www.gtcuw.org Open in urlscan Pro
216.59.56.95 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.dsp.gtcuw.org/?qs=0880eb8fdccb8f6c11fbbcdcf2d11f0e363ebcfad19fcaea6585d39d5762a4daac049bf2e730195e23c7ad100b48...
Effective URL:
https://www.gtcuw.org/donate/
Submission: On December 30 via manual (December 30th 2022, 6:57:21 pm UTC) from CA — Scanned from CA

Summary HTTP 123 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 29 IPs in 2 countries across 25 domains to perform 123 HTTP transactions. The main IP is 216.59.56.95, located in United States and belongs to TUT-AS, US. The main domain is www.gtcuw.org.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 25th 2022. Valid for: a year.

This is the only time www.gtcuw.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	128.17.225.164 128.17.225.164	14340 (SALESFORCE) (SALESFORCE)
35	216.59.56.95 216.59.56.95	53334 (TUT-AS) (TUT-AS)
5	2600:1400:d::... 2600:1400:d::17db:5d2b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
14	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:e04e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:823::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2600:1400:d::... 2600:1400:d::17db:5d0b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	142.250.81.230 142.250.81.230	15169 (GOOGLE) (GOOGLE)
2	143.204.138.162 143.204.138.162	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:806::200e	15169 (GOOGLE) (GOOGLE)
5 8	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	52.45.33.138 52.45.33.138	14618 (AMAZON-AES) (AMAZON-AES)
2 2	68.67.181.211 68.67.181.211	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	142.251.40.226 142.251.40.226	15169 (GOOGLE) (GOOGLE)
1 2	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
20	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
4	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	69.16.175.42 69.16.175.42	20446 (STACKPATH...) (STACKPATH-CDN)
1	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	52.159.97.111 52.159.97.111	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2600:9000:251... 2600:9000:2514:c000:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:817::2004	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::9b	15169 (GOOGLE) (GOOGLE)
1	35.166.137.69 35.166.137.69	16509 (AMAZON-02) (AMAZON-02)
1 1	162.248.18.37 162.248.18.37	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
123	29

1 128.17.225.164 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: click.dsp.gtcuw.org

click.dsp.gtcuw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 216.59.56.95 (United States)

ASN53334 (TUT-AS, US)
PTR: customer.ipv4.totaluptime.com

www.gtcuw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1400:d::17db:5d2b (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e04e (United States)

ASN13335 (CLOUDFLARENET, US)

fast.fonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:823::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1400:d::17db:5d0b (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:821::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80d::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.81.230 (Glen Cove, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f6.1e100.net

8086470.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.138.162 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-138-162.ewr52.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:806::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 15.197.193.217 (United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.33.138 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.181.211 (Secaucus, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.40.39.223 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net

cdn.bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.159.97.111 (Chicago, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

analytics.clickdimensions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2514:c000:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:817::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81e::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.166.137.69 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-137-69.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.248.18.37 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	gtcuw.org 1 redirects click.dsp.gtcuw.org www.gtcuw.org	2 MB
35	stripe.com js.stripe.com — Cisco Umbrella Rank: 2684 q.stripe.com — Cisco Umbrella Rank: 24056 m.stripe.com — Cisco Umbrella Rank: 2418 r.stripe.com — Cisco Umbrella Rank: 8560	433 KB
10	adsrvr.org 5 redirects js.adsrvr.org — Cisco Umbrella Rank: 2006 insight.adsrvr.org — Cisco Umbrella Rank: 879 match.adsrvr.org — Cisco Umbrella Rank: 456	9 KB
6	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 8086470.fls.doubleclick.net cm.g.doubleclick.net — Cisco Umbrella Rank: 321 stats.g.doubleclick.net — Cisco Umbrella Rank: 179	4 KB
6	typekit.net use.typekit.net — Cisco Umbrella Rank: 1054 p.typekit.net — Cisco Umbrella Rank: 1288	85 KB
5	bttrack.com bttrack.com — Cisco Umbrella Rank: 1190 cdn.bttrack.com — Cisco Umbrella Rank: 10460	5 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 16	1 KB
3	google.ca www.google.ca — Cisco Umbrella Rank: 7920	675 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 619	12 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 103	20 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	132 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	228 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 411	1 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 3020	16 KB
2	clickdimensions.com analytics.clickdimensions.com — Cisco Umbrella Rank: 78498	29 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	203 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 843	2 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 318	2 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 405	815 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 98	63 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 488	11 KB
1	pubmatic.com 1 redirects simage2.pubmatic.com — Cisco Umbrella Rank: 882	484 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 452	915 B
1	fonts.net fast.fonts.net — Cisco Umbrella Rank: 4450	543 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127	869 B
123	25

	Domain	Requested by
35	www.gtcuw.org	www.gtcuw.org
14	r.stripe.com	js.stripe.com
14	js.stripe.com	www.gtcuw.org js.stripe.com
6	q.stripe.com	www.gtcuw.org
6	match.adsrvr.org	4 redirects js.adsrvr.org
5	use.typekit.net	www.gtcuw.org use.typekit.net
4	bttrack.com	8086470.fls.doubleclick.net cdn.bttrack.com bttrack.com
3	www.google.ca	www.gtcuw.org
3	www.google.com	www.gtcuw.org
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.gtcuw.org
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	connect.facebook.net	www.gtcuw.org connect.facebook.net
3	www.googletagmanager.com	www.gtcuw.org www.googletagmanager.com
2	x.bidswitch.net	2 redirects
2	m.stripe.network	js.stripe.com m.stripe.network
2	analytics.clickdimensions.com	www.googletagmanager.com analytics.clickdimensions.com
2	www.facebook.com	www.gtcuw.org
2	dsum-sec.casalemedia.com	1 redirects www.gtcuw.org
2	ib.adnxs.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	insight.adsrvr.org	1 redirects js.adsrvr.org
2	www.youtube.com	www.googletagmanager.com www.youtube.com
2	js.adsrvr.org	www.googletagmanager.com insight.adsrvr.org
2	8086470.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	cdn.jsdelivr.net	www.gtcuw.org
1	simage2.pubmatic.com	1 redirects
1	m.stripe.com	m.stripe.network
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	8086470.fls.doubleclick.net
1	cdn.bttrack.com	8086470.fls.doubleclick.net
1	cm.g.doubleclick.net	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	p.typekit.net	use.typekit.net
1	fast.fonts.net	www.gtcuw.org
1	fonts.googleapis.com	www.gtcuw.org
1	click.dsp.gtcuw.org	1 redirects
123	37

This site contains links to these domains. Also see Links.

Domain
www.211unitedway.org
twitter.com
www.youtube.com
www.instagram.com
www.facebook.com
www.linkedin.com
junction.gtcuw.org
unitedwaytwincities.volunteermatch.org
smartgivers.org
www.guidestar.org

Subject Issuer	Validity	Valid
*.gtcuw.org Go Daddy Secure Certificate Authority - G2	`2022-02-25` - `2023-02-09`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-12-15` - `2024-01-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-05` - `2023-06-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-09` - `2023-01-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-12` - `2023-03-09`	4 months	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-21` - `2023-04-20`	a year	crt.sh
*.clickdimensions.com Go Daddy Secure Certificate Authority - G2	`2021-12-12` - `2023-01-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-15` - `2023-01-26`	4 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.gtcuw.org/donate/
Frame ID: 94A5096F4F58785D9CF249DC7EBF20A2
Requests: 76 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-da551b803dc55c2dc0b4b9bdfeabba62.html
Frame ID: EBCD1988C9A22EB1E683FF1014658F2E
Requests: 4 HTTP requests in this frame

Frame: https://8086470.fls.doubleclick.net/activityi;dc_pre=CJrxo9yCovwCFScCaAgdQk4I7A;src=8086470;type=activity;cat=uwdomain;ord=7567368629840;gtm=2wgbu0;auiddc=2125748941.1672426636;~oref=https%3A%2F%2Fwww.gtcuw.org%2Fdonate%2F
Frame ID: AD766DD6205FC6539581D2A67AB39065
Requests: 7 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-38d48831d01a3f780c9ca24e2035c266.html
Frame ID: B8F1ACF4CF30A00C2C5A91AA291D0C88
Requests: 19 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-84b04129cea7abd2bdb3f462e289166d.html
Frame ID: 6A4AF91C5BEED5989BE048506051B7FA
Requests: 9 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: E00D500F6603078830BC24CB758DAE2C
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E653DA1F4A2B4B5AC087C5DB848FCAF6
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=b41zznk&ref=https%3A%2F%2Fwww.gtcuw.org%2Fdonate%2F&upid=yv8rrpe&upv=1.1.0
Frame ID: 130A6B1F69A6234C7568C7DDD1ACDC51
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Frame ID: 949DC761A5BB6ED8EE14D7A8CC6BB304
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Frame ID: 7C3B17B9F32DB38C6D2B4016F4D7AB32
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate - GTCUW

Page URL History Show full URLs

https://click.dsp.gtcuw.org/?qs=0880eb8fdccb8f6c11fbbcdcf2d11f0e363ebcfad19fcaea6585d39d5762a4daac049bf2... HTTP 302
https://www.gtcuw.org/donate/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Revslider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[\'"][^']+revslider[/\w-]+\.css\?ver=([0-9.]+)[\'"]
/revslider/[/\w-]+/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

123
Requests

98 %
HTTPS

49 %
IPv6

25
Domains

37
Subdomains

29
IPs

2
Countries

3537 kB
Transfer

6085 kB
Size

36
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.211unitedway.org/
Title: 211 Helpline

Search URL Search Domain Scan URL

URL: https://twitter.com/unitedwaytc
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TwinCitiesUnitedWay
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/unitedwaytc
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/unitedwaytwincities
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/23373?trk=null
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://junction.gtcuw.org/Nonprofit/FundingOpportunities/Pages/default.aspx
Title: Nonprofit Portal

Search URL Search Domain Scan URL

URL: https://unitedwaytwincities.volunteermatch.org/
Title: Volunteer Portal

Search URL Search Domain Scan URL

URL: https://smartgivers.org/
Title: <img width="1000" height="760" src="https://www.gtcuw.org/wp-content/uploads/2017/06/charities-review-council-logo.png" class="wpex-align-middle" alt="Charities Review Council - Where donors and nonprofits meet" decoding="async" loading="lazy" srcset="https://www.gtcuw.org/wp-content/uploads/2017/06/charities-review-council-logo.png 1000w, https://www.gtcuw.org/wp-content/uploads/2017/06/charities-review-council-logo-300x228.png 300w, https://www.gtcuw.org/wp-content/uploads/2017/06/charities-review-council-logo-768x584.png 768w" sizes="(max-width: 1000px) 100vw, 1000px" />

Search URL Search Domain Scan URL

URL: https://www.guidestar.org/
Title: <img width="586" height="195" src="https://www.gtcuw.org/wp-content/uploads/2017/06/GuideStar_by_Candid_logo_white.png" class="wpex-align-middle" alt="Guidestar -- by candid" decoding="async" loading="lazy" srcset="https://www.gtcuw.org/wp-content/uploads/2017/06/GuideStar_by_Candid_logo_white.png 586w, https://www.gtcuw.org/wp-content/uploads/2017/06/GuideStar_by_Candid_logo_white-300x100.png 300w" sizes="(max-width: 586px) 100vw, 586px" />

