urlscan.io logo urlscan.io
SecurityTrails logo

secure.rif.org Open in urlscan Pro
2606:4700::6810:c8f3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://us.engagingnetworks.app/page/email/click/10030/1369655?email=E%2BqVwc0kRqzgQjUe4UV2%2FEQBzSgaLoPBFy%2BjU0C9MFw=&campid=d...
Effective URL: https://secure.rif.org/page/23117/donate/1
Submission: On August 10 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 15 domains to perform 46 HTTP transactions. The main IP is 2606:4700::6810:c8f3, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.rif.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 9th 2022. Valid for: a year.
This is the only time secure.rif.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700::6810:c9f3 (United States)

ASN13335 (CLOUDFLARENET, US)
us.engagingnetworks.app
8    2606:4700::6810:c8f3 (United States)

ASN13335 (CLOUDFLARENET, US)
secure.rif.org
1    96.16.137.109 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-137-109.deploy.static.akamaitechnologies.com
cloud.typography.com
1    35.71.141.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: a258468d1905fbdfe.awsglobalaccelerator.com
www.rif.org
3    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    23.35.236.213 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-213.deploy.static.akamaitechnologies.com
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f6.1e100.net
ad.doubleclick.net
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
4    52.55.9.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-9-32.compute-1.amazonaws.com
tags.wdsvc.net
5    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2600:9000:206f:c000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
3    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
Apex Domain
Subdomains		 Transfer
9 rif.org
secure.rif.org
www.rif.org
70 KB
6 rackcdn.com
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com — Cisco Umbrella Rank: 161758
781 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
665 B
4 wdsvc.net
tags.wdsvc.net — Cisco Umbrella Rank: 30083
28 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
4 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 214
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
stats.g.doubleclick.net — Cisco Umbrella Rank: 118
3 KB
3 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 619
781 B
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
195 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
170 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 983
pixel.quantserve.com — Cisco Umbrella Rank: 465
10 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 953
354 B
1 google.de
www.google.de — Cisco Umbrella Rank: 5596
548 B
1 google.com
www.google.com — Cisco Umbrella Rank: 10
548 B
1 typography.com
cloud.typography.com — Cisco Umbrella Rank: 5655
248 B
1 engagingnetworks.app
us.engagingnetworks.app — Cisco Umbrella Rank: 163496
539 B
46 15
Domain Requested by
8 secure.rif.org secure.rif.org
6 acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com secure.rif.org
5 www.facebook.com secure.rif.org
4 tags.wdsvc.net 1 redirects secure.rif.org
tags.wdsvc.net
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
secure.rif.org
3 insight.adsrvr.org
3 connect.facebook.net secure.rif.org
connect.facebook.net
3 www.googletagmanager.com secure.rif.org
2 stats.g.doubleclick.net www.google-analytics.com
1 pixel.quantserve.com secure.rif.org
1 rules.quantcount.com secure.quantserve.com
1 www.google.de secure.rif.org
1 www.google.com secure.rif.org
1 secure.quantserve.com www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 ad.doubleclick.net secure.rif.org
1 www.rif.org secure.rif.org
1 cloud.typography.com secure.rif.org
1 us.engagingnetworks.app 1 redirects
46 19

This site contains links to these domains. Also see Links.

Domain
www.rif.org
Subject Issuer Validity Valid
secure.rif.org
Cloudflare Inc ECC CA-3		 2022-05-09 -
2023-05-09		 a year crt.sh
*.typography.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-03		 a year crt.sh
rif.org
Amazon		 2021-10-21 -
2022-11-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.ssl.cf5.rackcdn.com
DigiCert SHA2 Secure Server CA		 2022-01-30 -
2023-01-31		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-05-20 -
2022-08-18		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
tags.wdsvc.net
Go Daddy Secure Certificate Authority - G2		 2021-11-01 -
2022-12-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh

This page contains 2 frames:

Primary Page: https://secure.rif.org/page/23117/donate/1
Frame ID: 4F8C84378B33CA83CBADB88E0193D5F3
Requests: 45 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N9539.197812NSO.CODESRV/B20633207.212615426;sz=1x2;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=
Frame ID: 034B0D58912FDF8777BF44CA6222CF91
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Give Today - Reading Is Fundamental

Page URL History Show full URLs

  1. http://us.engagingnetworks.app/page/email/click/10030/1369655?email=E%2BqVwc0kRqzgQjUe4UV2%2FEQBzSgaLoPBFy%... HTTP 307
    https://us.engagingnetworks.app/page/email/click/10030/1369655?email=E%2BqVwc0kRqzgQjUe4UV2%2FEQBzSgaLoPBFy%... HTTP 307
    https://secure.rif.org/page/23117/donate/1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

