011ee8b760376b7514b3c
.bing.com/	1970-01-20 21:35:56	Name: MUID Value: 3307473C09AD67692477541F087F66BD
.payments.rallybound.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 5ac5a5b6b0474f4a176adea3605fa714567efe822ec3033deff0c52abd6389e8
.rfihub.com/	1970-01-20 21:35:56	Name: rud Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxtDQxMzK2MDAxMhXiM9QNt4gMtHCPCNP1zygDAIP_2KUlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxtDQxMzK2MDAxMhXiM9QNt4gMtHCPCNP1zygDAIP_2KUlAAAA
.sesameworkshop.org/	1970-01-20 14:23:56	Name: _fbp Value: fb.1.1685660736691.1880930741
.fundraiser.sesameworkshop.org/	1970-01-20 21:50:20	Name: _sfid_40a7 Value: {%22anonymousId%22:%2215d107bf6d1b0cf0%22%2C%22consents%22:[{%22consent%22:{%22purpose%22:%22Personalization%22%2C%22provider%22:%22Production%20Consent%20Manager%22%2C%22status%22:%22Opt%20In%22}%2C%22lastUpdateTime%22:%222023-06-01T23:05:36.541Z%22%2C%22lastSentTime%22:%222023-06-01T23:05:36.699Z%22}]}
.casalemedia.com/	1970-01-20 20:59:56	Name: CMID Value: ZHkkQOfOTwljw9UUHqQ-1AAA
.casalemedia.com/	1970-01-20 14:23:56	Name: CMPS Value: 5168
.casalemedia.com/	1970-01-20 14:23:56	Name: CMPRO Value: 5168
.yahoo.com/	1970-01-20 21:00:18	Name: A3 Value: d=AQABBD0keWQCEP4eTs-ilK1h_MUSjZWH9pQFEgEBAQF1emSDZOANyiMA_eMAAA&S=AQAAAjpxUNuGVda-cXxO-6hXtRg
.pubmatic.com/	1970-01-20 14:23:56	Name: KRTBCOOKIE_18 Value: 22947-5134455419462380425
.pubmatic.com/	1970-01-20 12:57:32	Name: PugT Value: 1685660736
.media.net/	1970-01-20 20:59:56	Name: visitor-id Value: 3286623368886388000V10
.media.net/	1970-01-20 20:58:30	Name: data-rk Value: 5134455419462380425~~3
.adnxs.com/	1970-01-20 14:23:56	Name: uuid2 Value: 7129455784091292369
.adnxs.com/	1970-01-20 14:23:56	Name: anj Value: dTM7k!M4/YErk#WF']wIg2H`bse7`5!@wnfH8KAM.xpH^Gmi]#DYf*jDZFMgEs8ciCy-]wI<a_zeKC1v!AXTO:4=sB!$!@e.=5FE
.spotxchange.com/	1970-01-20 12:54:39	Name: audience Value: d1d1cfff-00d0-11ee-abe4-153cf9b00506
.demdex.net/	1970-01-20 16:33:32	Name: demdex Value: 44759273993335115982482800050201136430
.eyeota.net/	1970-01-20 12:14:21	Name: SERVERID Value: 16898~DM