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.dsp.gtcuw.org/?qs=0880eb8fdccb8f6c11fbbcdcf2d11f0e363ebcfad19fcaea6585d39d5762a4daac049bf2e730195e23c7ad100b488ca3d3adc8e472fc0378 HTTP 302
https://www.gtcuw.org/donate/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://8086470.fls.doubleclick.net/activityi;src=8086470;type=activity;cat=uwdomain;ord=7567368629840;gtm=2wgbu0;auiddc=2125748941.1672426636;~oref=https%3A%2F%2Fwww.gtcuw.org%2Fdonate%2F HTTP 302
https://8086470.fls.doubleclick.net/activityi;dc_pre=CJrxo9yCovwCFScCaAgdQk4I7A;src=8086470;type=activity;cat=uwdomain;ord=7567368629840;gtm=2wgbu0;auiddc=2125748941.1672426636;~oref=https%3A%2F%2Fwww.gtcuw.org%2Fdonate%2F

Request Chain 59

https://insight.adsrvr.org/track/pxl/?adv=b41zznk&ct=0:z7msdj3&fmt=3 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=55f25597-513a-4eab-b708-ed54335be946&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=55f25597-513a-4eab-b708-ed54335be946&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-U3Vkf_VE2uJJ9sKV74qvgIEgMxES93I-~A&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=55f25597-513a-4eab-b708-ed54335be946 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D55f25597-513a-4eab-b708-ed54335be946 HTTP 302
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=3793850492928119709&ttd_tdid=55f25597-513a-4eab-b708-ed54335be946 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=55f25597-513a-4eab-b708-ed54335be946&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NTVmMjU1OTctNTEzYS00ZWFiLWI3MDgtZWQ1NDMzNWJlOTQ2&gdpr=0&gdpr_consent=&ttd_tdid=55f25597-513a-4eab-b708-ed54335be946 HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=55f25597-513a-4eab-b708-ed54335be946&google_gid=CAESEB7_X4HtCdFCmGf_7lXr0l8&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=55f25597-513a-4eab-b708-ed54335be946&expiration=1675018636&gdpr=0&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=55f25597-513a-4eab-b708-ed54335be946&expiration=1675018636&gdpr=0&gdpr_consent=&C=1

Request Chain 121

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=55f25597-513a-4eab-b708-ed54335be946&r=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dpubmatic HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic

Request Chain 122

https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=55f25597-513a-4eab-b708-ed54335be946&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=93&user_group=1&user_id=55f25597-513a-4eab-b708-ed54335be946&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch

123 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.gtcuw.org/donate/
Redirect Chain

https://click.dsp.gtcuw.org/?qs=0880eb8fdccb8f6c11fbbcdcf2d11f0e363ebcfad19fcaea6585d39d5762a4daac049bf2e730195e23c7ad100b488ca3d3adc8e472fc0378
https://www.gtcuw.org/donate/

124 KB
125 KB

3995ms
3884ms

Document
text/html

216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gtcuw.org/donate/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.59.56.95 , United States, ASN53334 (TUT-AS, US),

Reverse DNS

customer.ipv4.totaluptime.com

Software

Microsoft-IIS/10.0 /

Resource Hash

1a13536c61e765d231a627e55f6919ed28e74ce8ef45e6e30872b86c4c8245bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 126623
content-type: text/html; charset=UTF-8
date: Fri, 30 Dec 2022 18:57:12 GMT
expect-ct: max-age=5184000, enforce
link: <https://www.gtcuw.org/wp-json/>; rel="https://api.w.org/" <https://www.gtcuw.org/wp-json/wp/v2/pages/112>; rel="alternate"; type="application/json" <https://www.gtcuw.org/?p=112>; rel=shortlink
permissions-policy
referrer-policy: no-referrer-when-downgrade
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: sameorigin
x-tec-api-origin: https://www.gtcuw.org
x-tec-api-root: https://www.gtcuw.org/wp-json/tribe/events/v1/
x-tec-api-version: v1
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 146
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Dec 2022 18:57:07 GMT
Location: https://www.gtcuw.org/donate/

GET
H2 200 ticons.woff2
www.gtcuw.org/wp-content/themes/Total/assets/lib/ticons/fonts/ 81 KB
81 KB 243ms
239ms Font
application/font-woff2 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-content/themes/Total/assets/lib/ticons/fonts/ticons.woff2
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: f927310173e268d83f993281e2a6a672dbd90a6909d4eb33fccb72174f647521

Request headers

Referer: https://www.gtcuw.org/donate/
Origin: https://www.gtcuw.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:12 GMT
last-modified: Thu, 22 Dec 2022 14:32:25 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "196fa351216d91:0"
content-length: 82684
content-type: application/font-woff2

GET
H2 200 formidableforms.css
www.gtcuw.org/wp-content/plugins/formidable/css/ 128 KB
129 KB 310ms
306ms Stylesheet
text/css 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-content/plugins/formidable/css/formidableforms.css?ver=12221429
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: cff7b26871c06044d37b299a44ad5210afd686e265b062df7d517e150ee90aa5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:12 GMT
last-modified: Thu, 22 Dec 2022 14:29:42 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "d1a58fd41116d91:0"
content-length: 130763
content-type: text/css

GET
H2 200 js_composer.min.css
www.gtcuw.org/wp-content/plugins/js_composer/assets/css/ 474 KB
477 KB 317ms
314ms Stylesheet
text/css 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 779ae1e963b5e8a5263625a174e34dfcd073775f2893211fc7e304fb70f0e3a7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:12 GMT
last-modified: Thu, 26 May 2022 13:18:17 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "26c4b10371d81:0"
content-length: 485521
content-type: text/css

GET
H2 200 classic-themes.min.css
www.gtcuw.org/wp-includes/css/ 217 B
287 B 369ms
366ms Stylesheet
text/css 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:12 GMT
last-modified: Wed, 16 Nov 2022 20:26:10 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "dbbc6aaaf9f9d81:0"
content-length: 217
content-type: text/css

GET
H2 200 style.css
www.gtcuw.org/wp-content/themes/Total/ 241 KB
242 KB 384ms
381ms Stylesheet
text/css 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-content/themes/Total/style.css?ver=5.6.0
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: a3a3d27dc4630a4da6398db0d44e030adba770de40e303dc64d8e2da6c9ce4e1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:12 GMT
last-modified: Thu, 22 Dec 2022 14:32:28 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "cba7b7371216d91:0"
content-length: 246607
content-type: text/css

GET
H2 200 wpex-the-events-calendar.css
www.gtcuw.org/wp-content/themes/Total/assets/css/ 2 KB
2 KB 372ms
369ms Stylesheet
text/css 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-content/themes/Total/assets/css/wpex-the-events-calendar.css?ver=6.1.1
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 91d186dd865d68b4283611b16c0872ab949ca5e1f6980a68e1f4295e39ec689b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:12 GMT
last-modified: Thu, 22 Dec 2022 14:32:25 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "84c0cb351216d91:0"
content-length: 2095
content-type: text/css

GET
H2 200 style.css
www.gtcuw.org/wp-content/themes/sprung-total/ 69 KB
70 KB 373ms
371ms Stylesheet
text/css 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-content/themes/sprung-total/style.css?ver=5.6.0
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: e70b0c7212b702a1d6872b4d39da795255d50c4cad9f8803ba3d03ae7af5ac78

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:12 GMT
last-modified: Mon, 13 Sep 2021 16:08:31 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "80a96698b9a8d71:0"
content-length: 71067
content-type: text/css

GET
H2 200 wpex-mobile-menu-breakpoint-min.css
www.gtcuw.org/wp-content/themes/Total/assets/css/ 642 B
690 B 382ms
379ms Stylesheet
text/css 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-content/themes/Total/assets/css/wpex-mobile-menu-breakpoint-min.css?ver=5.6.0
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 9a7af3386b3cb936308706d693fa46e6c9dd3606cdd69118ae59fbd44da2fbcf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:12 GMT
last-modified: Thu, 22 Dec 2022 14:32:25 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "d312ca351216d91:0"
content-length: 642
content-type: text/css

GET
H2 200 wpex-wpbakery.css
www.gtcuw.org/wp-content/themes/Total/assets/css/ 21 KB
21 KB 385ms
382ms Stylesheet
text/css 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-content/themes/Total/assets/css/wpex-wpbakery.css?ver=5.6.0
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 0867357d45a0d360e59230ae4a8c9c6f30dfff485b91bd69ae7f2c98ea6f41ec

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:12 GMT
last-modified: Thu, 22 Dec 2022 14:32:25 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "c713ce351216d91:0"
content-length: 21675
content-type: text/css

GET
H2 200 ticons.min.css
www.gtcuw.org/wp-content/themes/Total/assets/lib/ticons/css/ 31 KB
31 KB 385ms
383ms Stylesheet
text/css 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-content/themes/Total/assets/lib/ticons/css/ticons.min.css?ver=5.6.0
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 78ce091142b305af741bf60aa179ac1c37d8dbe13b71f2f904e8f9e8e4b0b36b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:12 GMT
last-modified: Thu, 22 Dec 2022 14:32:25 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "737ff8351216d91:0"
content-length: 31874
content-type: text/css

GET
H2 200 vcex-shortcodes.css
www.gtcuw.org/wp-content/themes/Total/assets/css/ 21 KB
21 KB 386ms
384ms Stylesheet
text/css 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-content/themes/Total/assets/css/vcex-shortcodes.css?ver=5.6.0
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 64378a97b42778b065b6b3c4d4e0df00f46dbeba76b1ae0f7e3bff51be73aa6d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:12 GMT
last-modified: Thu, 22 Dec 2022 14:32:25 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "6069c6351216d91:0"
content-length: 21219
content-type: text/css

GET
H2 200 ytprefs.min.css
www.gtcuw.org/wp-content/plugins/youtube-embed-plus-pro/styles/ 12 KB
12 KB 397ms
395ms Stylesheet
text/css 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-content/plugins/youtube-embed-plus-pro/styles/ytprefs.min.css?ver=14.1.4.1
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 2429a23b1f06c32f477464a84285fc73bd92f861ed539412381243cf327f167c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:12 GMT
last-modified: Wed, 16 Nov 2022 20:27:29 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "30357d9f9f9d81:0"
content-length: 11912
content-type: text/css

GET
H2 200 lity.min.css
www.gtcuw.org/wp-content/plugins/youtube-embed-plus-pro/scripts/ 3 KB
3 KB 423ms
421ms Stylesheet
text/css 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-content/plugins/youtube-embed-plus-pro/scripts/lity.min.css?ver=14.1.4.1
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 1d88db407cf3c60be4d258f7cd3c0b6a464df0ce77153fed90afbe103fee6d96

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:12 GMT
last-modified: Wed, 16 Nov 2022 20:27:28 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "dd40f8d8f9f9d81:0"
content-length: 3122
content-type: text/css

GET
H2 200 wpex-mobile-menu-breakpoint-max.css
www.gtcuw.org/wp-content/themes/Total/assets/css/ 3 KB
3 KB 175ms
174ms Stylesheet
text/css 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-content/themes/Total/assets/css/wpex-mobile-menu-breakpoint-max.css?ver=5.6.0
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: b7c779bbb3234d4d1b4e200856bb10c4bc86e730e3699fc56ea100c5fdb6efae

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:14 GMT
last-modified: Thu, 22 Dec 2022 14:32:25 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "bb9dc9351216d91:0"
content-length: 3012
content-type: text/css