46
Requests

98 %
HTTPS

67 %
IPv6

15
Domains

19
Subdomains

17
IPs

3
Countries

1279 kB
Transfer

2335 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://us.engagingnetworks.app/page/email/click/10030/1369655?email=E%2BqVwc0kRqzgQjUe4UV2%2FEQBzSgaLoPBFy%2BjU0C9MFw=&campid=dsQhspoZ8juZkArzVWMSmA== HTTP 307
    https://us.engagingnetworks.app/page/email/click/10030/1369655?email=E%2BqVwc0kRqzgQjUe4UV2%2FEQBzSgaLoPBFy%2BjU0C9MFw=&campid=dsQhspoZ8juZkArzVWMSmA== HTTP 307
    https://secure.rif.org/page/23117/donate/1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://tags.wdsvc.net/controller.js?id=100250 HTTP 302
  • https://tags.wdsvc.net/container.js?id=100250&v=4.00&t=1660165248226

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 1
secure.rif.org/page/23117/donate/
Redirect Chain
  • http://us.engagingnetworks.app/page/email/click/10030/1369655?email=E%2BqVwc0kRqzgQjUe4UV2%2FEQBzSgaLoPBFy%2BjU0C9MFw=&campid=dsQhspoZ8juZkArzVWMSmA==
  • https://us.engagingnetworks.app/page/email/click/10030/1369655?email=E%2BqVwc0kRqzgQjUe4UV2%2FEQBzSgaLoPBFy%2BjU0C9MFw=&campid=dsQhspoZ8juZkArzVWMSmA==
  • https://secure.rif.org/page/23117/donate/1
22 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.rif.org/page/23117/donate/1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c8f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c88349a1d727cb458eecf958532d66669368e3db9ca77d15fe39b9a2fb22185f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
738ba9b668d49150-FRA
content-encoding
br
content-security-policy
frame-ancestors 'self'
content-type
text/html
date
Wed, 10 Aug 2022 21:00:46 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
738ba9b32fcd906d-FRA
content-length
0
date
Wed, 10 Aug 2022 21:00:46 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://secure.rif.org/page/23117/donate/1
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
fonts.css
cloud.typography.com/6635656/6298392/css/ 		17 B
248 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cloud.typography.com/6635656/6298392/css/fonts.css
Requested by
Host: secure.rif.org
URL: https://secure.rif.org/page/23117/donate/1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.137.109 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-137-109.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f2e53e56c4c3f42d0f7654ddedfa5cb642a4c2a6389435c6e4ae65fbfafd9f12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 21:00:47 GMT
Cache-Control
max-age=300
Server
AkamaiNetStorage
Connection
keep-alive
ETag
"f130fd70bd4cfa88cacd6d9b4c8c0f19:1595815059"
Content-Length
17
Content-Type
text/css
Branding-Semibold.css
www.rif.org/sites/all/themes/custom/rif2018/build/fonts/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rif.org/sites/all/themes/custom/rif2018/build/fonts/Branding-Semibold.css
Requested by
Host: secure.rif.org
URL: https://secure.rif.org/page/23117/donate/1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.141.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a258468d1905fbdfe.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-3527727-1
Requested by
Host: secure.rif.org
URL: https://secure.rif.org/page/23117/donate/1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d09d85c893ea5776e660ca75501d93a4455e441173653bb0a86a17c3ecc19169
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:00:47 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41880
x-xss-protection
0
expires
Wed, 10 Aug 2022 21:00:47 GMT
enPage.css
secure.rif.org/ea-demo/frontend/pbAssets/build/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.rif.org/ea-demo/frontend/pbAssets/build/css/enPage.css?v=3.45.0
Requested by
Host: secure.rif.org
URL: https://secure.rif.org/page/23117/donate/1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c8f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/page/23117/donate/1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:00:47 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html;charset=UTF-8
cache-control
public, max-age=1800
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security
max-age=15552000; includeSubDomains
cf-ray
738ba9b99e149150-FRA
expires
Wed, 10 Aug 2022 21:30:47 GMT
pagedata.js
secure.rif.org/page/11243/campaigner/0/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.rif.org/page/11243/campaigner/0/pagedata.js?locale=en-US
Requested by
Host: secure.rif.org
URL: https://secure.rif.org/page/23117/donate/1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c8f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/page/23117/donate/1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:00:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/html;charset=UTF-8
cf-ray
738ba9b9ae169150-FRA
enPage.js
secure.rif.org/ea-demo/frontend/pbAssets/build/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.rif.org/ea-demo/frontend/pbAssets/build/js/enPage.js?v=3.45.0
Requested by
Host: secure.rif.org
URL: https://secure.rif.org/page/23117/donate/1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c8f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/page/23117/donate/1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:00:47 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html;charset=UTF-8
cache-control
public, max-age=1800
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security
max-age=15552000; includeSubDomains
cf-ray
738ba9b9ae179150-FRA
expires
Wed, 10 Aug 2022 21:30:47 GMT
4Site-en-page-theme.css
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10030/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10030/4Site-en-page-theme.css?v=1517856560000
Requested by
Host: secure.rif.org
URL: https://secure.rif.org/page/23117/donate/1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-213.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a18290cf43c58bfc0729ab5273a9af692cdc2669b5b494343d145ef777fe0636