.rezync.com/	1970-01-20 16:33:32	Name: zync-uuid Value: 0bd5341e-a85f-4955-b360-c1ab515623cc:1685660736.8133814
.bidswitch.net/	1970-01-20 20:59:56	Name: tuuid Value: eed5168d-b317-4e3c-8463-5921f7b76c4a
.bidswitch.net/	1970-01-20 20:59:56	Name: c Value: 1685660736
.bidswitch.net/	1970-01-20 20:59:56	Name: tuuid_lu Value: 1685660736
.krxd.net/	1970-01-20 16:33:32	Name: _kuid_ Value: PlxId1aX
.dpm.demdex.net/	1970-01-20 16:33:32	Name: dpm Value: 44759273993335115982482800050201136430
.everesttech.net/	1970-01-20 20:59:56	Name: everest_g_v2 Value: g_surferid~ZHkkQAAAAMpAgABI
payments.rallybound.com/	1970-01-20 20:59:56	Name: ai_user Value: xSF+nHyQAPHMhtzaVw3MrT\|2023-06-01T23:05:37.024Z
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA12DQgKMzNNNwvJNyzUdclIrwoMzPVyz17FKBDlkZ0d6AgEvgWO6Y5Onk0s5gZJKabGJoapuokWpmm6JpamprpJxmYGusmGiUmmhqZmRsbJyVaGZhamZmYG5sZmehaGxsYWhiYAkp06mmsAAAA
live.rezync.com/	1970-01-20 16:33:32	Name: sd-session-id Value: .eJwNy00OgjAQQOG7zJqaDvNj6WVIKWPSKNVQ3Ei4u12-5HsnzB_bt1StHhCP_WsD5Ffp1SCe0MpvsydEECRmEcaJdaTgeRS4BmjWWnnXuazd-GUVYjSXgjwcTyJuIfUuY1oEpX85R9Qgqv5OegtIFJDh-gOmYSVb.ZHkkQQ.TYFQ0N5a9hTKr4TVG2PxAldg1Ng
.rfihub.com/	1970-01-20 21:35:56	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA12DQgKMzNNNwvJNyzUdclIrwoMzPVyzw7iNTSzMDUzMzA3NrMwM5nFiMQ3MzDZhMbfhcY_hcZ_hcb_hcafxITKn4XGX4TGX4XG34TG34WungWVfwuZb25qsYhVIMojOzvQEQh8CxzTHZ08V7EilJgbGBlsYkWzghvNC8LmBkkppsYmhqm6iRamabomlqamuknGZga6yYaJSaaGpmZGxsnJVghNehaGxsYWhiazhJFtsjRehMo3eSSMahMAvNyGwroBAAA
payments.rallybound.com/	1970-01-20 12:14:22	Name: ai_session Value: 9I2i4qIc/a/YblnhmaCBmn\|1685660737128\|1685660737476
.liadm.com/	1970-01-20 21:50:20	Name: lidid Value: 05f302fe-71c7-4e2e-8102-84f600ff4689
.fundraiser.sesameworkshop.org/	1970-01-20 21:50:20	Name: _evga_e6bf Value: {%22uuid%22:%2215d107bf6d1b0cf0%22%2C%22puid%22:%22vPDjOBU_sZ6bPaYJR6MLhGnRgAFUMaZYIYwQd1qI3BJREsUdnDGjRHE8zBs-rIPkUUJ8KDTozkuh52thGmRveejurcJbN7a--nuv5tkMUSs%22%2C%22affinityId%22:%2216S%22}
sesameworkshop.us-7.evergage.com/	1970-01-20 12:24:25	Name: AWSALBCORS Value: ZttRm5lvEUgfl5IWwAS18FYrtBGUjMznG73lFRRiFsWi6O75FYiBo6LEzA7OAOPk+Ev5TBUADcR93g5nFCxSE7Q+fEdoun0dFz4NJzpEZW+yjfs83PeDMOQa3u3J