GET
H2 200 jquery.min.js Show response
www.gtcuw.org/wp-includes/js/jquery/ 88 KB
88 KB 386ms
382ms Script
application/javascript 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:12 GMT
last-modified: Wed, 16 Nov 2022 20:26:11 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "ea2a7aaf9f9d81:0"
content-length: 89684
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
www.gtcuw.org/wp-includes/js/jquery/ 11 KB
11 KB 383ms
379ms Script
application/javascript 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:12 GMT
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "05317c8abdd61:0"
content-length: 11224
content-type: application/javascript

GET
H2 200 rbtools.min.js Show response
www.gtcuw.org/wp-content/plugins/revslider/public/assets/js/ 161 KB
163 KB 179ms
178ms Script
application/javascript 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.7
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: c4596b16b126326b0d8fc2fb8bf91389ad3dc4671a269187913c19a8f2ad1094

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:14 GMT
last-modified: Thu, 22 Dec 2022 14:34:03 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "3aea9701216d91:0"
content-length: 165339
content-type: application/javascript

GET
H2 200 rs6.min.js Show response
www.gtcuw.org/wp-content/plugins/revslider/public/assets/js/ 399 KB
401 KB 173ms
172ms Script
application/javascript 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.7
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 208d013c583899ce6bb2fe281662492caa32a1edd39924f7e5760233c22c7f69

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:14 GMT
last-modified: Thu, 22 Dec 2022 14:34:03 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "595ca9701216d91:0"
content-length: 408344
content-type: application/javascript

GET
H2 200 lity.min.js Show response
www.gtcuw.org/wp-content/plugins/youtube-embed-plus-pro/scripts/ 5 KB
5 KB 384ms
381ms Script
application/javascript 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-content/plugins/youtube-embed-plus-pro/scripts/lity.min.js?ver=14.1.4.1
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: afb85cc0ede42e76244969d3d277ec8a7c2cc1a8117f980e45075488cf15e4e2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:12 GMT
last-modified: Wed, 16 Nov 2022 20:27:28 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "c8ff8d8f9f9d81:0"
content-length: 5104
content-type: application/javascript

GET
H2 200 ytprefs.min.js Show response
www.gtcuw.org/wp-content/plugins/youtube-embed-plus-pro/scripts/ 17 KB
18 KB 394ms
391ms Script
application/javascript 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-content/plugins/youtube-embed-plus-pro/scripts/ytprefs.min.js?ver=14.1.4.1
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: deb26f8d2e299d4db5f86175ff9e29c9ba9f6d1b6f010adda0bbf7b3ba9ac522

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:12 GMT
last-modified: Wed, 16 Nov 2022 20:27:28 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "260fbd8f9f9d81:0"
content-length: 17806
content-type: application/javascript

GET
H2 200 kdw2rpf.css
use.typekit.net/ 3 KB
984 B 89ms
26ms Stylesheet
text/css 2600:1400:d::17db:5d2b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/kdw2rpf.css

Requested by

Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d::17db:5d2b New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

2fae942f4865459d9888b1d113b40151e801a17e90ac060c823e7d3ff75b694a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Fri, 30 Dec 2022 18:57:12 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 752

GET
H2 200 icon
fonts.googleapis.com/ 569 B
869 B 84ms
35ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons&ver=5.6

Requested by

Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Dec 2022 18:57:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 30 Dec 2022 18:57:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Dec 2022 18:57:12 GMT

GET material-icons.css
www.gtcuw.org/wp-content/plugins/revslider/admin/assets/icons/ 0
0

GET
H2 200 slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 2 KB
1 KB 37ms
10ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css

Requested by

Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 30 Dec 2022 18:57:12 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 6093232
x-jsd-version: 1.8.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 569
x-served-by: cache-fra-eddf8230125-FRA, cache-yul12826-YUL
x-jsd-version-type: version
etag: W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 42 KB
10 KB 39ms
12ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

Requested by

Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 30 Dec 2022 18:57:12 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 5669696
x-jsd-version: 1.8.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10429
x-served-by: cache-fra-eddf8230098-FRA, cache-yul12826-YUL
x-jsd-version-type: version
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 GTCUW-logo-left-1.png
www.gtcuw.org/wp-content/uploads/2021/08/ 13 KB
14 KB 404ms
402ms Image
image/png 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gtcuw.org/wp-content/uploads/2021/08/GTCUW-logo-left-1.png
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 16f61d990c98e604bc1840177e5d903a452b92e3f4cadf7008d3c11f748aab3d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:12 GMT
last-modified: Thu, 26 Aug 2021 13:31:31 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "803b35ae7e9ad71:0"
content-length: 13740
content-type: image/png

GET
H2 200 rs6.css
www.gtcuw.org/wp-content/plugins/revslider/public/assets/css/ 57 KB
57 KB 178ms
178ms Stylesheet
text/css 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.7
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 95f59f9a4a19697496edc01bb55011ea4056f90625cc816a7f18256f056a6258

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:13 GMT
last-modified: Thu, 22 Dec 2022 14:34:03 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "5c279d701216d91:0"
content-length: 58260
content-type: text/css

GET
H2 200 main.js Show response
www.gtcuw.org/wp-content/themes/sprung-total/js/ 1 KB
2 KB 184ms
184ms Script
application/javascript 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-content/themes/sprung-total/js/main.js?ver=6.1.1
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d6ba97daf70593ef054ae4ba4749bf7c53829921f6c7e83038e3b6ee0a53e953

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:13 GMT
last-modified: Wed, 21 Jul 2021 16:15:00 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "0daf48d4b7ed71:0"
content-length: 1486
content-type: application/javascript

GET
H2 200 hoverIntent.min.js Show response
www.gtcuw.org/wp-includes/js/ 1 KB
2 KB 183ms
182ms Script
application/javascript 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:13 GMT
last-modified: Thu, 09 Jun 2022 13:15:01 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "9bb5c4ec27cd81:0"
content-length: 1499
content-type: application/javascript

GET
H2 200 wpex-superfish.min.js Show response
www.gtcuw.org/wp-content/themes/Total/assets/js/dynamic/ 3 KB
3 KB 178ms
177ms Script
application/javascript 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-content/themes/Total/assets/js/dynamic/wpex-superfish.min.js?ver=5.6.0
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 8364303080162bd81dd4f80f5a35f397b6a831d462e287e2058dfe48fd83cea3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:13 GMT
last-modified: Thu, 22 Dec 2022 14:32:25 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "b3e6ec351216d91:0"
content-length: 2770
content-type: application/javascript

GET
H2 200 total.min.js Show response
www.gtcuw.org/wp-content/themes/Total/assets/js/ 57 KB
58 KB 178ms
178ms Script
application/javascript 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-content/themes/Total/assets/js/total.min.js?ver=5.6.0
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 033a0ebc898c7c4a9c6e1ed3f80ba531112eb927cbad9857505aa0420da8716d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:13 GMT
last-modified: Thu, 22 Dec 2022 14:32:25 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "6f8ed351216d91:0"
content-length: 58814
content-type: application/javascript

GET
H2 200 smush-lazy-load.min.js Show response
www.gtcuw.org/wp-content/plugins/wp-smushit/app/assets/js/ 8 KB
8 KB 178ms
178ms Script
application/javascript 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.12.4
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:13 GMT
last-modified: Wed, 30 Nov 2022 14:23:49 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "e0725b5dc74d91:0"
content-length: 7922
content-type: application/javascript

GET
H2 200 fitvids.min.js Show response
www.gtcuw.org/wp-content/plugins/youtube-embed-plus-pro/scripts/ 3 KB
3 KB 178ms
177ms Script
application/javascript 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-content/plugins/youtube-embed-plus-pro/scripts/fitvids.min.js?ver=14.1.4.1
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d8be3a402a3b2ad808402cea111ba3d286239d88e06c8e2969c84f46050dc88a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:14 GMT
last-modified: Wed, 16 Nov 2022 20:27:28 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "3193f6d8f9f9d81:0"
content-length: 3103
content-type: application/javascript

GET
H2 200 / Show response
js.stripe.com/v3/ 409 KB
99 KB 55ms
10ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/?ver=3.0

Requested by

Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0a4bc5b9e39156f467df7ab86787cb30f72d4a001da60d8eaa6f3c01f926f019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 30 Dec 2022 18:57:14 GMT
via: 1.1 varnish
age: 53
x-cache: HIT
content-length: 100533
x-request-id: a97eb294-cb92-4d44-94c4-c6299f61c4e7
x-served-by: cache-yul12832-YUL
last-modified: Fri, 23 Dec 2022 21:23:41 GMT
server: Fastly
etag: "9e5ef9a80f3ac462068b600d5f5c5cd5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 380

GET
H2 200 frm.min.js Show response
www.gtcuw.org/wp-content/plugins/formidable-pro/js/ 303 KB
305 KB 186ms
185ms Script
application/javascript 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-content/plugins/formidable-pro/js/frm.min.js?ver=5.5.5
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: c37e0c04d459f8b20a98ff6f90ff6c029256299558bc77eb5069e0ae0dcf62d6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:14 GMT
last-modified: Thu, 22 Dec 2022 14:29:42 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "f5e08ad41116d91:0"
content-length: 309784
content-type: application/javascript

GET
H2 200 frmstrp.min.js Show response
www.gtcuw.org/wp-content/plugins/formidable-stripe/js/ 23 KB
23 KB 179ms
178ms Script
application/javascript 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-content/plugins/formidable-stripe/js/frmstrp.min.js?ver=3.0
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: c9087c9f98d27ca29e42a34434c172e9af77aab2195df77b00d1c5e963adb0b3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:14 GMT
last-modified: Thu, 22 Dec 2022 14:29:25 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "5ba3a3ca1116d91:0"
content-length: 23615
content-type: application/javascript

GET
H2 200 1.css
fast.fonts.net/lt/ 0
543 B 91ms
61ms Stylesheet
text/css 2606:4700::6811:e04e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/lt/1.css?apiType=css&c=2ec43865-65a1-46e0-a909-b9f59324fdf8&fontids=5664085,5664093
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/wp-content/themes/sprung-total/style.css?ver=5.6.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/wp-content/themes/sprung-total/style.css?ver=5.6.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:13 GMT
x-amz-version-id: null
cf-cache-status: HIT
last-modified: Tue, 23 Mar 2021 12:59:56 GMT
server: cloudflare
x-amz-request-id: NCVYEZ13ER3PZNY4
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=0, s-maxage=604800
accept-ranges: bytes
cf-ray: 781cfff83ccd7157-YUL
content-length: 0
x-amz-id-2: qq7/We8/3/qsq8+BW4dILxAVzmFlmfrB/MYgA9wjw47q2nCnqgbF83LlpRJOHsGD3m6/P9/Q0UM=
x-amz-meta-mtime: 1361983047

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 359 KB
99 KB 95ms
47ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-59T4W89