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 21:00:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Apr 2018 17:54:04 GMT
X-Object-Meta-Enid
1524592443068
ETag
2309a985874a0ef3ebea17f1eda87d17
Vary
Accept-Encoding
Content-Type
text/css
X-Timestamp
1524592443.29097
Cache-Control
public, max-age=856
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5016
X-Trans-Id
tx066c8e96777144009989c-0062f41c7fiad3
Expires
Wed, 10 Aug 2022 21:15:03 GMT
enPage.css
secure.rif.org/pageassets/css/ 		45 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.rif.org/pageassets/css/enPage.css?v=4.0.0
Requested by
Host: secure.rif.org
URL: https://secure.rif.org/page/23117/donate/1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c8f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3164c6a1238073e973cf4b7d73c539736de5933498279bb75a501dce944ff96
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/page/23117/donate/1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:00:47 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 18 Jun 2022 02:13:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=1800
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security
max-age=15552000; includeSubDomains
cf-ray
738ba9b99e159150-FRA
expires
Wed, 10 Aug 2022 21:30:47 GMT
pagedata.js
secure.rif.org/page/23117/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.rif.org/page/23117/pagedata.js?locale=en-US&ea.profile.id=0
Requested by
Host: secure.rif.org
URL: https://secure.rif.org/page/23117/donate/1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c8f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eac4de222932ec4ba3fd2ad97cb431d8b38b952bf0c67eaed839387563e74e27
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/page/23117/donate/1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:00:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/javascript
cf-ray
738ba9b9ae1a9150-FRA
enPage.js
secure.rif.org/pageassets/js/ 		179 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.rif.org/pageassets/js/enPage.js?v=4.0.0
Requested by
Host: secure.rif.org
URL: https://secure.rif.org/page/23117/donate/1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c8f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e7a57538b1dd4d08498f4b12d8ae39008768186789f8f033199698baa474302
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/page/23117/donate/1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:00:47 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 18 Jun 2022 02:13:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
strict-transport-security
max-age=15552000; includeSubDomains
cf-ray
738ba9b9ae1b9150-FRA
expires
Wed, 10 Aug 2022 21:30:47 GMT
RIF-Logo-Donatepage-Tag.png
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10030/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10030/RIF-Logo-Donatepage-Tag.png?v=1634337221000
Requested by
Host: secure.rif.org
URL: https://secure.rif.org/page/23117/donate/1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-213.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
71c57c93a633eb89926ae34091a8ab0bdfcedd2b62b6daaf2a0887170cb990a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 21:00:47 GMT
Last-Modified
Fri, 15 Oct 2021 22:33:42 GMT
X-Object-Meta-Enid
1634337221276
ETag
91caf2f92303e5d9457daa952ed92351
Content-Type
image/png
X-Timestamp
1634337221.47644
Cache-Control
public, max-age=848
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
70835
X-Trans-Id
tx4d24f4426d5c4810b6ee5-0062f41c7fiad3
Expires
Wed, 10 Aug 2022 21:14:55 GMT
js
www.googletagmanager.com/gtag/ 		129 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-820364726
Requested by
Host: secure.rif.org
URL: https://secure.rif.org/page/23117/donate/1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
35ca5ac1557d1878db01c75c11cca2b2ce7d99b423848a32f98eb45fdb7253d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:00:47 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50294
x-xss-protection
0
expires
Wed, 10 Aug 2022 21:00:47 GMT
mobile-page-generic.jpg
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10030/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10030/mobile-page-generic.jpg?v=1634320322000
Requested by
Host: secure.rif.org
URL: https://secure.rif.org/page/23117/donate/1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-213.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
36a5fe506e8355012868e414a2b9e756d87e4251f1d3ec3b057f2cf5be4b3bfc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 21:00:48 GMT
Last-Modified
Fri, 15 Oct 2021 17:52:03 GMT
X-Object-Meta-Enid
1634320321836
ETag
da298ec1f8e6f143efee40c800a4598d
Content-Type
image/jpeg
X-Timestamp
1634320322.06399
Cache-Control
public, max-age=841
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33048
X-Trans-Id
tx764c78d09c2446c7b560e-0062f41c7fiad3
Expires
Wed, 10 Aug 2022 21:14:49 GMT
Guidestar-badge-sm-v2.jpg
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10030/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10030/Guidestar-badge-sm-v2.jpg?v=1634331788000
Requested by
Host: secure.rif.org
URL: https://secure.rif.org/page/23117/donate/1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-213.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7a6bc9d09b6856a9077c3ee334c71ea1281784fe77065020c8da4c7728c6bdaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 21:00:47 GMT
Last-Modified
Fri, 15 Oct 2021 21:03:08 GMT
X-Object-Meta-Enid
1634331787727
ETag
fd35528f133f8e2a9173d16c448b9a56
Content-Type
image/jpeg
X-Timestamp
1634331787.93472
Cache-Control
public, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18438
X-Trans-Id
tx06243c3f77b4401885fdb-0062f41c7fiad3
Expires
Wed, 10 Aug 2022 21:15:47 GMT
Test-donate-image-3.png
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10030/ 		412 KB
412 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10030/Test-donate-image-3.png?v=1535552942000
Requested by
Host: secure.rif.org
URL: https://secure.rif.org/page/23117/donate/1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-213.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4c305ee0eede33c1a016abc07e24c49e7de6acdb0354c6da7f151c7aee5d2f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 21:00:47 GMT