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5134455419462380425 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://pippio.com/api/sync?it=1&pid=500040&_=1685660736.8144987&iv=0bd5341e-a85f-4955-b360-c1ab515623cc:1685660736.8133814 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://pippio.com/api/sync?it=1&pid=500040&_=1685660736.9978933&iv=0bd5341e-a85f-4955-b360-c1ab515623cc:1685660736.8133814 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' admin.rallybound.com sesameworkshop.org *.sesameworkshop.org; report-uri https://rest.rallybound.com/api/cspreport;
Strict-Transport-Security	max-age=15552000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10123262.fls.doubleclick.net
20826432p.rfihub.com
a.rfihub.com
aa.agkn.com
adservice.google.com
ajax.googleapis.com
az416426.vo.msecnd.net
bat.bing.com
beacon.krxd.net
bpi.rtactivate.com
c1.rfihub.net
cdn.evgnet.com
cdn3.rallybound.com
click.e.sesame.org
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
contextual.media.net
dpm.demdex.net
dsum-sec.casalemedia.com
eastus-0.in.applicationinsights.azure.com
fonts.googleapis.com
fonts.gstatic.com
fundraiser.sesameworkshop.org
googleads.g.doubleclick.net
i.liadm.com
ib.adnxs.com
idsync.rlcdn.com
image.e.sesame.org
image2.pubmatic.com
js.monitor.azure.com
live.rezync.com
p.rfihub.com
partners.tremorhub.com
payments.rallybound.com
pippio.com
ps.eyeota.net
region1.google-analytics.com
s.yimg.com
sesameworkshop.org
sesameworkshop.us-7.evergage.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.sesameworkshop.org
x.bidswitch.net
x.dlx.addthis.com
107.178.254.65
128.245.146.212
142.250.181.230
151.101.0.114
151.101.2.49
172.217.23.98
18.196.21.37
185.64.189.110
185.80.39.216
185.89.211.84
185.94.180.126
193.0.160.131
2001:4860:4802:34::36
2001:4de0:ac18::1:a:2a
212.82.100.181
23.212.211.126
2600:1f18:612b:4280:b81b:c2a7:74de:5e7e
2600:9000:214f:4e00:1:76cf:fe80:93a1
2600:9000:2156:0:d:7e10:cb00:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2620:12a:8000::3
2620:1ec:4e:1::45
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:803::200a
2a00:1450:4001:806::200a
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:813::2003
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::200e
2a00:1450:400c:c00::9d
2a02:26f0:3100::1735:2baa
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.225.23.173
3.69.149.154
34.98.64.218
35.244.174.68
52.151.222.61
52.16.141.94
52.179.73.44
52.188.24.159
52.35.165.45
52.57.150.20
54.158.245.95
54.76.219.151
65.9.66.84
95.101.148.20
01ceac19d4db649328dab8cb759c7bcba6e3ca9f3605723bc0fdd80c1c4d2c2e
0201106038df301456922c2a5367249f9a0904ac57ff35f20641a2fe3ddc325c
0d1dc8f528b6811119e1ab0cec7fa47d3d77c04484224b40efae1a5ae359088d
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
108d55b077edd025776aaf4994b6000187ddb4812de4b4e15ed853b1eccb6927
119e52a813937de0e484171a541a11e87f6d241aa9f7cbc1075d85db417f94b4
121154b71f8c708a2dc31837cc70016408b8cfc5b0ba21f07a097a15e4f84067
1491e1a4d6f5ffb1cb069d33983e8fa7a94c04b93dfee7a6523e677f940f42e9
15a3f7e8bb652629149835ed88c06327c781f326dbf320653544c2073d636622
16bba487f50382d9ef82108ff741d919fca20b314b987224c9a18b5f4ed4a761
17ea5e84c47264c4e1a6409174f06e02ba166fbfe0033aa9d2dfec0d6c380323
18b96b1e962b89a95a8425f427341c7238f1e0b5a38aa039ec6cbb6bb295c0cd
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
257a956a04c6d4e9bb0c4452c175d5f032370c558d260f946109cfaee680906c
2a0f5e908edc7c3a3bfbdcf0467d3b9b565eabdb53bf0673b9720dfd1fa71455
2f06451e2da9bcec5593f0e5f8be5aaf93a584def5560838666f6ddcc0f90a19
3424da374fb8f6646c5f047c9e76f004deacad9c33eba4fad193c5759c89cf49
351e352b237fa33434844727ab9aeb1f3f097e9868fe69b37d4c44b4c0899ad3
4122ec76cfe36f6e64359e81f16dc9902781dae082df0f497232692792485ad8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4533479f21f5a89a89d9c5e0302f66a60393cc80c9348b576e6f21be12ecf388