Requested by

Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

55083fe9dd829b671e79bd715c88cde64b84684e8d5355562fa1ef8ef65c9088

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101209
x-xss-protection: 0
last-modified: Fri, 30 Dec 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 30 Dec 2022 18:57:15 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 63ms
20ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 30 Dec 2022 18:57:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ar62YpK4r1X2Hno8pZTgIHyXNmrcHwDkvjwWs4w11NK6Hp8j6lHI/a6YAQRDhdNoXZx3Gg90LGb5FO/hTccVnA==
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 81ms
19ms Stylesheet
text/css 2600:1400:d::17db:5d0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=kdw2rpf&ht=tk&f=31171.31172.31173.45681&a=196657&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/kdw2rpf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d::17db:5d0b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://use.typekit.net/kdw2rpf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:13 GMT
last-modified: Thu, 28 Jul 2022 21:30:08 GMT
server: nginx
etag: "62e2ffe0-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 211.svg
www.gtcuw.org/wp-content/themes/sprung-total/img/ 33 KB
24 KB 172ms
171ms Image
image/svg+xml 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gtcuw.org/wp-content/themes/sprung-total/img/211.svg
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/wp-content/themes/sprung-total/style.css?ver=5.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 587f9e509e7376126988065d02422449089e5e5415a8c0a5482cac3953dc3c0a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/wp-content/themes/sprung-total/style.css?ver=5.6.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:14 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 14:42:34 GMT
server: Microsoft-IIS/10.0
etag: "069d9473f94d71:0"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
content-length: 24813

GET
H2 200 f9c5199e-a996-4c08-9042-1eb845bb7495.woff2
www.gtcuw.org/wp-content/themes/sprung-total/fonts/5664085/ 28 KB
28 KB 183ms
182ms Font
application/font-woff2 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-content/themes/sprung-total/fonts/5664085/f9c5199e-a996-4c08-9042-1eb845bb7495.woff2
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/wp-content/themes/sprung-total/style.css?ver=5.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 272c08ccba5f883006400f7d490a1393f8114e239b97043e0d2d018a257ca368

Request headers

Referer: https://www.gtcuw.org/wp-content/themes/sprung-total/style.css?ver=5.6.0
Origin: https://www.gtcuw.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:14 GMT
last-modified: Wed, 17 Feb 2021 22:52:34 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "0e56e947f5d71:0"
content-length: 28636
content-type: application/font-woff2

GET
H2 200 l
use.typekit.net/af/b07a72/00000000000000003b9ae813/27/ 15 KB
15 KB 80ms
23ms Font
application/font-woff2 2600:1400:d::17db:5d2b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/b07a72/00000000000000003b9ae813/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/kdw2rpf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d::17db:5d2b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8d2a52f42ca1a04b030d1f0cb97657c693e5bb29b2de6628281c28765ea1c2a9

Request headers

Referer: https://use.typekit.net/kdw2rpf.css
Origin: https://www.gtcuw.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:15 GMT
server: nginx
etag: "152b0170e456b7d98a74df4639ad8897b7d2bdb8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14992

GET
H2 200 l
use.typekit.net/af/808773/00000000000000007735c4d4/30/ 39 KB
40 KB 29ms
28ms Font
application/font-woff2 2600:1400:d::17db:5d2b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/808773/00000000000000007735c4d4/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/kdw2rpf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d::17db:5d2b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0d67b31d075d589fd9334cb5d6dc697819e2e44404906c82e9f06c4f9896c132

Request headers

Referer: https://use.typekit.net/kdw2rpf.css
Origin: https://www.gtcuw.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:15 GMT
server: nginx
etag: "fca926dc7b1024a87de990ec7872de518052e56d"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 40392

GET
H2 200 l
use.typekit.net/af/d70b18/00000000000000003b9ae812/27/ 14 KB
14 KB 25ms
25ms Font
application/font-woff2 2600:1400:d::17db:5d2b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d70b18/00000000000000003b9ae812/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/kdw2rpf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d::17db:5d2b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6e797142281ac8bdd264cd6810043c5880eccf8797b420d437e9310453d1e2c9

Request headers

Referer: https://use.typekit.net/kdw2rpf.css
Origin: https://www.gtcuw.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:15 GMT
server: nginx
etag: "21fa8a89b99fb519477ba0e99aa477288f10d37f"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14528

GET
H2 200 l
use.typekit.net/af/0d5649/00000000000000003b9ae814/27/ 15 KB
15 KB 42ms
42ms Font
application/font-woff2 2600:1400:d::17db:5d2b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/0d5649/00000000000000003b9ae814/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/kdw2rpf.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d::17db:5d2b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 886bb1876ed6c6b23065cb9ce55d8fd793e94593318627a43e2dd1362d40d999

Request headers

Referer: https://use.typekit.net/kdw2rpf.css
Origin: https://www.gtcuw.org
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:15 GMT
server: nginx
etag: "96cbb26fe3dc74454479933ed2a67c2dd4122b0a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14988

GET
H2 200 Group-35.svg
www.gtcuw.org/wp-content/uploads/2017/06/ 608 B
702 B 193ms
192ms Image
image/svg+xml 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gtcuw.org/wp-content/uploads/2017/06/Group-35.svg
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 8df23a6c6f7734234349acd5a834b2a3ab331abe4b1260f7f6c0a056c27f46c2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:15 GMT
last-modified: Wed, 23 Jun 2021 14:18:47 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "807d28ae3a68d71:0"
content-length: 608
content-type: image/svg+xml

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 20ms
19ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.90

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 30 Dec 2022 18:57:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: z/kZlQZsAzAL6g+gqb4MV5qCARgWSS+tyZg1SM6oeojcYGhyRIrT+Sxm8Kfwez0sr54QsSMC3L4yahJntERsEA==
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1440302406058373 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 63ms
63ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1440302406058373?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e2302100a2c509677cd49f40d27e789a29fdf63d94b8cf38b478bda44ad4c908

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 30 Dec 2022 18:57:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 2X6FaHwQuTpbBMMptep5M2xBCEA2HzQu1e4zU+pO4wElh0LB+bsdnLeFSBS3FdYxArLX4JhR/MdnBp+E59vqvQ==
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 m-outer-da551b803dc55c2dc0b4b9bdfeabba62.html Show response
js.stripe.com/v3/ Frame EBCD 200 B
807 B 11ms
11ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-da551b803dc55c2dc0b4b9bdfeabba62.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

31fe1bafd74b7bc8bb88aca7960401d95b1a6de990b9cbadc562c173b8c560e7

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gtcuw.org/donate/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 597659
cache-control: max-age=31536000
content-encoding: br
content-length: 121
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 30 Dec 2022 18:57:15 GMT
etag: "da551b803dc55c2dc0b4b9bdfeabba62"
last-modified: Fri, 23 Dec 2022 20:55:09 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 358156
x-content-type-options: nosniff
x-request-id: 4e8000ea-b3fe-4ebe-ac02-a954db5f937f
x-served-by: cache-yul12832-YUL

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 116ms
19ms Script
text/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-59T4W89

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 30 Dec 2022 18:44:06 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 789
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 30 Dec 2022 20:44:06 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/846322137/ 2 KB
1 KB 132ms
47ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/846322137/?random=1672426635584&cv=11&fst=1672426635584&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.gtcuw.org%2Fdonate%2F&tiba=Donate%20-%20GTCUW&auid=2125748941.1672426636&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-59T4W89

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62181f530b234eaa00857b27af4dbdf885747092160996086b0069195c6043b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 18:57:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 857
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 107ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-59T4W89

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 30 Dec 2022 18:57:15 GMT
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2A82766950344A4A9398B9F6342934D1 Ref B: YTO01EDGE0522 Ref C: 2022-12-30T18:57:15Z
etag: "027e538cd8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11460

GET
H3

200

activityi;dc_pre=CJrxo9yCovwCFScCaAgdQk4I7A;src=8086470;type=activity;cat=uwdomain;ord=7567368629840;gtm=2wgbu0;auiddc=2125748941.1672426636;~oref=https%3A%2F%2Fwww.gtcuw.org%2Fdonate%2F Show response
8086470.fls.doubleclick.net/ Frame AD76
Redirect Chain

https://8086470.fls.doubleclick.net/activityi;src=8086470;type=activity;cat=uwdomain;ord=7567368629840;gtm=2wgbu0;auiddc=2125748941.1672426636;~oref=https%3A%2F%2Fwww.gtcuw.org%2Fdonate%2F?
https://8086470.fls.doubleclick.net/activityi;dc_pre=CJrxo9yCovwCFScCaAgdQk4I7A;src=8086470;type=activity;cat=uwdomain;ord=7567368629840;gtm=2wgbu0;auiddc=2125748941.1672426636;~oref=https%3A%2F%2F...

566 B
321 B

87ms
41ms

Document
text/html

142.250.81.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8086470.fls.doubleclick.net/activityi;dc_pre=CJrxo9yCovwCFScCaAgdQk4I7A;src=8086470;type=activity;cat=uwdomain;ord=7567368629840;gtm=2wgbu0;auiddc=2125748941.1672426636;~oref=https%3A%2F%2Fwww.gtcuw.org%2Fdonate%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-59T4W89

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.230 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f6.1e100.net

Software

cafe /

Resource Hash

84852c105591bcc4d613971e492eb810e157e04d263e470d5289e7a1e950260c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gtcuw.org/donate/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 296
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Dec 2022 18:57:15 GMT
expires: Fri, 30 Dec 2022 18:57:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Dec 2022 18:57:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8086470.fls.doubleclick.net/activityi;dc_pre=CJrxo9yCovwCFScCaAgdQk4I7A;src=8086470;type=activity;cat=uwdomain;ord=7567368629840;gtm=2wgbu0;auiddc=2125748941.1672426636;~oref=https%3A%2F%2Fwww.gtcuw.org%2Fdonate%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 59ms
17ms Script
application/x-javascript 143.204.138.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-59T4W89
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.138.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-138-162.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 30 Dec 2022 11:08:02 GMT
Content-Encoding: gzip
Via: 1.1 f90455bc1ae6b17d472e4be0fa0d191e.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C2
Age: 28154
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: rqFNRZ2G-os1sCUZSSW96xX5TEFTRvo-_z--wayJPlDciXqVmxS7UA==

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 108ms
56ms Script
text/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-59T4W89

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4db351e7b79f5ed215ba61fae34b3eebc733da305e877826b17fc2de3c90cd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 30 Dec 2022 18:57:15 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 135 KB
52 KB 84ms
41ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-846322137

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-59T4W89

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

593a02f1dd433aedbac31e9f0dbd5a2eeb6f0fa03077d0290bddd62ca1446c75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53029
x-xss-protection: 0
last-modified: Fri, 30 Dec 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 30 Dec 2022 18:57:15 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
77 KB 87ms
47ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5H35F2YSK9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-59T4W89

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

993cfcbea6cba1f57cec926311d4c2f105e72982a13ee57801cb5d451aec84b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78937
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Dec 2022 18:57:15 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://insight.adsrvr.org/track/pxl/?adv=b41zznk&ct=0:z7msdj3&fmt=3
https://ups.analytics.yahoo.com/ups/55953/sync?uid=55f25597-513a-4eab-b708-ed54335be946&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55953/sync?uid=55f25597-513a-4eab-b708-ed54335be946&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-U3Vkf_VE2uJJ9sKV74qvgIEgMxES93I-~A&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=55f25597-513a-4eab-b708-ed54335be946
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D55f25597-513a-4eab-b708-ed54335be946
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=3793850492928119709&ttd_tdid=55f25597-513a-4eab-b708-ed54335be946
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=55f25597-513a-4eab-b708-ed54335be946&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=NTVmMjU1OTctNTEzYS00ZWFiLWI3MDgtZWQ1NDMzNWJlOTQ2&gdpr=0&gdpr_consent=&ttd_tdid=55f25597-513a-4eab-b708-ed543...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=55f25597-513a-4eab-b708-ed54335be946&google_gid=CAESEB7_X4HtCdFCmGf_7lXr0l8&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=55f25597-513a-4eab-b708-ed54335be946&expiration=1675018636&gdpr=0&gdpr_consent=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=55f25597-513a-4eab-b708-ed54335be946&expiration=1675018636&gdpr=0&gdpr_consent=&C=1