Last-Modified
Wed, 29 Aug 2018 14:29:03 GMT
X-Object-Meta-Enid
1535552941804
ETag
9fcfd9d97773d60fbbcf713aed3bde87
Content-Type
image/png
X-Timestamp
1535552942.15153
Cache-Control
public, max-age=871
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
421896
X-Trans-Id
tx1603a4c6a06b425491ac1-0062f41c7fiad3
Expires
Wed, 10 Aug 2022 21:15:18 GMT
fbevents.js
connect.facebook.net/en_US/ 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: secure.rif.org
URL: https://secure.rif.org/page/23117/donate/1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e75555ca161f289d4830a84a1856b37a9cb0077f78af600fb47c67c135baa8fd
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26506
x-xss-protection
0
pragma
public
x-fb-debug
TwNZ6y+agVlnc7fqalInQc9TzJFFa/sj6S5lZPm6WeiZ3epQDKxMAoDdcAyujMZbccOSp3rNSQyrY4Rvo0m/SQ==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Wed, 10 Aug 2022 21:00:47 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		267 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBZQ6MF
Requested by
Host: secure.rif.org
URL: https://secure.rif.org/page/23117/donate/1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7110f0fbeaf807245291ae1ed535dd2bdf795346dbde7cba34830d71afbdfe24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:00:47 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80828
x-xss-protection
0
expires
Wed, 10 Aug 2022 21:00:47 GMT
B20633207.212615426;sz=1x2;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=
ad.doubleclick.net/ddm/adi/N9539.197812NSO.CODESRV/ Frame 034B 		26 B
631 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N9539.197812NSO.CODESRV/B20633207.212615426;sz=1x2;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?
Requested by
Host: secure.rif.org
URL: https://secure.rif.org/page/23117/donate/1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f6.1e100.net
Software
cafe /
Resource Hash
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.rif.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
23
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 21:00:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Desktop-Test-infographic-3.jpg
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10030/ 		242 KB
242 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10030/Desktop-Test-infographic-3.jpg?v=1634320530000
Requested by
Host: secure.rif.org
URL: https://secure.rif.org/page/23117/donate/1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-213.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
26792ed83019dafaa6c014605d5351f7ef4a976356f761f7c9564087375c3d63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 10 Aug 2022 21:00:48 GMT
Last-Modified
Fri, 15 Oct 2021 17:55:30 GMT
X-Object-Meta-Enid
1634320529167
ETag
009f029d58ddbdaf64787ba7fea8f67e
Content-Type
image/jpeg
X-Timestamp
1634320529.36676
Cache-Control
public, max-age=853
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
247583
X-Trans-Id
tx213e962d900d4b54b5068-0062f41c7fiad3
Expires
Wed, 10 Aug 2022 21:15:01 GMT
pagedata
secure.rif.org/page/23117/donate/1/ 		190 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.rif.org/page/23117/donate/1/pagedata
Requested by
Host: secure.rif.org
URL: https://secure.rif.org/pageassets/js/enPage.js?v=4.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c8f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45408a1abe0c4fb0c8c69f63e1b86df282b2838628884ab3170f4a12b51b3af0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
application/json, text/javascript
Referer
https://secure.rif.org/page/23117/donate/1
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 10 Aug 2022 21:00:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/json
cf-ray
738ba9bdec6d9150-FRA
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/820364726/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820364726/?random=1660165247872&cv=11&fst=1660165247872&bg=ffffff&guid=ON&async=1&gtm=2oa880&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsecure.rif.org%2Fpage%2F23117%2Fdonate%2F1&tiba=Give%20Today%20-%20Reading%20Is%20Fundamental&auid=252141541.1660165248&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-820364726
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e40df6407d629f80d22131018a69a9d0df2ab03bbdb5e95f4b748d55f5dcc299
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 21:00:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
984
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3527727-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
7127
date
Wed, 10 Aug 2022 19:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 10 Aug 2022 21:02:00 GMT
372177719907265
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/372177719907265?v=2.9.73&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2109dee66fc4dd51c5c66ca12faae33a52b993de46ada380fc6989653dc65f72
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85879
x-xss-protection
0
pragma
public
x-fb-debug
NH4rF64jQ26Ft89mPVw0FWDvn1KfCd3PsZocnNFAJqu7dwm8OpEBHm/4LcEqR2Z/zLyAnzz9j0B8e2qhnKwF1g==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 10 Aug 2022 21:00:47 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBZQ6MF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
de96459afc7ce2a214a50ab53803028a92dcbdde40621408e4638d484e7c344f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:00:47 GMT
content-encoding
gzip
etag
"jbwe3Q3ekqaoxOFJsLLUPw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 17 Aug 2022 21:00:47 GMT
container.js
tags.wdsvc.net/
Redirect Chain
  • https://tags.wdsvc.net/controller.js?id=100250
  • https://tags.wdsvc.net/container.js?id=100250&v=4.00&t=1660165248226
27 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.wdsvc.net/container.js?id=100250&v=4.00&t=1660165248226
Requested by
Host: secure.rif.org
URL: https://secure.rif.org/page/23117/donate/1
Protocol
HTTP/1.1
Server
52.55.9.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-9-32.compute-1.amazonaws.com
Software
/
Resource Hash
286b2852ccc2bdbc65b8a6373cbad252da7eb9a806c7f39905466f575fe742f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Aug 2022 21:00:48 GMT
Content-Type
text/javascript
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Content-length
27425
Expires
Mon, 3 Jan 2005 13:00:00 GMT