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57888fa39daac1c07c787aea9bc07b651d78f3edd102eb8760b41d12e0ec622c
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
6a40ffe9c5fb27fd8127958c24627c81664e6985a6b16c2854e3e2cc681b9dff
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d3e376a71e5736021bde821e3a47c3ed4b3d8b4ca01817d4e438a2802b89c5f
72750dc5cdcaa538491728c6a58d6d1d97d28024f227ce7f13e63ddeba908226
72d9830a52597d534ae8f47eabb35eef20d343180a2e06417b7aa9784fc8e40c
767ede4ae50d636fb229ebc63fed6a93e12067c52434a37f55c3eb93caea4421
7d8b4dc8178140921e9e860294e5732bccc8b20be3204309174ba4ebf0f77da4
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85926acd66622d5a7ead093a3910facfe721a772b5f855b22c25e639e90ede05
89c24b74dd82ae9850d7255ca0b3f11ca20644cb9e631f2c46ed0dd4055c3321
8b21a82e28199b782d5b65c41c663bb089d81b41d41a0a2a64272ef05af1fa2d
8c9416d3ca780de33a092904a9e130716d7e74d3c727dc3ee913f7cf12962164
8d645ed2e72da8bbed4824b0adc7214794f7c29fac2ede1728b56ae54eea61d3
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
95d5b67a78f81f3c071b01f888c9a468c13c8288597b64c99ff829e35b51a012
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9c938e105c420a6d888921eac6b0982446d4efa32eb50cb45a201b90ee6cdbb7
9e2831acb97097ce89e609e9ff841c6c6293ffeb1ce3e2acc07dfcdeeaa621fd
a00b85b2ed10af5203603496831d3add957ee00560ad9c55ccdfcbbcf1b00e41
a0371d4fc59a21c844b13e45055c533e2410c7238808a8378e5f57d13f1db958
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3350caedc84405b568c40447d793a5f1f5bbb8dfb6b395da25b037b52fc96d9
a466e38b6bd6d94eff778aa4208b4b2ac79897778cf6bb84af9227ae63641880
a54751935d6b1ad64b2e36132b7a13791137ed819b32550d62afe19261c05f14
a602657a3336b260818e5fbba8659e8a971327a571562652c1d46f7c4863d403
a61c3c57beeee91aa25ea36f90c7801d17bcd24136cb19a47a8c8e9bb85a3a57
a6f55bd1aa72f9f186f5b15cdec0785bfb182ed99ca9f4f068c0822af18506df
a993cd5edf9ffb5c5a6fa18c4d7889953966db05af0d121d14cacc48223f29b8
ad4269a4b821427897a9544eaa3a79d43ac5e29a26e3bffb26a403e160d9648c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7f2d6fa91de80a618910ccc2b98c110dc46b459c956f018dc23cd73411f5905
bdf862f096094e5d9856104312d5e8b66cdbd6552a1dcae3e42cabc98e408eb7
c00887310bf33e6c21678200deef8dda19ec23378a705dc83b318f10dbba3fc1
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
d236db48a51d929fedfa6a110b401a2d4753669e3a8380a34339eb333cf18616
d7bd1344379eb2ac9631066d92e8675977cfdac8dd9ce4b751c01c3f13725a87
da6299bb24777fe5d85158300b55a0c55374f6653b8ad396e57d3a64d2483dc5
dd630127427deb2a902c8f7b1dfe7394936449ff7f1c19873ad07d49771459da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51b49fdc555edf2005782e0381211b85b4acec4f60df3710a04358005a4b82b
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e98d83a980cf0254bc5414ba21000bc3f0ad82260054125cd887ad51b6a10489
ed4b49c773f3c46694e0ab27dc694a762e1b5d0ea2f09f04f0c19638e5970f45
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e694f8dea963d15ccd3f93eec61cd65674d68a0dab9e4dba52d28017cc76ac
f58910881bc0b682bb3a7957166b50539b04b7d5feef109ca027dba9d7114786
f8fbf7e16e3604db25ab37c4a496865033167bb550e3b2e92f1070424f48723a
fc2e5798ba2f836daefe1fa3dbcabc1a80a7f918495b8cbbdd10fc5fb7f6b2d6

fundraiser.sesameworkshop.org Open in urlscan Pro 52.188.24.159 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

133 Requests

91 %HTTPS

46 %IPv6

41 Domains

55 Subdomains

47 IPs

7 Countries

3794 kBTransfer

6679 kBSize

54 Cookies

10 Outgoing links

Page URL History

Redirected requests

133 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fundraiser.sesameworkshop.org Open in urlscan Pro
52.188.24.159 Public Scan

Screenshot
Live screenshot

Full Image

133
Requests

91 %
HTTPS

46 %
IPv6

41
Domains

55
Subdomains

47
IPs

7
Countries

3794 kB
Transfer

6679 kB
Size

54
Cookies

133 HTTP transactions
0 data transactions