43 B
766 B

20ms
20ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=55f25597-513a-4eab-b708-ed54335be946&expiration=1675018636&gdpr=0&gdpr_consent=&C=1
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Dec 2022 18:57:16 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 30 Dec 2022 18:57:16 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=39&external_user_id=55f25597-513a-4eab-b708-ed54335be946&expiration=1675018636&gdpr=0&gdpr_consent=&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 200 controller-38d48831d01a3f780c9ca24e2035c266.html Show response
js.stripe.com/v3/ Frame B8F1 325 B
656 B 11ms
10ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-38d48831d01a3f780c9ca24e2035c266.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

100c79a513e6586c4518cb3fe8dc1523230df375fd6da88751ca1ce1e264fb26

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gtcuw.org/donate/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 9
cache-control: max-age=60
content-encoding: br
content-length: 152
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 30 Dec 2022 18:57:15 GMT
etag: "38d48831d01a3f780c9ca24e2035c266"
last-modified: Fri, 23 Dec 2022 20:54:58 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 836
x-content-type-options: nosniff
x-request-id: 5acf3e9f-59f1-415d-976d-c51d1c501029
x-served-by: cache-yul12832-YUL

GET
H2 200 elements-inner-card-84b04129cea7abd2bdb3f462e289166d.html Show response
js.stripe.com/v3/ Frame 6A4A 798 B
1 KB 11ms
11ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-84b04129cea7abd2bdb3f462e289166d.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5707c33ab8b6375cfb94a3b71ee843397eec617ad82e35d76cece3b427f22886

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gtcuw.org/donate/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 597498
cache-control: max-age=31536000
content-encoding: br
content-length: 293
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 30 Dec 2022 18:57:15 GMT
etag: "84b04129cea7abd2bdb3f462e289166d"
last-modified: Fri, 23 Dec 2022 20:54:58 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 48193
x-content-type-options: nosniff
x-request-id: b6b50fd4-9c85-4974-a68a-43ad522abc45
x-served-by: cache-yul12832-YUL

POST
H2 200 csp-report
q.stripe.com/ Frame EBCD 0
570 B 254ms
82ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 30 Dec 2022 18:57:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame EBCD 0
570 B 253ms
81ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 30 Dec 2022 18:57:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-43a3f10a091543c9b0b5776f4b2fbc8d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame EBCD 1 KB
720 B 14ms
13ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-43a3f10a091543c9b0b5776f4b2fbc8d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-da551b803dc55c2dc0b4b9bdfeabba62.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

784672eeb9a9c4a2656d5f0c838230d8808259520a21b74aa835050c93529e52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-da551b803dc55c2dc0b4b9bdfeabba62.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 30 Dec 2022 18:57:15 GMT
via: 1.1 varnish
age: 597660
x-cache: HIT
content-length: 550
x-request-id: 5ef6b71e-58b6-4f91-95d4-5786238114d2
x-served-by: cache-yul12832-YUL
last-modified: Fri, 23 Dec 2022 20:55:08 GMT
server: Fastly
etag: "ba3b5093ebce20757a5cf45d9f166d0e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 307979

POST
H2 200 csp-report
q.stripe.com/ Frame B8F1 0
571 B 212ms
80ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 30 Dec 2022 18:57:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-e37c257c0dcd34a986ab5232b1979eba.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B8F1 294 KB
66 KB 12ms
11ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-e37c257c0dcd34a986ab5232b1979eba.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-38d48831d01a3f780c9ca24e2035c266.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fea651bb9c05b668d16a35998b48a7009e11f145ddaee7c5064d06138632f9b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.stripe.com/v3/controller-38d48831d01a3f780c9ca24e2035c266.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 30 Dec 2022 18:57:15 GMT
via: 1.1 varnish
age: 597576
x-cache: HIT
content-length: 67150
x-request-id: b7aa91f1-849e-4520-9da9-0cb0f8f050fb
x-served-by: cache-yul12832-YUL
last-modified: Fri, 23 Dec 2022 20:55:08 GMT
server: Fastly
etag: "b304f6fad72ddd9053316924f3677740"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 172230

GET
H2 200 controller-a3677fd64f27b0c96f8dfcf02245fda9.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B8F1 454 KB
110 KB 14ms
14ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-a3677fd64f27b0c96f8dfcf02245fda9.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-38d48831d01a3f780c9ca24e2035c266.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

504310545bb18b664563a31e763a7f5e045258e01ab87760a605b8b4dfb882bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.stripe.com/v3/controller-38d48831d01a3f780c9ca24e2035c266.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 30 Dec 2022 18:57:15 GMT
via: 1.1 varnish
age: 597576
x-cache: HIT
content-length: 112566
x-request-id: 4a6bf9b0-d434-4d83-aa0f-8d1691ef89aa
x-served-by: cache-yul12832-YUL
last-modified: Fri, 23 Dec 2022 20:55:06 GMT
server: Fastly
etag: "bcb1d794a14a80ef455f075108e17fb2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 139575

POST
H2 200 csp-report
q.stripe.com/ Frame 6A4A 0
570 B 274ms
156ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 30 Dec 2022 18:57:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 6A4A 0
570 B 274ms
158ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 30 Dec 2022 18:57:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-e37c257c0dcd34a986ab5232b1979eba.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6A4A 294 KB
66 KB 28ms
23ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-e37c257c0dcd34a986ab5232b1979eba.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-84b04129cea7abd2bdb3f462e289166d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fea651bb9c05b668d16a35998b48a7009e11f145ddaee7c5064d06138632f9b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-84b04129cea7abd2bdb3f462e289166d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 30 Dec 2022 18:57:15 GMT
via: 1.1 varnish
age: 597576
x-cache: HIT
content-length: 67150
x-request-id: 0713e8c4-322b-43a3-b59f-837784b3ce6f
x-served-by: cache-yul12832-YUL
last-modified: Fri, 23 Dec 2022 20:55:08 GMT
server: Fastly
etag: "b304f6fad72ddd9053316924f3677740"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 172231

GET
H2 200 ui-shared-169d7e50b75a747f05a40a93e15b6406.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6A4A 237 KB
67 KB 27ms
22ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-169d7e50b75a747f05a40a93e15b6406.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-84b04129cea7abd2bdb3f462e289166d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9f12e3b5daa42fd63733c595dde4ac06707f34ae02fa89ddc6ff4c75bf960ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-84b04129cea7abd2bdb3f462e289166d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 30 Dec 2022 18:57:15 GMT
via: 1.1 varnish
age: 770497
x-cache: HIT
content-length: 68496
x-request-id: 8403951a-80dd-4201-87cf-8e48afc122d1
x-served-by: cache-yul12832-YUL
last-modified: Wed, 21 Dec 2022 20:54:00 GMT
server: Fastly
etag: "07c5b6b4ab1ea933a0ad705447e72e84"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 44844

GET
H2 200 elements-inner-card-d085f7c6e4b8669bf4a3dae94607996b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6A4A 49 KB
12 KB 12ms
11ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-d085f7c6e4b8669bf4a3dae94607996b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-84b04129cea7abd2bdb3f462e289166d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

18669f5e115e07c0e07f4c7ae0f9bb1e6f12c99acda5a48410af54eac66004da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-84b04129cea7abd2bdb3f462e289166d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 30 Dec 2022 18:57:15 GMT
via: 1.1 varnish
age: 770496
x-cache: HIT
content-length: 12282
x-request-id: c70053cc-3b4e-4c86-8b9d-378666955e3c
x-served-by: cache-yul12832-YUL
last-modified: Wed, 21 Dec 2022 20:53:58 GMT
server: Fastly
etag: "1741efd556c97dedbed2e6d123744820"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 37683

GET
H2 200 ui-shared-7d462fcb3c0e75c087e09d3be07a53fe.css
js.stripe.com/v3/fingerprinted/css/ Frame 6A4A 19 KB
3 KB 24ms
19ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-7d462fcb3c0e75c087e09d3be07a53fe.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-84b04129cea7abd2bdb3f462e289166d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0c5081ecc9f9ecdf2c760f97886c380097c444ecd4676884ff3c67bfbc0ec6a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-84b04129cea7abd2bdb3f462e289166d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 30 Dec 2022 18:57:15 GMT
via: 1.1 varnish
age: 3705512
x-cache: HIT
content-length: 2806
x-request-id: ebaf55ea-5669-4a5d-b25a-793e3bc8285f
x-served-by: cache-yul12832-YUL
last-modified: Thu, 17 Nov 2022 21:36:36 GMT
server: Fastly
etag: "946f1f202e973574c4704321cd043858"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 133519

GET
H2 200 elements-inner-card-5e36f21b0efee6f2a4a1d898ba622fa0.css
js.stripe.com/v3/fingerprinted/css/ Frame 6A4A 6 KB
1 KB 25ms
21ms Stylesheet
text/css 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-5e36f21b0efee6f2a4a1d898ba622fa0.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-84b04129cea7abd2bdb3f462e289166d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3550c812edbcb2217b08042fcc4546528bbf0f0a8506d783642b36ea5f1c6b10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-84b04129cea7abd2bdb3f462e289166d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 30 Dec 2022 18:57:15 GMT
via: 1.1 varnish
age: 1387566
x-cache: HIT
content-length: 998
x-request-id: 9fb949ce-6b68-44b8-9e67-1e448374d417
x-served-by: cache-yul12832-YUL
last-modified: Wed, 14 Dec 2022 17:28:37 GMT
server: Fastly
etag: "58bad269080c9dead75608089271f5b8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 73334

GET
H2 404 1221
bttrack.com/Pixel/Retarget/ Frame AD76 0
0 95ms
29ms Image
text/html 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/Pixel/Retarget/1221
Requested by: Host: 8086470.fls.doubleclick.net
URL: https://8086470.fls.doubleclick.net/activityi;dc_pre=CJrxo9yCovwCFScCaAgdQk4I7A;src=8086470;type=activity;cat=uwdomain;ord=7567368629840;gtm=2wgbu0;auiddc=2125748941.1672426636;~oref=https%3A%2F%2Fwww.gtcuw.org%2Fdonate%2F?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://8086470.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H/1.1 200
OK analytics.min.js Show response
cdn.bttrack.com/js/14624/analytics/1.0/ Frame AD76 599 B
697 B 132ms
30ms Script
text/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bttrack.com/js/14624/analytics/1.0/analytics.min.js
Requested by: Host: 8086470.fls.doubleclick.net
URL: https://8086470.fls.doubleclick.net/activityi;dc_pre=CJrxo9yCovwCFScCaAgdQk4I7A;src=8086470;type=activity;cat=uwdomain;ord=7567368629840;gtm=2wgbu0;auiddc=2125748941.1672426636;~oref=https%3A%2F%2Fwww.gtcuw.org%2Fdonate%2F?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: aa19ed3a99a96f8f53ea92c35a1a66c992e2cdf7b016fe382603c2401982338d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://8086470.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 30 Dec 2022 18:57:16 GMT
Content-Encoding: gzip
X-HW: 1672426635.dop208.dc2.t,1672426636.cds091.dc2.shn,1672426636.dop208.dc2.t,1672426636.cds090.dc2.c
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=39915
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 369