Redirect headers

location
https://tags.wdsvc.net/container.js?id=100250&v=4.00&t=1660165248226
Date
Wed, 10 Aug 2022 21:00:48 GMT
Cache-Control
private, no-cache
Connection
keep-alive
Keep-Alive
timeout=5
Transfer-Encoding
chunked
2270407976583976
connect.facebook.net/signals/config/ 		292 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2270407976583976?v=2.9.73&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
981ae7c022ab43c6154903ef4c240599cf617cb9e341d9c62f75ad413b102024
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85832
x-xss-protection
0
pragma
public
x-fb-debug
LxH1kSRIUbBsvczdiI89WWzQGiHENMeU3MJQ1Wt9VvuR5uJCrrSs0yuWL/TBTrUOYwtnMAw/+BnC7QjxPdafhA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 10 Aug 2022 21:00:47 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=372177719907265&ev=PageView&dl=https%3A%2F%2Fsecure.rif.org%2Fpage%2F23117%2Fdonate%2F1&rl=&if=false&ts=1660165247929&sw=1600&sh=1200&v=2.9.73&r=stable&ec=0&o=30&fbp=fb.1.1660165247928.1061986856&it=1660165247891&coo=false&rqm=GET
Requested by
Host: secure.rif.org
URL: https://secure.rif.org/page/23117/donate/1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:00:47 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 10 Aug 2022 21:00:47 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=372177719907265&ev=Lead&dl=https%3A%2F%2Fsecure.rif.org%2Fpage%2F23117%2Fdonate%2F1&rl=&if=false&ts=1660165247930&sw=1600&sh=1200&v=2.9.73&r=stable&ec=1&o=30&fbp=fb.1.1660165247928.1061986856&it=1660165247891&coo=false&rqm=GET
Requested by
Host: secure.rif.org
URL: https://secure.rif.org/page/23117/donate/1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:00:47 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 10 Aug 2022 21:00:47 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=111640358&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.rif.org%2Fpage%2F23117%2Fdonate%2F1&ul=en-us&de=windows-1252&dt=Give%20Today%20-%20Reading%20Is%20Fundamental&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=493209977&gjid=600390256&cid=866883965.1660165248&tid=UA-3527727-1&_gid=668268365.1660165248&_r=1&gtm=2ou880&z=1754586373
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.rif.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 21:00:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.rif.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=111640358&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.rif.org%2Fpage%2F23117%2Fdonate%2F1&ul=en-us&de=windows-1252&dt=Give%20Today%20-%20Reading%20Is%20Fundamental&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACUABBAAAAC~&jid=1449533253&gjid=155063158&cid=866883965.1660165248&tid=UA-3527727-1&_gid=668268365.1660165248&_r=1&gtm=2wg880TBZQ6MF&z=1324492421
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.rif.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 21:00:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.rif.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=111640358&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsecure.rif.org%2Fpage%2F23117%2Fdonate%2F1&ul=en-us&de=windows-1252&dt=Give%20Today%20-%20Reading%20Is%20Fundamental&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=false&ea=undefined&_u=YGDACUABBAAAAC~&jid=&gjid=&cid=866883965.1660165248&tid=UA-3527727-1&_gid=668268365.1660165248&gtm=2wg880TBZQ6MF&z=1912803171
Requested by
Host: secure.rif.org
URL: https://secure.rif.org/page/23117/donate/1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 03:12:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
64110
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/820364726/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/820364726/?random=1660165247872&cv=11&fst=1660165200000&bg=ffffff&guid=ON&async=1&gtm=2oa880&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.rif.org%2Fpage%2F23117%2Fdonate%2F1&tiba=Give%20Today%20-%20Reading%20Is%20Fundamental&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1621645789&rmt_tld=0&ipr=y
Requested by
Host: secure.rif.org
URL: https://secure.rif.org/page/23117/donate/1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 21:00:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/820364726/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/820364726/?random=1660165247872&cv=11&fst=1660165200000&bg=ffffff&guid=ON&async=1&gtm=2oa880&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsecure.rif.org%2Fpage%2F23117%2Fdonate%2F1&tiba=Give%20Today%20-%20Reading%20Is%20Fundamental&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1621645789&rmt_tld=1&ipr=y
Requested by
Host: secure.rif.org
URL: https://secure.rif.org/page/23117/donate/1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 21:00:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2270407976583976&ev=PageView&dl=https%3A%2F%2Fsecure.rif.org%2Fpage%2F23117%2Fdonate%2F1&rl=&if=false&ts=1660165247967&sw=1600&sh=1200&v=2.9.73&r=stable&ec=0&o=30&fbp=fb.1.1660165247928.1061986856&it=1660165247891&coo=false&rqm=GET
Requested by
Host: secure.rif.org
URL: https://secure.rif.org/page/23117/donate/1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:00:47 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 10 Aug 2022 21:00:47 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3527727-1&cid=866883965.1660165248&jid=1449533253&gjid=155063158&_gid=668268365.1660165248&_u=YGDACUABBAAAAC~&z=702489837
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.rif.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 10 Aug 2022 21:00:48 GMT
content-type
text/plain
access-control-allow-origin
https://secure.rif.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3527727-1&cid=866883965.1660165248&jid=493209977&gjid=600390256&_gid=668268365.1660165248&_u=YEBAAUAAAAAAAC~&z=283939420
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.rif.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 10 Aug 2022 21:00:48 GMT
content-type
text/plain
access-control-allow-origin
https://secure.rif.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-qP_807V-WznTa.js
rules.quantcount.com/ 		2 B
354 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-qP_807V-WznTa.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 20:09:25 GMT
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
server
AmazonS3
age
3082
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-C1
content-length
2
x-amz-cf-id
8z7SwP6nM8vt0-BEjzCxUh3r-40b5WrYgZa9oh0JezTILgafXzmOTQ==
