urlscan.io logo urlscan.io
SecurityTrails logo

support.savethechildren.org Open in urlscan Pro
74.123.154.123  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://e.savethechildren.org/a/hBi8Z--B8yKeXB962GbAAysnJBs/img?d_refcode_singleseg=New_Leads
Effective URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentuck...
Submission: On August 09 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 106 IPs in 11 countries across 92 domains to perform 313 HTTP transactions. The main IP is 74.123.154.123, located in United States and belongs to BLACKBAUD-ASN, US. The main domain is support.savethechildren.org. The Cisco Umbrella rank of the primary domain is 410251.
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on February 3rd 2022. Valid for: a year.
This is the only time support.savethechildren.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.134.222.124 53316 (ASN-CHEET...)
44 74.123.154.123 15148 (BLACKBAUD...)
20 2600:9000:249... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
16 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 13.32.99.116 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
5 52.222.236.47 16509 (AMAZON-02)
2 2600:9000:225... 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
2 6 52.51.11.49 16509 (AMAZON-02)
1 108.138.17.116 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 34.120.195.249 396982 (GOOGLE-CL...)
1 208.113.174.133 26347 (DREAMHOST-AS)
1 54.154.150.117 16509 (AMAZON-02)
4 13.36.218.177 16509 (AMAZON-02)
1 1 34.248.32.199 16509 (AMAZON-02)
1 54.229.84.199 16509 (AMAZON-02)
2 52.218.241.88 16509 (AMAZON-02)
3 2400:52e0:1e0... 200325 (BUNNYCDN)
4 2a00:1450:400... 15169 (GOOGLE)
2 4 142.250.186.70 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2a02:2638:1::3 44788 (ASN-CRITE...)
2 2600:9000:223... 16509 (AMAZON-02)
1 32 52.46.128.147 16509 (AMAZON-02)
1 34.98.72.238 15169 (GOOGLE)
1 3 2606:4700:440... 13335 (CLOUDFLAR...)
2 52.41.199.196 16509 (AMAZON-02)
1 4 52.55.9.32 14618 (AMAZON-AES)
1 108.138.15.119 16509 (AMAZON-02)
1 54.69.255.140 16509 (AMAZON-02)
1 2 151.101.130.132 54113 (FASTLY)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
2 18.66.112.59 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
5 6 2a02:2638::1c 44788 (ASN-CRITE...)
1 142.250.184.194 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f11... 32934 (FACEBOOK)
2 35.156.167.229 16509 (AMAZON-02)
1 178.250.2.146 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 18.194.248.163 16509 (AMAZON-02)
5 192.229.221.25 15133 (EDGECAST)
1 100.20.4.138 16509 (AMAZON-02)
1 1 104.18.32.107 13335 (CLOUDFLAR...)
4 5 37.252.173.22 29990 (ASN-APPNEX)
2 2620:1ec:27::... 8075 (MICROSOFT...)
1 1 178.250.2.151 44788 (ASN-CRITE...)