GET
H2 200 dc_pre=CJrxo9yCovwCFScCaAgdQk4I7A;src=8086470;type=activity;cat=uwdomain;ord=7567368629840;gtm=2wgbu0;auiddc=*;~oref=https%3A%2F%2Fwww.gtcuw.org%2Fdonate%2F
adservice.google.com/ddm/fls/z/ Frame AD76 42 B
494 B 93ms
40ms Image
image/gif 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJrxo9yCovwCFScCaAgdQk4I7A;src=8086470;type=activity;cat=uwdomain;ord=7567368629840;gtm=2wgbu0;auiddc=*;~oref=https%3A%2F%2Fwww.gtcuw.org%2Fdonate%2F

Requested by

Host: 8086470.fls.doubleclick.net
URL: https://8086470.fls.doubleclick.net/activityi;dc_pre=CJrxo9yCovwCFScCaAgdQk4I7A;src=8086470;type=activity;cat=uwdomain;ord=7567368629840;gtm=2wgbu0;auiddc=2125748941.1672426636;~oref=https%3A%2F%2Fwww.gtcuw.org%2Fdonate%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://8086470.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 18:57:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 60ms
20ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1440302406058373&ev=PageView&dl=https%3A%2F%2Fwww.gtcuw.org%2Fdonate%2F&rl=&if=false&ts=1672426635944&sw=1600&sh=1200&v=2.9.90&r=stable&a=wordpress-6.1.1-3.0.8&ec=0&o=30&fbp=fb.1.1672426635942.1017115392&it=1672426635501&coo=false&rqm=GET

Requested by

Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 30 Dec 2022 18:57:15 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ts.js Show response
analytics.clickdimensions.com/ 28 KB
28 KB 185ms
69ms Script
application/javascript 52.159.97.111
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.clickdimensions.com/ts.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-59T4W89
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.159.97.111 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 29c3b6b0e2246ae17fb03b13a2bb3003c4d07c37092b76b3d854708bcf99aa11

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:16 GMT
last-modified: Thu, 29 Dec 2022 10:22:43 GMT
server: Microsoft-HTTPAPI/2.0
etag: "1d91b6f7c9b6bb2"
x-servicefabricrequestid: 358f640e-1d6d-4f3d-9a26-d84330590fbe
content-type: application/javascript
accept-ranges: bytes
content-length: 28722

GET
H2 200 inner.html Show response
m.stripe.network/ Frame E00D 930 B
2 KB 94ms
20ms Document
text/html 2600:9000:2514:c000:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-43a3f10a091543c9b0b5776f4b2fbc8d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2514:c000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 174
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 30 Dec 2022 18:54:23 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 0a4f6965adeb6ede9b7ffa17215c0b16.cloudfront.net (CloudFront)
x-amz-cf-id: nLzVfOzAVqaziLZ6QI45AqD7lsetekDuqV1H_1xT7tGio4AyLLc5hQ==
x-amz-cf-pop: JFK50-P8
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 85ms
45ms XHR
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=518939275&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gtcuw.org%2Fdonate%2F&ul=en-us&de=UTF-8&dt=Donate%20-%20GTCUW&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAAI~&jid=813821514&gjid=746451204&cid=1588646927.1672426636&tid=UA-11852171-2&_gid=97289312.1672426636&_r=1&gtm=2wgbu059T4W89&cd1=0&z=985256660

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gtcuw.org/donate/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 18:57:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gtcuw.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/846322137/ 42 B
548 B 92ms
42ms Image
image/gif 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/846322137/?random=1672426635584&cv=11&fst=1672423200000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.gtcuw.org%2Fdonate%2F&tiba=Donate%20-%20GTCUW&fmt=3&is_vtc=1&random=460233575&rmt_tld=0&ipr=y

Requested by

Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 18:57:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/846322137/ 42 B
548 B 101ms
40ms Image
image/gif 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/846322137/?random=1672426635584&cv=11&fst=1672423200000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.gtcuw.org%2Fdonate%2F&tiba=Donate%20-%20GTCUW&fmt=3&is_vtc=1&random=460233575&rmt_tld=1&ipr=y

Requested by

Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 18:57:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/21149d65/www-widgetapi.vflset/ 184 KB
62 KB 65ms
22ms Script
text/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/21149d65/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c8c4819f65dd12131d77a7b5d4a5ef6ab87a7385ed7aaaab68ebca112c0b1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 05:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49265
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63032
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 01:17:46 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 30 Dec 2023 05:16:11 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/846322137/ 2 KB
900 B 211ms
153ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/846322137/?random=1672426635989&cv=11&fst=1672426635989&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.gtcuw.org%2Fdonate%2F&tiba=Donate%20-%20GTCUW&auid=2125748941.1672426636&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-846322137

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b3e8a2ec0ddd4676428c4d60cd27cbe99950907ddc2a5bfe8706122f8c654d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 18:57:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 876
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 34ms
34ms Ping
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-5H35F2YSK9&gtm=2oebu0&_p=518939275&cid=1588646927.1672426636&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672426636&sct=1&seg=0&dl=https%3A%2F%2Fwww.gtcuw.org%2Fdonate%2F&dt=Donate%20-%20GTCUW&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5H35F2YSK9&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 18:57:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gtcuw.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 17490441.js Show response
bat.bing.com/p/action/ 0
118 B 63ms
63ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/17490441.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 30 Dec 2022 18:57:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 04D492EF36B240968E8764900788CFCF Ref B: YTO01EDGE0522 Ref C: 2022-12-30T18:57:16Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
176 B 48ms
47ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=17490441&tm=gtm002&Ver=2&mid=f87e0094-b93b-480f-b868-e7a5a96443d4&sid=c71581c0887311edbf099fd3de69f6ba&vid=c715f2b0887311ed9dd1571bb56e8986&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20-%20GTCUW&p=https%3A%2F%2Fwww.gtcuw.org%2Fdonate%2F&r=&lt=7345&evt=pageLoad&sv=1&rn=842264

Requested by

Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 30 Dec 2022 18:57:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 18450943B7764F23AF557D306FB47A72 Ref B: YTO01EDGE0522 Ref C: 2022-12-30T18:57:16Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame E00D 0
344 B 81ms
80ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 18:57:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame E00D 86 KB
14 KB 22ms
21ms Script
text/javascript 2600:9000:2514:c000:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2514:c000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 30 Dec 2022 18:55:06 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 0a4f6965adeb6ede9b7ffa17215c0b16.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 130
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: ZPr3BgzVkIeolqaewCxWWR8L6gafWn1Vj1CH-8v8pCLdHskWseIZzg==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 87ms
32ms XHR
text/plain 2607:f8b0:4004:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11852171-2&cid=1588646927.1672426636&jid=813821514&gjid=746451204&_gid=97289312.1672426636&_u=YGBACEAABAAAACAAI~&z=1724292596

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gtcuw.org/donate/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 30 Dec 2022 18:57:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gtcuw.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
bttrack.com/engagement/ Frame AD76 10 KB
4 KB 31ms
30ms Script
text/javascript 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to

Full URL: https://bttrack.com/engagement/js?goalId=14624&cb=1672426636152
Requested by: Host: cdn.bttrack.com
URL: https://cdn.bttrack.com/js/14624/analytics/1.0/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: c4a97766395dfc34d2524579f73a0902388440e3706d89120c1592d8573fb711

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://8086470.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-servername: Track003-iad
pragma: no-cache
date: Fri, 30 Dec 2022 18:57:00 GMT
content-encoding: gzip
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
content-type: text/javascript; charset=utf-8
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control: private,no-cache
expires: -1

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 6A4A 474 B
606 B 35ms
10ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e37c257c0dcd34a986ab5232b1979eba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

35d27b9f9d5a4655f4637b5bef1f1a3ec5079b4aa42f5081db80d770b53615fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-84b04129cea7abd2bdb3f462e289166d.html
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 30 Dec 2022 18:57:16 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 60
x-cache: HIT
content-length: 295
x-request-id: 114fd789-ef0b-40a6-b90b-60cd651c36d4
x-served-by: cache-yul12830-YUL
last-modified: Fri, 23 Dec 2022 21:23:42 GMT
server: Fastly
etag: "732c00e99ac830ce837d1fde06b0c64a"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 26

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame B8F1 474 B
370 B 11ms
10ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e37c257c0dcd34a986ab5232b1979eba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

35d27b9f9d5a4655f4637b5bef1f1a3ec5079b4aa42f5081db80d770b53615fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-38d48831d01a3f780c9ca24e2035c266.html
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 30 Dec 2022 18:57:16 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 60
x-cache: HIT
content-length: 295
x-request-id: f5c9bda6-f04a-4d42-a95d-bdd977fd2e06
x-served-by: cache-yul12830-YUL
last-modified: Fri, 23 Dec 2022 21:23:42 GMT
server: Fastly
etag: "732c00e99ac830ce837d1fde06b0c64a"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 27

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 85ms
39ms Image
image/gif 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-11852171-2&cid=1588646927.1672426636&jid=813821514&_u=YGBACEAABAAAACAAI~&z=1604178218

Requested by

Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 18:57:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 82ms
38ms Image
image/gif 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-11852171-2&cid=1588646927.1672426636&jid=813821514&_u=YGBACEAABAAAACAAI~&z=1604178218

Requested by

Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 18:57:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tsr.js Show response
analytics.clickdimensions.com/ 0
273 B 32ms
32ms Script
text/plain 52.159.97.111
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.clickdimensions.com/tsr.js?ac=aFz8PG6UWnkulXBkCn6MTB&urk=1672426636299&cm=&s=1672426636297&v=&lc=English&pt=Donate%20-%20GTCUW&dn=gtcuw.org&dnk=&pk=&hn=www.gtcuw.org&uri=https%3A%2F%2Fwww.gtcuw.org%2Fdonate%2F&r=&t=PAGE&b=CHROME&os=WINDOWS&pr=false&sc=0&sv=6.0&qd=&dt=1672426636299&pvon=
Requested by: Host: analytics.clickdimensions.com
URL: https://analytics.clickdimensions.com/ts.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.159.97.111 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:16 GMT
referrer-policy: no-referrer-when-downgrade
server: Microsoft-HTTPAPI/2.0
x-servicefabricrequestid: c8584698-fcbd-4789-96a7-2d1adb79027b
access-control-max-age: 3600
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-allow-headers: Content-Type,Accept,g-recaptcha-response

GET
H2 200 event Show response
bttrack.com/engagement/ Frame AD76 0
188 B 81ms
31ms XHR
text/plain 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to

Full URL: https://bttrack.com/engagement/event?input=%7B%22globalId%22%3A%22235cba6d-b966-494a-867c-9dda6838a4e6%22%2C%22creativeId%22%3A%22%22%2C%22placementId%22%3A%22%22%2C%22goalId%22%3A%2214624%22%2C%22sessionId%22%3A%2278f301b1-778d-458f-981c-fcfeb1769aaa%22%2C%22parentPublisherId%22%3A%22%22%2C%22publisherId%22%3A%22%22%2C%22siteId%22%3A%22%22%2C%22commonId%22%3A%22%22%2C%22heartbeat%22%3A1%2C%22url%22%3A%22https%3A%2F%2F8086470.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCJrxo9yCovwCFScCaAgdQk4I7A%3Bsrc%3D8086470%3Btype%3Dactivity%3Bcat%3Duwdomain%3Bord%3D7567368629840%3Bgtm%3D2wgbu0%3Bauiddc%3D2125748941.1672426636%3B~oref%3Dhttps%253A%252F%252Fwww.gtcuw.org%252Fdonate%252F%3F%22%2C%22fingerprint%22%3A%22%22%2C%22fingerprintProvider%22%3A%22%22%7D
Requested by: Host: bttrack.com
URL: https://bttrack.com/engagement/js?goalId=14624&cb=1672426636152
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://8086470.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-servername: Track002-iad
pragma: no-cache
date: Fri, 30 Dec 2022 18:57:00 GMT
content-encoding: gzip
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
content-type: text/plain
access-control-allow-origin: *
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control: private,no-cache
content-length: 0
expires: -1