pixel;r=344864218;source=gtm;rf=0;a=p-qP_807V-WznTa;url=https%3A%2F%2Fsecure.rif.org%2Fpage%2F23117%2Fdonate%2F1;uht=2;fpan=1;fpa=P0-1644567884-1660165248046;pbc=;ns=0;ce=1;qjs=1;qv=ae608f52-202208...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=344864218;source=gtm;rf=0;a=p-qP_807V-WznTa;url=https%3A%2F%2Fsecure.rif.org%2Fpage%2F23117%2Fdonate%2F1;uht=2;fpan=1;fpa=P0-1644567884-1660165248046;pbc=;ns=0;ce=1;qjs=1;qv=ae608f52-20220808163238;cm=;gdpr=0;ref=;d=rif.org;dst=0;et=1660165248046;tzo=0;ogl=title.Join%20me%20in%20inspiring%20children%20to%20read!%2Cdescription.I%20just%20gave%20to%20Reading%20Is%20Fundamental%20to%20inspire%20readers%20and%20create%20bright%20futur%2Cimage.https%3A%2F%2Facb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a%252Essl%252Ecf5%252Erackcdn%252Eco%2Curl.https%3A%2F%2Fsecure%252Erif%252Eorg%2Fpage%2F23117%2Fdonate%2F1%3Flocale%3Den-US
Requested by
Host: secure.rif.org
URL: https://secure.rif.org/page/23117/donate/1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 21:00:48 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=372177719907265&ev=Microdata&dl=https%3A%2F%2Fsecure.rif.org%2Fpage%2F23117%2Fdonate%2F1&rl=&if=false&ts=1660165248435&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Give%20Today%20-%20Reading%20Is%20Fundamental%22%2C%22meta%3Adescription%22%3A%22I%20just%20gave%20to%20Reading%20Is%20Fundamental%20to%20inspire%20readers%20and%20create%20bright%20futures.%20Join%20me%20ensuring%20that%20every%20child%20has%20the%20opportunities%20that%20literacy%20provides.%20Give%20today%3A%20rif.org%2Fdonate%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Join%20me%20in%20inspiring%20children%20to%20read!%22%2C%22og%3Adescription%22%3A%22I%20just%20gave%20to%20Reading%20Is%20Fundamental%20to%20inspire%20readers%20and%20create%20bright%20futures.%20Join%20me%20ensuring%20that%20every%20child%20has%20the%20opportunities%20that%20literacy%20provides.%20Give%20today%3A%20rif.org%2Fdonate%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Facb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com%2F10030%2FShare-image.jpg%3Fv%3D1611164914000%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsecure.rif.org%2Fpage%2F23117%2Fdonate%2F1%3Flocale%3Den-US%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.73&r=stable&ec=2&o=30&fbp=fb.1.1660165247928.1061986856&it=1660165247891&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: secure.rif.org
URL: https://secure.rif.org/page/23117/donate/1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:00:48 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 10 Aug 2022 21:00:48 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2270407976583976&ev=Microdata&dl=https%3A%2F%2Fsecure.rif.org%2Fpage%2F23117%2Fdonate%2F1&rl=&if=false&ts=1660165248472&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Give%20Today%20-%20Reading%20Is%20Fundamental%22%2C%22meta%3Adescription%22%3A%22I%20just%20gave%20to%20Reading%20Is%20Fundamental%20to%20inspire%20readers%20and%20create%20bright%20futures.%20Join%20me%20ensuring%20that%20every%20child%20has%20the%20opportunities%20that%20literacy%20provides.%20Give%20today%3A%20rif.org%2Fdonate%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Join%20me%20in%20inspiring%20children%20to%20read!%22%2C%22og%3Adescription%22%3A%22I%20just%20gave%20to%20Reading%20Is%20Fundamental%20to%20inspire%20readers%20and%20create%20bright%20futures.%20Join%20me%20ensuring%20that%20every%20child%20has%20the%20opportunities%20that%20literacy%20provides.%20Give%20today%3A%20rif.org%2Fdonate%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Facb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com%2F10030%2FShare-image.jpg%3Fv%3D1611164914000%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsecure.rif.org%2Fpage%2F23117%2Fdonate%2F1%3Flocale%3Den-US%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.73&r=stable&ec=1&o=30&fbp=fb.1.1660165247928.1061986856&it=1660165247891&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: secure.rif.org
URL: https://secure.rif.org/page/23117/donate/1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 21:00:48 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 10 Aug 2022 21:00:48 GMT
/
tags.wdsvc.net/tpc-eval/ 		21 B
284 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.wdsvc.net/tpc-eval/?lid=182898f5544-tags3-57a46679f3dbf
Requested by
Host: tags.wdsvc.net
URL: https://tags.wdsvc.net/controller.js?id=100250
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.55.9.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-9-32.compute-1.amazonaws.com
Software
/
Resource Hash
b0e70b299ab9c122ad93531fa8e5309833baecd53dd55c992c538f8b33bfa22d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 10 Aug 2022 21:00:48 GMT
Content-Type
text/javascript
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Content-length
21
Expires
Mon, 3 Jan 2005 13:00:00 GMT
post-log
tags.wdsvc.net/ 		0
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.wdsvc.net/post-log?v=4.00&amp;t=1660165248324
Requested by
Host: tags.wdsvc.net
URL: https://tags.wdsvc.net/controller.js?id=100250
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.55.9.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-9-32.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.rif.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://secure.rif.org
Date
Wed, 10 Aug 2022 21:00:50 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=5
Content-length
0
Content-Type
text/html
/
insight.adsrvr.org/track/evnt/ 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/evnt/?adv=ogsckzo&ct=0:ehjfo0o&fmt=3&td1=182898f5544-tags3-57a46679f3dbf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 21:00:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
insight.adsrvr.org/track/conv/ 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/conv/?adv=ogsckzo&ct=0:wd9zscb&fmt=3&orderid=&vf=&v=&td1=182898f5544-tags3-57a46679f3dbf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 21:00:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
insight.adsrvr.org/track/conv/ 		70 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/conv/?adv=ogsckzo&ct=0:wmj083b&fmt=3&orderid=&vf=&v=&td1=182898f5544-tags3-57a46679f3dbf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.rif.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 21:00:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| fbq function| _fbq object| dataLayer function| gtag object| pageJson object| EngagingNetworks function| extendable string| val object| google_tag_manager object| google_tag_data object| GooglebQhCsO string| GoogleAnalyticsObject function| ga object| _qevents function| onWindow function| onWindowLeave function| onYouTubeIframeAPIReady function| getSelectionText object| gaplugins object| gaGlobal object| gaData function| quantserve function| __qc object| ezt object| _qoptions function| qtrack string| queryStringSeparator object| WDSMemberConfig object| WDSConfig number| timeout boolean| tpc_present