1 74.119.119.150 19750 (AS-CRITEO)
1 2 64.4.245.84 17012 (PAYPAL)
1 1 3.64.108.197 16509 (AMAZON-02)
2 2 104.18.19.126 13335 (CLOUDFLAR...)
2 3 18.193.255.74 16509 (AMAZON-02)
1 1 104.111.215.191 16625 (AKAMAI-AS)
2 3 18.156.0.31 16509 (AMAZON-02)
2 2 3.127.113.46 16509 (AMAZON-02)
2 2600:1f18:612... 14618 (AMAZON-AES)
1 212.82.100.182 34010 (YAHOO-IRD)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 2.16.186.10 20940 (AKAMAI-ASN1)
1 1 52.222.237.72 16509 (AMAZON-02)
2 52.214.253.121 16509 (AMAZON-02)
1 54.225.217.42 14618 (AMAZON-AES)
1 188.65.124.66 41690 (DAILYMOTI...)
1 1 3.209.91.249 14618 (AMAZON-AES)
1 2 69.173.144.139 26667 (RUBICONPR...)
1 1 34.98.67.61 15169 (GOOGLE)
2 2 37.157.4.39 198622 (ADFORM)
2 2 185.94.180.125 35220 (SPOTX-AMS)
1 1 18.158.183.134 16509 (AMAZON-02)
1 1 3.74.200.12 16509 (AMAZON-02)
3 3 142.250.185.194 15169 (GOOGLE)
1 1 54.166.21.101 14618 (AMAZON-AES)
2 2 13.32.121.37 16509 (AMAZON-02)
1 35.244.159.8 15169 (GOOGLE)
1 2 104.18.18.126 13335 (CLOUDFLAR...)
2 2 77.243.60.138 42697 (NETIC-AS)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 1 69.173.144.165 26667 (RUBICONPR...)
1 54.78.254.47 16509 (AMAZON-02)
1 1 104.237.150.96 63949 (LINODE-AP...)
1 198.47.127.19 3257 (GTT-BACKB...)
1 2 141.226.228.48 200478 (TABOOLA-AS)
1 2a04:4e42:200... 54113 (FASTLY)
2 35.81.173.170 16509 (AMAZON-02)
3 52.184.204.244 8075 (MICROSOFT...)
1 34.212.4.35 16509 (AMAZON-02)
4 15 15.197.193.217 16509 (AMAZON-02)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 199.232.136.157 54113 (FASTLY)
1 2.21.185.80 16625 (AKAMAI-AS)
5 18.66.139.91 16509 (AMAZON-02)
1 108.138.7.19 16509 (AMAZON-02)
1 34.225.35.161 14618 (AMAZON-AES)
2 66.155.71.25 ()
2 178.250.0.163 44788 (ASN-CRITE...)
2 2 18.157.110.213 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 2 54.76.86.227 16509 (AMAZON-02)
1 92.123.38.97 16625 (AKAMAI-AS)
1 18.185.150.140 16509 (AMAZON-02)
3 70.42.32.223 22075 (AS-OUTBRAIN)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 18.196.249.194 16509 (AMAZON-02)
1 185.86.139.106 201081 (SMARTADSE...)
1 104.96.128.226 16625 (AKAMAI-AS)
1 76.223.111.18 16509 (AMAZON-02)
2 104.103.102.147 16625 (AKAMAI-AS)
1 37.157.4.25 198622 (ADFORM)
1 185.255.84.153 200271 (IGUANE-)
1 141.95.98.65 16276 (OVH)
2 2 52.55.204.85 14618 (AMAZON-AES)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
1 2 35.186.194.101 15169 (GOOGLE)
1 85.215.5.31 6786 (CRONON-BE...)
1 2 18.185.197.79 16509 (AMAZON-02)
1 1 37.252.172.123 29990 (ASN-APPNEX)
4 18.66.22.149 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
1 104.244.42.5 13414 (TWITTER)
1 104.244.42.195 13414 (TWITTER)
1 3.128.220.23 16509 (AMAZON-02)
313 106
1    67.134.222.124 (Malden, United States)