GET
H2 200 getpixels Show response
bttrack.com/engagement/ Frame AD76 0
226 B 78ms
29ms XHR
text/html 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to

Full URL: https://bttrack.com/engagement/getpixels?gid=14624
Requested by: Host: bttrack.com
URL: https://bttrack.com/engagement/js?goalId=14624&cb=1672426636152
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://8086470.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-servername: Track001-iad
pragma: no-cache
date: Fri, 30 Dec 2022 18:57:00 GMT
content-encoding: gzip
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
content-type: text/html
access-control-allow-origin: *
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control: private,no-cache
content-length: 0
expires: -1

GET
H3 200 /
www.google.com/pagead/1p-user-list/846322137/ 42 B
64 B 40ms
39ms Image
image/gif 2607:f8b0:4006:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/846322137/?random=1672426635989&cv=11&fst=1672423200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.gtcuw.org%2Fdonate%2F&tiba=Donate%20-%20GTCUW&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2278512589&rmt_tld=0&ipr=y

Requested by

Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 18:57:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/846322137/ 42 B
64 B 41ms
41ms Image
image/gif 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/846322137/?random=1672426635989&cv=11&fst=1672423200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.gtcuw.org%2Fdonate%2F&tiba=Donate%20-%20GTCUW&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2278512589&rmt_tld=1&ipr=y

Requested by

Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Dec 2022 18:57:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame E00D 156 B
522 B 283ms
84ms XHR
application/json 35.166.137.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.166.137.69 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-166-137-69.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

c3b7a2c27bc05f21e1eb597edf4f9bdb47f8454e9b15586313d85672ef670a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 30 Dec 2022 18:57:16 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 0 Show response
r.stripe.com/ Frame B8F1 0
127 B 169ms
157ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e37c257c0dcd34a986ab5232b1979eba.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 30 Dec 2022 18:57:16 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame B8F1 0
127 B 175ms
164ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e37c257c0dcd34a986ab5232b1979eba.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 30 Dec 2022 18:57:16 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame B8F1 0
127 B 176ms
166ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e37c257c0dcd34a986ab5232b1979eba.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 30 Dec 2022 18:57:16 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame B8F1 0
127 B 167ms
158ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e37c257c0dcd34a986ab5232b1979eba.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 30 Dec 2022 18:57:16 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame B8F1 0
127 B 164ms
156ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e37c257c0dcd34a986ab5232b1979eba.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 30 Dec 2022 18:57:16 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame B8F1 0
127 B 170ms
163ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e37c257c0dcd34a986ab5232b1979eba.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 30 Dec 2022 18:57:16 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame B8F1 0
127 B 172ms
167ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e37c257c0dcd34a986ab5232b1979eba.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 30 Dec 2022 18:57:16 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame B8F1 0
127 B 165ms
162ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e37c257c0dcd34a986ab5232b1979eba.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 30 Dec 2022 18:57:16 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame B8F1 0
127 B 168ms
166ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e37c257c0dcd34a986ab5232b1979eba.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 30 Dec 2022 18:57:16 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame B8F1 0
127 B 172ms
171ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e37c257c0dcd34a986ab5232b1979eba.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 30 Dec 2022 18:57:16 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame B8F1 0
127 B 168ms
167ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e37c257c0dcd34a986ab5232b1979eba.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 30 Dec 2022 18:57:16 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame B8F1 0
127 B 174ms
174ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e37c257c0dcd34a986ab5232b1979eba.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 30 Dec 2022 18:57:16 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame B8F1 0
127 B 166ms
166ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e37c257c0dcd34a986ab5232b1979eba.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 30 Dec 2022 18:57:16 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H3 200 / Show response
www.facebook.com/tr/ Frame E653 0
18 B 41ms
19ms Document
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.gtcuw.org
Referer: https://www.gtcuw.org/donate/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.gtcuw.org
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 30 Dec 2022 18:57:16 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 openbridge_plugin.js Show response
www.gtcuw.org/wp-content/plugins/official-facebook-pixel/js/ 182 KB
57 KB 171ms
171ms Script
application/javascript 216.59.56.95
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gtcuw.org/wp-content/plugins/official-facebook-pixel/js/openbridge_plugin.js
Requested by: Host: www.gtcuw.org
URL: https://www.gtcuw.org/donate/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.95 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 761aeff2e8803ba4c48511b4424f2bef7ec26194f4decf3ed8d2741d52952871

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gtcuw.org/donate/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 18:57:17 GMT
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 20:27:35 GMT
server: Microsoft-IIS/10.0
etag: "80958fdcf9f9d81:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 57939

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 130A 833 B
1 KB 27ms
26ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=b41zznk&ref=https%3A%2F%2Fwww.gtcuw.org%2Fdonate%2F&upid=yv8rrpe&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 3eafdf3507df7462d490e9f95cacd16de0de65649f23c82818243c2dba80bf24

Request headers

Referer: https://www.gtcuw.org/donate/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Fri, 30 Dec 2022 18:57:16 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

POST
H2 200 0 Show response
r.stripe.com/ Frame B8F1 0
127 B 87ms
85ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-e37c257c0dcd34a986ab5232b1979eba.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 30 Dec 2022 18:57:16 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame 130A 487 B
987 B 18ms
18ms Script
application/x-javascript 143.204.138.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=b41zznk&ref=https%3A%2F%2Fwww.gtcuw.org%2Fdonate%2F&upid=yv8rrpe&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.138.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-138-162.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://insight.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 30 Dec 2022 02:25:55 GMT
Via: 1.1 f90455bc1ae6b17d472e4be0fa0d191e.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C2
Age: 59482
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: UcFxHIgW5iDjZ_jhKOuSA_rx4I1BSwCOGAzfb7YNrOtQxnH5u5HAjA==

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 949D
Redirect Chain

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=55f25597-513a-4eab-b708-ed54335be946&r=https%3A%2F%2Fmatch.adsrvr.org%2...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic

70 B
693 B

25ms
24ms

Document
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Fri, 30 Dec 2022 18:57:17 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: no-store, no-cache, private
date: Fri, 30 Dec 2022 18:57:17 GMT
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 7C3B
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=55f25597-513a-4eab-b708-ed54335be946&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
https://x.bidswitch.net/ul_cb/syncd?dsp_id=93&user_group=1&user_id=55f25597-513a-4eab-b708-ed54335be946&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch

70 B
693 B

25ms
24ms

Document
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Fri, 30 Dec 2022 18:57:17 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Fri, 30 Dec 2022 18:57:17 GMT
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.gtcuw.org
URL: https://www.gtcuw.org/wp-content/plugins/revslider/admin/assets/icons/material-icons.css?ver=6.3.4

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fonts.net/	1970-01-20 08:33:48	Name: __cf_bm Value: SVcSAO91f5HtGNha6chn5oXNoB2k3w6mn.7Jaf_Gtsk-1672426633-0-ATJqhL3Jxg4uy2m4RHAPULfy9KaKksOjv1yh/UWTFIUM/aojtItFr+Qb+k6n5p8FESDH89uMPng8PscGJjLPnRw=
.gtcuw.org/	1970-01-20 10:43:22	Name: _gcl_au Value: 1.1.2125748941.1672426636
.bing.com/	1970-01-20 17:55:22	Name: MUID Value: 24E596670EDA6C8E2E5684ED0F706D63
.bat.bing.com/	1970-01-20 08:43:51	Name: MR Value: 0
.adsrvr.org/	1970-01-20 17:19:22	Name: TDID Value: 55f25597-513a-4eab-b708-ed54335be946
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: TKZvnJhCaMI
.youtube.com/	1970-01-20 12:52:58	Name: VISITOR_INFO1_LIVE Value: DuRkLmFXzS4
.doubleclick.net/	1970-01-20 18:09:46	Name: IDE Value: AHWqTUmOxbVkAR99fs6d4JLxXOZ8sFuILm65Yzbu8gv0Ivz8R6HuZfS4TBfwC09sE_g
.gtcuw.org/	1970-01-20 10:43:22	Name: _fbp Value: fb.1.1672426635942.1017115392
.yahoo.com/	1970-01-20 17:19:44	Name: A3 Value: d=AQABBIs0r2MCEDpevBzmMEuMa6U50UNE7-AFEgEBAQGGsGO5YwAAAAAA_eMAAA&S=AQAAAmc6x55lw5nr_FESuKglpWE
.gtcuw.org/	1970-01-20 08:35:13	Name: _gid Value: GA1.2.97289312.1672426636
.gtcuw.org/	1970-01-20 08:33:46	Name: _gat_UA-11852171-2 Value: 1
.bttrack.com/	1970-01-20 10:43:22	Name: GLOBALID Value: 2uKlc8-sIBd984cS0Cb2DtjNhbeuOj4q2AaNV5XmQnzR4C36F7pDr0QaZuvoMSyuF5Cfg1y_srMC4Q2
.gtcuw.org/	1970-01-20 18:09:46	Name: _ga_5H35F2YSK9 Value: GS1.1.1672426636.1.0.1672426636.0.0.0
.gtcuw.org/	1970-01-20 18:09:46	Name: _ga Value: GA1.1.1588646927.1672426636
.gtcuw.org/	1970-01-20 08:35:13	Name: _uetsid Value: c71581c0887311edbf099fd3de69f6ba
.gtcuw.org/	1970-01-20 17:55:22	Name: _uetvid Value: c715f2b0887311ed9dd1571bb56e8986
.analytics.yahoo.com/	1970-01-20 17:19:22	Name: IDSYNC Value: 1769~2956
.www.gtcuw.org/	1970-01-20 08:33:48	Name: cusid Value: 1672426636297
.gtcuw.org/	1970-01-20 08:33:48	Name: cuvon Value: 1672426636299
.gtcuw.org/	1970-01-20 08:33:48	Name: cusid Value: 1672426636297
.adnxs.com/	1970-01-20 10:43:22	Name: uuid2 Value: 3793850492928119709
.rubiconproject.com/	1970-01-20 17:19:22	Name: khaos Value: LCAVMZPW-V-57WE
.rubiconproject.com/	1970-01-20 17:19:22	Name: audit Value: 1\|h4QxX5mPRKr4Tkdm02X1v24H7LjHUy4eJWSTag+uyJvWaDs14xzbSFvTPzObIsgYrfqmUMR7Io2M1KxoLazIt9i2Wk5FrGos0XY24Ec+XLucXZH+rPkwAzar9TeOhFwd/c32PPYMHKcu6Y8IJJwbgGQcD6xw8vWGz11ZvUtF/WFbOz6AjJtUa8ZnH3r7x5VAdeodiyl5GGjkt77VmXBK7kiCfUmSYXqD+ohH/uuQN8oOr/S07bYDcYQkZmofZQkSVSwKu1RXSJT0/fhu8/pkBO4VeIulq+4M1TRwmTZWV3Xc6UO785F0Pw==
m.stripe.com/	1970-01-20 18:09:46	Name: m Value: 9fadece8-e830-4e43-964a-09e2058cff500ea469
.www.gtcuw.org/	1970-01-20 17:19:22	Name: __stripe_mid Value: d94b9c8a-525f-4239-b014-41cb2bb27704025c22
.www.gtcuw.org/	1970-01-20 08:33:48	Name: __stripe_sid Value: 27bb1920-7f1f-49f6-a6e3-17d819de555e97ba4a
.casalemedia.com/	1970-01-20 17:19:22	Name: CMID Value: Y680jKLnTVp5-0UhFCE8.gAA
.casalemedia.com/	1970-01-20 10:43:22	Name: CMPS Value: 1398
.casalemedia.com/	1970-01-20 10:43:22	Name: CMPRO Value: 1398
.pubmatic.com/	1970-01-20 10:43:22	Name: KRTBCOOKIE_377 Value: 6810-55f25597-513a-4eab-b708-ed54335be946&KRTB&22918-55f25597-513a-4eab-b708-ed54335be946&KRTB&23031-55f25597-513a-4eab-b708-ed54335be946
.pubmatic.com/	1970-01-20 09:16:58	Name: PugT Value: 1672426637
.bidswitch.net/	1970-01-20 17:19:22	Name: tuuid Value: 5c9c8d20-1201-41f4-af67-3dbdbe30d591
.bidswitch.net/	1970-01-20 17:19:22	Name: c Value: 1672426637
.bidswitch.net/	1970-01-20 17:19:22	Name: tuuid_lu Value: 1672426637
.adsrvr.org/	1970-01-20 17:19:22	Name: TDCPM Value: CAESGQoKcmlnaHRtZWRpYRILCJa81bW2qLU7EAUSFwoIYXBwbmV4dXMSCwimrLm8tqi1OxAFEhYKB3J1Ymljb24SCwimrLm8tqi1OxAFEhUKBmdvb2dsZRILCOTz67-2qLU7EAUSFQoGY2FzYWxlEgsI5PPrv7aotTsQBRIXCghwdWJtYXRpYxILCJjIosG2qLU7EAUSGAoJYmlkc3dpdGNoEgsImMiiwbaotTsQBRgFIAIoAzILCJjApe7MqLU7EAVCDyINCAESCQoFdGllcjMQAVoHYjQxenpua2AB