19 Cookies

Domain/Path Name / Value
secure.rif.org/page Name: JSESSIONID
Value: M2zSycCbGobUI559w6g8GRAriiz2YgfMkTQ_MFdi.use2-prd-web2
.rif.org/page Name: en_sessionId
Value: 8b4e675ae4af4059bd9556e424534b8c-use2-prd-web2
us.engagingnetworks.app/ Name: AWSALB
Value: aYb4veUmttsZz4MKSXccEAILjayRAl4mR7bKcsRuMz/L+HYj+KaKG21y6n+GifLFg+MTcW95dKeDVLuJvxTpTJQf5vCJn0isOb2ATfD3V1IwZv44guMNNM5LdGkr
us.engagingnetworks.app/ Name: AWSALBCORS
Value: aYb4veUmttsZz4MKSXccEAILjayRAl4mR7bKcsRuMz/L+HYj+KaKG21y6n+GifLFg+MTcW95dKeDVLuJvxTpTJQf5vCJn0isOb2ATfD3V1IwZv44guMNNM5LdGkr
secure.rif.org/ Name: AWSALB
Value: pg1MjK0bHpSsbESByh5gANtzGhx8JMV+6Ho14NbDpur5DXv9ehEWjwFsQV0o/cWEZVAwcwalDONTr3EG0WPppyyaNfKakgFTTIWCFEFB1F62zPw5WCJSLbtadLXZ
secure.rif.org/ Name: AWSALBCORS
Value: pg1MjK0bHpSsbESByh5gANtzGhx8JMV+6Ho14NbDpur5DXv9ehEWjwFsQV0o/cWEZVAwcwalDONTr3EG0WPppyyaNfKakgFTTIWCFEFB1F62zPw5WCJSLbtadLXZ
.rif.org/ Name: _gcl_au
Value: 1.1.252141541.1660165248
.rif.org/ Name: _fbp
Value: fb.1.1660165247928.1061986856
.doubleclick.net/ Name: IDE
Value: AHWqTUm_2yrJyPBJLA96stCnFJHfveyDu3WsFwTJYxvQSrfzGNLKeC_RBJJm-exf
.rif.org/ Name: _ga
Value: GA1.2.866883965.1660165248
.rif.org/ Name: _gid
Value: GA1.2.668268365.1660165248
.rif.org/ Name: _gat_gtag_UA_3527727_1
Value: 1
.rif.org/ Name: _gat_UA-3527727-1
Value: 1
.quantserve.com/ Name: mc
Value: 62f41c80-111b4-b0775-d6333
.rif.org/ Name: __qca
Value: P0-1644567884-1660165248046
.wdsvc.net/ Name: _wdTest
Value: accept
.wdsvc.net/ Name: wds_random
Value: 2022-08-10T21:00:48.226Z~2022-08-10T21:00:48.226Z|1541817688341951|85|
.rif.org/ Name: wds_random
Value: 2022-08-10T21:00:48.226Z~2022-08-10T21:00:48.226Z|1541817688341951|85|
.rif.org/ Name: __WDS1
Value: %7B%22da_100250%22%3A%7B%22hu%22%3A%222022-08-10T21%3A00%3A50.494Z%22%7D%7D