ASN53316 (ASN-CHEETA-MAIL, US)
e.savethechildren.org
44    74.123.154.123 (United States)

ASN15148 (BLACKBAUD-ASN, US)
PTR: cluster3.convio.net
support.savethechildren.org
20    2600:9000:2491:ba00:12:b144:100:21 (United States)

ASN16509 (AMAZON-02, US)
dx2eq2oh924g4.cloudfront.net
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
16    2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
2    2a02:26f0:1700:11::b856:6785 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consent.cookiebot.com
1    13.32.99.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-116.fra60.r.cloudfront.net
www.savethechildren.org
4    2a00:1450:400c:c0c::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
pay.google.com
5    52.222.236.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-47.fra56.r.cloudfront.net
js.braintreegateway.com
2    2600:9000:225e:ca00:14:6bfc:5740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.ywxi.net
1    2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
6    52.51.11.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-11-49.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    108.138.17.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-116.fra56.r.cloudfront.net
cdn.decibelinsight.net
4    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a02:26f0:3500:886::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consentcdn.cookiebot.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o69911.ingest.sentry.io
1    208.113.174.133 (United States)

ASN26347 (DREAMHOST-AS, US)
PTR: files.savethechildren.org
files.savethechildren.org
1    54.154.150.117 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-150-117.eu-west-1.compute.amazonaws.com
stc.demdex.net
4    13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
smetrics.savethechildren.org
1    34.248.32.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-32-199.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    54.229.84.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-84-199.eu-west-1.compute.amazonaws.com
savethechildrenfeder.tt.omtrdc.net
2    52.218.241.88 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com
3    2400:52e0:1e01::883:1 (Slovenia)

ASN200325 (BUNNYCDN, DE)
a.opmnstr.com
a.omappapi.com
4    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
10657097.fls.doubleclick.net
4853738.fls.doubleclick.net
2    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2600:9000:223d:dc00:9:7c30:be80:21 (United States)

ASN16509 (AMAZON-02, US)
d1n00d49gkbray.cloudfront.net
32    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    34.98.72.238 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 238.72.98.34.bc.googleusercontent.com
www.dgtrx.com
3    2606:4700:4400::6812:230b (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    52.41.199.196 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-199-196.us-west-2.compute.amazonaws.com
app.leadsrx.com
4    52.55.9.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-9-32.compute-1.amazonaws.com
tags.wdsvc.net
1    108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net
js.adsrvr.org
1    54.69.255.140 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-255-140.us-west-2.compute.amazonaws.com
dx.mountain.com
2    151.101.130.132 (United States)

ASN54113 (FASTLY, US)
pt.ispot.tv
pi.ispot.tv
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
2    18.66.112.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-59.fra56.r.cloudfront.net
api.omappapi.com
3    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
www.googleadservices.com
13    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    35.156.167.229 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-167-229.eu-central-1.compute.amazonaws.com
payments.braintree-api.com
1    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
2    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
8    18.194.248.163 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-248-163.eu-central-1.compute.amazonaws.com
client-analytics.braintreegateway.com
5    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
c.paypal.com
1    100.20.4.138 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-100-20-4-138.us-west-2.compute.amazonaws.com
www.trustedsite.com
1    104.18.32.107 (None, )

ASN13335 (CLOUDFLARENET, US)
a4.tribalfusion.com
5    37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    2620:1ec:27::cafe:2277 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
widget.us.criteo.com
2    64.4.245.84 (United States)

ASN17012 (PAYPAL, US)
b.stats.paypal.com
dub.stats.paypal.com
1    3.64.108.197 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-108-197.eu-central-1.compute.amazonaws.com
aa.agkn.com
2    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
3    18.193.255.74 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-255-74.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com
3    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    3.127.113.46 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-113-46.eu-central-1.compute.amazonaws.com
t.myvisualiq.net
2    2600:1f18:612b:4216:68f0:5178:951f:deb4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
amazon.partners.tremorhub.com
criteo-partners.tremorhub.com
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
1    2.16.186.10 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-10.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    52.222.237.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-237-72.fra56.r.cloudfront.net
www.imdb.com
2    52.214.253.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-253-121.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    54.225.217.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-217-42.compute-1.amazonaws.com
usersync.samplicio.us
1    188.65.124.66 (France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-03-pub-prod-ix7.vip.dailymotion.com
public-prod-dspcookiematching.dmxleo.com
1    3.209.91.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-91-249.compute-1.amazonaws.com
ads.samba.tv
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    37.157.4.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    18.158.183.134 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-183-134.eu-central-1.compute.amazonaws.com
bs.serving-sys.com
1    3.74.200.12 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-200-12.eu-central-1.compute.amazonaws.com
lm.serving-sys.com
3    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
1    54.166.21.101 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-21-101.compute-1.amazonaws.com
usermatch.krxd.net
2    13.32.121.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net
sb.scorecardresearch.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
r.casalemedia.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadus.exelator.com
1    104.237.150.96 (Cedar Knolls, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: lciapi-ewr-06.ninthdecimal.com
lciapi.ninthdecimal.com
1    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
2    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
sync-t1.taboola.com
1    2a04:4e42:200::291 (United States)