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.gtcuw.org/donate/ Message: Refused to apply style from 'https://www.gtcuw.org/wp-content/plugins/revslider/admin/assets/icons/material-icons.css?ver=6.3.4' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://bttrack.com/Pixel/Retarget/1221 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8086470.fls.doubleclick.net
adservice.google.com
analytics.clickdimensions.com
bat.bing.com
bttrack.com
cdn.bttrack.com
cdn.jsdelivr.net
click.dsp.gtcuw.org
cm.g.doubleclick.net
connect.facebook.net
dsum-sec.casalemedia.com
fast.fonts.net
fonts.googleapis.com
googleads.g.doubleclick.net
ib.adnxs.com
insight.adsrvr.org
js.adsrvr.org
js.stripe.com
m.stripe.com
m.stripe.network
match.adsrvr.org
p.typekit.net
pixel.rubiconproject.com
q.stripe.com
r.stripe.com
simage2.pubmatic.com
stats.g.doubleclick.net
ups.analytics.yahoo.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gtcuw.org
www.youtube.com
x.bidswitch.net
www.gtcuw.org
128.17.225.164
142.250.81.230
142.251.40.226
143.204.138.162
15.197.193.217
151.101.128.176
162.248.18.37
192.132.33.46
192.40.39.223
216.59.56.95
2600:1400:d::17db:5d0b
2600:1400:d::17db:5d2b
2600:9000:2514:c000:19:7d10:bd80:93a1
2606:4700::6811:e04e
2607:f8b0:4004:c1b::9b
2607:f8b0:4006:806::200e
2607:f8b0:4006:80d::2002
2607:f8b0:4006:817::2004
2607:f8b0:4006:81e::2003
2607:f8b0:4006:821::200e
2607:f8b0:4006:823::2002
2607:f8b0:4006:823::2008
2607:f8b0:4006:823::200a
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:400::485
35.166.137.69
35.211.178.172
52.159.97.111
52.45.33.138
54.187.159.182
68.67.181.211
69.16.175.42
69.173.151.100
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
033a0ebc898c7c4a9c6e1ed3f80ba531112eb927cbad9857505aa0420da8716d
0867357d45a0d360e59230ae4a8c9c6f30dfff485b91bd69ae7f2c98ea6f41ec
0a4bc5b9e39156f467df7ab86787cb30f72d4a001da60d8eaa6f3c01f926f019
0c5081ecc9f9ecdf2c760f97886c380097c444ecd4676884ff3c67bfbc0ec6a3
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0d67b31d075d589fd9334cb5d6dc697819e2e44404906c82e9f06c4f9896c132
100c79a513e6586c4518cb3fe8dc1523230df375fd6da88751ca1ce1e264fb26
16f61d990c98e604bc1840177e5d903a452b92e3f4cadf7008d3c11f748aab3d
18669f5e115e07c0e07f4c7ae0f9bb1e6f12c99acda5a48410af54eac66004da
1a13536c61e765d231a627e55f6919ed28e74ce8ef45e6e30872b86c4c8245bc
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d88db407cf3c60be4d258f7cd3c0b6a464df0ce77153fed90afbe103fee6d96
208d013c583899ce6bb2fe281662492caa32a1edd39924f7e5760233c22c7f69
2429a23b1f06c32f477464a84285fc73bd92f861ed539412381243cf327f167c
272c08ccba5f883006400f7d490a1393f8114e239b97043e0d2d018a257ca368
29c3b6b0e2246ae17fb03b13a2bb3003c4d07c37092b76b3d854708bcf99aa11
2fae942f4865459d9888b1d113b40151e801a17e90ac060c823e7d3ff75b694a
31fe1bafd74b7bc8bb88aca7960401d95b1a6de990b9cbadc562c173b8c560e7
3550c812edbcb2217b08042fcc4546528bbf0f0a8506d783642b36ea5f1c6b10
35d27b9f9d5a4655f4637b5bef1f1a3ec5079b4aa42f5081db80d770b53615fa
3eafdf3507df7462d490e9f95cacd16de0de65649f23c82818243c2dba80bf24
504310545bb18b664563a31e763a7f5e045258e01ab87760a605b8b4dfb882bc
55083fe9dd829b671e79bd715c88cde64b84684e8d5355562fa1ef8ef65c9088
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
5707c33ab8b6375cfb94a3b71ee843397eec617ad82e35d76cece3b427f22886
587f9e509e7376126988065d02422449089e5e5415a8c0a5482cac3953dc3c0a
593a02f1dd433aedbac31e9f0dbd5a2eeb6f0fa03077d0290bddd62ca1446c75
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
62181f530b234eaa00857b27af4dbdf885747092160996086b0069195c6043b7
64378a97b42778b065b6b3c4d4e0df00f46dbeba76b1ae0f7e3bff51be73aa6d
6e797142281ac8bdd264cd6810043c5880eccf8797b420d437e9310453d1e2c9
761aeff2e8803ba4c48511b4424f2bef7ec26194f4decf3ed8d2741d52952871
779ae1e963b5e8a5263625a174e34dfcd073775f2893211fc7e304fb70f0e3a7
784672eeb9a9c4a2656d5f0c838230d8808259520a21b74aa835050c93529e52
78ce091142b305af741bf60aa179ac1c37d8dbe13b71f2f904e8f9e8e4b0b36b
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
8364303080162bd81dd4f80f5a35f397b6a831d462e287e2058dfe48fd83cea3
84852c105591bcc4d613971e492eb810e157e04d263e470d5289e7a1e950260c
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
886bb1876ed6c6b23065cb9ce55d8fd793e94593318627a43e2dd1362d40d999
8d2a52f42ca1a04b030d1f0cb97657c693e5bb29b2de6628281c28765ea1c2a9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8df23a6c6f7734234349acd5a834b2a3ab331abe4b1260f7f6c0a056c27f46c2
91d186dd865d68b4283611b16c0872ab949ca5e1f6980a68e1f4295e39ec689b
95f59f9a4a19697496edc01bb55011ea4056f90625cc816a7f18256f056a6258
993cfcbea6cba1f57cec926311d4c2f105e72982a13ee57801cb5d451aec84b7
9a7af3386b3cb936308706d693fa46e6c9dd3606cdd69118ae59fbd44da2fbcf
9b3e8a2ec0ddd4676428c4d60cd27cbe99950907ddc2a5bfe8706122f8c654d8
9c8c4819f65dd12131d77a7b5d4a5ef6ab87a7385ed7aaaab68ebca112c0b1ff
9f12e3b5daa42fd63733c595dde4ac06707f34ae02fa89ddc6ff4c75bf960ec4
a3a3d27dc4630a4da6398db0d44e030adba770de40e303dc64d8e2da6c9ce4e1
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
aa19ed3a99a96f8f53ea92c35a1a66c992e2cdf7b016fe382603c2401982338d
afb85cc0ede42e76244969d3d277ec8a7c2cc1a8117f980e45075488cf15e4e2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b7c779bbb3234d4d1b4e200856bb10c4bc86e730e3699fc56ea100c5fdb6efae
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c37e0c04d459f8b20a98ff6f90ff6c029256299558bc77eb5069e0ae0dcf62d6
c3b7a2c27bc05f21e1eb597edf4f9bdb47f8454e9b15586313d85672ef670a39
c4596b16b126326b0d8fc2fb8bf91389ad3dc4671a269187913c19a8f2ad1094
c4a97766395dfc34d2524579f73a0902388440e3706d89120c1592d8573fb711
c4db351e7b79f5ed215ba61fae34b3eebc733da305e877826b17fc2de3c90cd8
c9087c9f98d27ca29e42a34434c172e9af77aab2195df77b00d1c5e963adb0b3
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cff7b26871c06044d37b299a44ad5210afd686e265b062df7d517e150ee90aa5
d6ba97daf70593ef054ae4ba4749bf7c53829921f6c7e83038e3b6ee0a53e953
d8be3a402a3b2ad808402cea111ba3d286239d88e06c8e2969c84f46050dc88a
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deb26f8d2e299d4db5f86175ff9e29c9ba9f6d1b6f010adda0bbf7b3ba9ac522
e2302100a2c509677cd49f40d27e789a29fdf63d94b8cf38b478bda44ad4c908
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70b0c7212b702a1d6872b4d39da795255d50c4cad9f8803ba3d03ae7af5ac78
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f927310173e268d83f993281e2a6a672dbd90a6909d4eb33fccb72174f647521
fea651bb9c05b668d16a35998b48a7009e11f145ddaee7c5064d06138632f9b4

www.gtcuw.org Open in urlscan Pro 216.59.56.95 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

123 Requests

98 %HTTPS

49 %IPv6

25 Domains

37 Subdomains

29 IPs

2 Countries

3537 kBTransfer

6085 kBSize

36 Cookies

10 Outgoing links

Page URL History

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gtcuw.org Open in urlscan Pro
216.59.56.95 Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

98 %
HTTPS

49 %
IPv6

25
Domains

37
Subdomains

29
IPs

2
Countries

3537 kB
Transfer

6085 kB
Size

36
Cookies

123 HTTP transactions
1 data transactions