5 Console Messages

Source Level URL
Text
network error URL: https://secure.rif.org/page/11243/campaigner/0/pagedata.js?locale=en-US
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://secure.rif.org/ea-demo/frontend/pbAssets/build/css/enPage.css?v=3.45.0
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://secure.rif.org/ea-demo/frontend/pbAssets/build/js/enPage.js?v=3.45.0
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.rif.org/sites/all/themes/custom/rif2018/build/fonts/Branding-Semibold.css
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://secure.rif.org/page/23117/donate/1
Message:
Refused to execute script from 'https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10030/Test-donate-image-3.png?v=1535552942000' because its MIME type ('image/png') is not executable.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com
ad.doubleclick.net
cloud.typography.com
connect.facebook.net
googleads.g.doubleclick.net
insight.adsrvr.org
pixel.quantserve.com
rules.quantcount.com
secure.quantserve.com
secure.rif.org
stats.g.doubleclick.net
tags.wdsvc.net
us.engagingnetworks.app
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.rif.org
15.197.193.217
172.217.16.198
2001:4860:4802:38::178
23.35.236.213
2600:9000:206f:c000:6:44e3:f8c0:93a1
2606:4700::6810:c8f3
2606:4700::6810:c9f3
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:808::2002
2a00:1450:4001:808::2004
2a00:1450:4001:809::2003
2a00:1450:4001:82a::2008
2a00:1450:400c:c00::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.71.141.128
52.55.9.32
96.16.137.109
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
2109dee66fc4dd51c5c66ca12faae33a52b993de46ada380fc6989653dc65f72
26792ed83019dafaa6c014605d5351f7ef4a976356f761f7c9564087375c3d63
286b2852ccc2bdbc65b8a6373cbad252da7eb9a806c7f39905466f575fe742f4
35ca5ac1557d1878db01c75c11cca2b2ce7d99b423848a32f98eb45fdb7253d1
36a5fe506e8355012868e414a2b9e756d87e4251f1d3ec3b057f2cf5be4b3bfc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45408a1abe0c4fb0c8c69f63e1b86df282b2838628884ab3170f4a12b51b3af0
4c305ee0eede33c1a016abc07e24c49e7de6acdb0354c6da7f151c7aee5d2f90
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7110f0fbeaf807245291ae1ed535dd2bdf795346dbde7cba34830d71afbdfe24
71c57c93a633eb89926ae34091a8ab0bdfcedd2b62b6daaf2a0887170cb990a6
7a6bc9d09b6856a9077c3ee334c71ea1281784fe77065020c8da4c7728c6bdaf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e7a57538b1dd4d08498f4b12d8ae39008768186789f8f033199698baa474302
981ae7c022ab43c6154903ef4c240599cf617cb9e341d9c62f75ad413b102024
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a18290cf43c58bfc0729ab5273a9af692cdc2669b5b494343d145ef777fe0636
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3164c6a1238073e973cf4b7d73c539736de5933498279bb75a501dce944ff96
b0e70b299ab9c122ad93531fa8e5309833baecd53dd55c992c538f8b33bfa22d
c88349a1d727cb458eecf958532d66669368e3db9ca77d15fe39b9a2fb22185f
d09d85c893ea5776e660ca75501d93a4455e441173653bb0a86a17c3ecc19169
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de96459afc7ce2a214a50ab53803028a92dcbdde40621408e4638d484e7c344f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40df6407d629f80d22131018a69a9d0df2ab03bbdb5e95f4b748d55f5dcc299
e75555ca161f289d4830a84a1856b37a9cb0077f78af600fb47c67c135baa8fd
eac4de222932ec4ba3fd2ad97cb431d8b38b952bf0c67eaed839387563e74e27
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2e53e56c4c3f42d0f7654ddedfa5cb642a4c2a6389435c6e4ae65fbfafd9f12
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623