ASN54113 (FASTLY, US)
c6.paypal.com
2    35.81.173.170 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-173-170.us-west-2.compute.amazonaws.com
px.mountain.com
3    52.184.204.244 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
n.clarity.ms
1    34.212.4.35 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-212-4-35.us-west-2.compute.amazonaws.com
gs.mountain.com
15    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2.21.185.80 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-185-80.deploy.static.akamaitechnologies.com
amplify.outbrain.com
5    18.66.139.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-91.fra60.r.cloudfront.net
nexus.ensighten.com
1    108.138.7.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-19.fra56.r.cloudfront.net
px.airpr.com
1    34.225.35.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-35-161.compute-1.amazonaws.com
track.securedvisit.com
2    66.155.71.25 (None, )

ASN- ()
pixel.sitescout.com
2    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    18.157.110.213 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-110-213.eu-central-1.compute.amazonaws.com
ih.adscale.de
1    2600:9000:223d:9c00:1b:832b:ac00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cotads.adscale.de
2    54.76.86.227 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-86-227.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    92.123.38.97 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-38-97.deploy.static.akamaitechnologies.com
contextual.media.net
1    18.185.150.140 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-150-140.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
3    70.42.32.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
tr.outbrain.com
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    18.196.249.194 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-249-194.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    185.86.139.106 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    104.96.128.226 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-128-226.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    104.103.102.147 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-102-147.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    185.255.84.153 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
1    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
2    52.55.204.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-204-85.compute-1.amazonaws.com
i.liadm.com
1    2600:1f18:ed:550a:be9:db47:5744:e7ff (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
2    35.186.194.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com
ad.sxp.smartclip.net
1    85.215.5.31 (Germany)

ASN6786 (CRONON-BERLIN-AS, DE)
a.twiago.com
2    18.185.197.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-197-79.eu-central-1.compute.amazonaws.com
dpx.airpr.com
1    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
4    18.66.22.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-22-149.vie50.r.cloudfront.net
d1eoo1tco6rr5e.cloudfront.net
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    3.128.220.23 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-128-220-23.us-east-2.compute.amazonaws.com
s.thebrighttag.com
Apex Domain
Subdomains		 Transfer
51 savethechildren.org
e.savethechildren.org
support.savethechildren.org — Cisco Umbrella Rank: 410251
www.savethechildren.org — Cisco Umbrella Rank: 525765
files.savethechildren.org
smetrics.savethechildren.org — Cisco Umbrella Rank: 976206
1003 KB
32 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 288
25 KB
26 cloudfront.net
dx2eq2oh924g4.cloudfront.net
d1n00d49gkbray.cloudfront.net
d1eoo1tco6rr5e.cloudfront.net
472 KB
21 google.com
pay.google.com — Cisco Umbrella Rank: 3621
play.google.com — Cisco Umbrella Rank: 50
adservice.google.com — Cisco Umbrella Rank: 98
www.google.com — Cisco Umbrella Rank: 10
395 KB
16 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1298
insight.adsrvr.org — Cisco Umbrella Rank: 619
match.adsrvr.org — Cisco Umbrella Rank: 381
6 KB
16 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 413
127 KB
13 braintreegateway.com
js.braintreegateway.com — Cisco Umbrella Rank: 7834
client-analytics.braintreegateway.com — Cisco Umbrella Rank: 7620
41 KB
11 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 401
mug.criteo.com — Cisco Umbrella Rank: 2755
sslwidget.criteo.com — Cisco Umbrella Rank: 1552
widget.us.criteo.com — Cisco Umbrella Rank: 15285
dis.criteo.com — Cisco Umbrella Rank: 699
15 KB
9 doubleclick.net
10657097.fls.doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
4853738.fls.doubleclick.net
5 KB
8 paypal.com
c.paypal.com — Cisco Umbrella Rank: 5474
b.stats.paypal.com — Cisco Umbrella Rank: 4928
dub.stats.paypal.com — Cisco Umbrella Rank: 21742
c6.paypal.com — Cisco Umbrella Rank: 6285
42 KB
8 gstatic.com
fonts.gstatic.com
www.gstatic.com
164 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 547
n.clarity.ms — Cisco Umbrella Rank: 5450
c.clarity.ms — Cisco Umbrella Rank: 996
26 KB
7 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 188
stc.demdex.net — Cisco Umbrella Rank: 929856
9 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 238
secure.adnxs.com — Cisco Umbrella Rank: 462
6 KB
5 ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 2503
13 KB
4 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 2020
sync.outbrain.com — Cisco Umbrella Rank: 686
tr.outbrain.com — Cisco Umbrella Rank: 1817
4 KB
4 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 277
cms.analytics.yahoo.com — Cisco Umbrella Rank: 774
1003 B
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 453
r.casalemedia.com — Cisco Umbrella Rank: 713
4 KB
4 omappapi.com
a.omappapi.com — Cisco Umbrella Rank: 4931
api.omappapi.com — Cisco Umbrella Rank: 5093
14 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 351
c.bing.com — Cisco Umbrella Rank: 195
13 KB
4 mountain.com
dx.mountain.com — Cisco Umbrella Rank: 6730
px.mountain.com — Cisco Umbrella Rank: 6602
gs.mountain.com — Cisco Umbrella Rank: 12709
8 KB
4 wdsvc.net
tags.wdsvc.net — Cisco Umbrella Rank: 30083
28 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 804
s.tribalfusion.com — Cisco Umbrella Rank: 2199
a4.tribalfusion.com — Cisco Umbrella Rank: 34203
4 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
227 KB
3 liadm.com
i.liadm.com — Cisco Umbrella Rank: 576
i6.liadm.com — Cisco Umbrella Rank: 1609
1 KB
3 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 1323
cotads.adscale.de — Cisco Umbrella Rank: 2588
1 KB
3 airpr.com
px.airpr.com — Cisco Umbrella Rank: 13691
dpx.airpr.com — Cisco Umbrella Rank: 10694
3 KB
3 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 869
image6.pubmatic.com — Cisco Umbrella Rank: 636
simage2.pubmatic.com — Cisco Umbrella Rank: 610
616 B
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 603
cm.adform.net — Cisco Umbrella Rank: 1657
1 KB
3 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 326
token.rubiconproject.com — Cisco Umbrella Rank: 707
892 B
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 502
usermatch.krxd.net — Cisco Umbrella Rank: 1229
833 B
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 292
2 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 8117
www.google.de — Cisco Umbrella Rank: 5596
1 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
415 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
40 KB
3 cookiebot.com
consent.cookiebot.com — Cisco Umbrella Rank: 4454
consentcdn.cookiebot.com — Cisco Umbrella Rank: 5153
87 KB
2 smartclip.net
ad.sxp.smartclip.net — Cisco Umbrella Rank: 2757
873 B
2 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 1340
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 649
854 B
2 sitescout.com
pixel.sitescout.com
191 B
2 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 933
sync-t1.taboola.com — Cisco Umbrella Rank: 1048
266 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1069
1 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 145
543 B
2 serving-sys.com
bs.serving-sys.com — Cisco Umbrella Rank: 1037
lm.serving-sys.com — Cisco Umbrella Rank: 1755
778 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 516
1 KB
2 tremorhub.com
amazon.partners.tremorhub.com — Cisco Umbrella Rank: 4918
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2996
365 B
2 myvisualiq.net
t.myvisualiq.net — Cisco Umbrella Rank: 1628
1 KB
2 braintree-api.com
payments.braintree-api.com — Cisco Umbrella Rank: 9588
2 KB
2 ispot.tv
pt.ispot.tv — Cisco Umbrella Rank: 1811
pi.ispot.tv — Cisco Umbrella Rank: 2118
610 B
2 leadsrx.com
app.leadsrx.com — Cisco Umbrella Rank: 9352
19 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
111 KB
2 amazonaws.com
s3-us-west-2.amazonaws.com
2 KB
2 ywxi.net
cdn.ywxi.net — Cisco Umbrella Rank: 9076
13 KB
1 thebrighttag.com
s.thebrighttag.com — Cisco Umbrella Rank: 1303
268 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 506
355 B
1 t.co
t.co — Cisco Umbrella Rank: 445
338 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 309
98 B
1 twiago.com
a.twiago.com — Cisco Umbrella Rank: 14684
153 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 541
1 KB
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1273
235 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 411
140 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 1422
172 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 605
163 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 521
35 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1184
40 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 526
785 B
1 securedvisit.com
track.securedvisit.com — Cisco Umbrella Rank: 4941
24 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 609
15 KB
1 ninthdecimal.com
lciapi.ninthdecimal.com — Cisco Umbrella Rank: 2774
612 B
1 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 1072
324 B
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 396
304 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 925
634 B
1 samba.tv
ads.samba.tv — Cisco Umbrella Rank: 4961
417 B
1 dmxleo.com
public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 1801
122 B
1 samplicio.us
usersync.samplicio.us — Cisco Umbrella Rank: 2123
263 B
1 imdb.com
www.imdb.com — Cisco Umbrella Rank: 2073
915 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 628
758 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 1478
391 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 508
460 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 451
487 B
1 trustedsite.com
www.trustedsite.com — Cisco Umbrella Rank: 14533
949 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 125
15 KB
1 dgtrx.com
www.dgtrx.com — Cisco Umbrella Rank: 977713
18 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 627
14 KB
1 opmnstr.com
a.opmnstr.com — Cisco Umbrella Rank: 19611
55 KB
1 omtrdc.net
savethechildrenfeder.tt.omtrdc.net — Cisco Umbrella Rank: 922192
729 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 816
517 B
1 sentry.io
o69911.ingest.sentry.io
285 B
1 decibelinsight.net
cdn.decibelinsight.net — Cisco Umbrella Rank: 7172
75 KB
1 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 4315
20 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
2 KB
0 survata.com Failed
px.surveywall-api.survata.com Failed
313 92
Domain Requested by
44 support.savethechildren.org support.savethechildren.org
browser.sentry-cdn.com
32 s.amazon-adsystem.com 1 redirects support.savethechildren.org
s.amazon-adsystem.com
20 dx2eq2oh924g4.cloudfront.net support.savethechildren.org
dx2eq2oh924g4.cloudfront.net
16 assets.adobedtm.com support.savethechildren.org
assets.adobedtm.com
14 insight.adsrvr.org 4 redirects support.savethechildren.org
js.adsrvr.org
d1eoo1tco6rr5e.cloudfront.net
13 play.google.com www.gstatic.com
8 client-analytics.braintreegateway.com browser.sentry-cdn.com
6 gum.criteo.com 5 redirects static.criteo.net
6 dpm.demdex.net 2 redirects support.savethechildren.org
browser.sentry-cdn.com
5 nexus.ensighten.com www.googletagmanager.com
nexus.ensighten.com
5 ib.adnxs.com 4 redirects support.savethechildren.org
5 c.paypal.com js.braintreegateway.com
c.paypal.com
5 js.braintreegateway.com support.savethechildren.org
4 d1eoo1tco6rr5e.cloudfront.net 4853738.fls.doubleclick.net
nexus.ensighten.com
4 tags.wdsvc.net 1 redirects support.savethechildren.org
tags.wdsvc.net
browser.sentry-cdn.com
4 www.gstatic.com pay.google.com
www.gstatic.com
4 smetrics.savethechildren.org browser.sentry-cdn.com
px.airpr.com
4 fonts.gstatic.com dx2eq2oh924g4.cloudfront.net
4 www.googletagmanager.com support.savethechildren.org
assets.adobedtm.com
www.googletagmanager.com
4 pay.google.com support.savethechildren.org
pay.google.com
www.gstatic.com
3 n.clarity.ms browser.sentry-cdn.com
3 cm.g.doubleclick.net 3 redirects
3 ups.analytics.yahoo.com 2 redirects
3 x.bidswitch.net 2 redirects
3 www.facebook.com support.savethechildren.org
3 www.google-analytics.com www.gstatic.com
www.googletagmanager.com
browser.sentry-cdn.com
3 bat.bing.com assets.adobedtm.com
bat.bing.com
support.savethechildren.org
2 tr.outbrain.com amplify.outbrain.com
2 dpx.airpr.com 1 redirects
2 ad.sxp.smartclip.net 1 redirects
2 i.liadm.com 2 redirects
2 ad.yieldlab.net
2 ad.360yield.com 1 redirects
2 ih.adscale.de 2 redirects
2 dis.criteo.com
2 pixel.sitescout.com support.savethechildren.org
2 4853738.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 c.clarity.ms 1 redirects
2 px.mountain.com dx.mountain.com
support.savethechildren.org
2 uipglob.semasio.net 2 redirects
2 sb.scorecardresearch.com 2 redirects
2 sync.search.spotxchange.com 2 redirects
2 c1.adform.net 2 redirects
2 pixel.rubiconproject.com 1 redirects
2 beacon.krxd.net s.amazon-adsystem.com
2 t.myvisualiq.net 2 redirects
2 dsum-sec.casalemedia.com 2 redirects
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 www.google.de support.savethechildren.org
2 www.google.com support.savethechildren.org
2 googleads.g.doubleclick.net www.googleadservices.com
2 s.tribalfusion.com 1 redirects a.tribalfusion.com
2 payments.braintree-api.com browser.sentry-cdn.com
2 adservice.google.com 10657097.fls.doubleclick.net
4853738.fls.doubleclick.net
2 api.omappapi.com browser.sentry-cdn.com
2 a.omappapi.com a.opmnstr.com
2 app.leadsrx.com assets.adobedtm.com
browser.sentry-cdn.com
2 d1n00d49gkbray.cloudfront.net assets.adobedtm.com
support.savethechildren.org
2 connect.facebook.net assets.adobedtm.com
connect.facebook.net
2 10657097.fls.doubleclick.net 1 redirects assets.adobedtm.com
2 s3-us-west-2.amazonaws.com browser.sentry-cdn.com
2 cdn.ywxi.net support.savethechildren.org
2 consent.cookiebot.com support.savethechildren.org
consent.cookiebot.com
1 s.thebrighttag.com
1 analytics.twitter.com
1 t.co
1 idsync.rlcdn.com
1 secure.adnxs.com 1 redirects
1 a.twiago.com
1 criteo-partners.tremorhub.com
1 i6.liadm.com
1 id5-sync.com
1 visitor.omnitagjs.com
1 cm.adform.net
1 eb2.3lift.com
1 criteo-sync.teads.tv
1 sync-t1.taboola.com
1 rtb-csync.smartadserver.com
1 match.sharethrough.com
1 simage2.pubmatic.com
1 sync.outbrain.com
1 exchange.mediavine.com
1 contextual.media.net
1 r.casalemedia.com
1 cotads.adscale.de
1 track.securedvisit.com support.savethechildren.org
1 px.airpr.com support.savethechildren.org
1 amplify.outbrain.com support.savethechildren.org
1 static.ads-twitter.com www.googletagmanager.com
1 c.bing.com 1 redirects
1 match.adsrvr.org support.savethechildren.org
1 gs.mountain.com support.savethechildren.org
1 c6.paypal.com support.savethechildren.org
1 sync.taboola.com 1 redirects
1 image6.pubmatic.com s.amazon-adsystem.com
1 pi.ispot.tv 1 redirects
1 lciapi.ninthdecimal.com 1 redirects
1 loadus.exelator.com s.amazon-adsystem.com
1 token.rubiconproject.com 1 redirects
1 image2.pubmatic.com s.amazon-adsystem.com
1 ssum-sec.casalemedia.com 1 redirects
1 us-u.openx.net s.amazon-adsystem.com
1 usermatch.krxd.net 1 redirects
1 lm.serving-sys.com 1 redirects
1 bs.serving-sys.com 1 redirects
1 odr.mookie1.com 1 redirects
1 ads.samba.tv 1 redirects
1 public-prod-dspcookiematching.dmxleo.com s.amazon-adsystem.com
1 usersync.samplicio.us s.amazon-adsystem.com
1 www.imdb.com 1 redirects
1 ads.stickyadstv.com 1 redirects
1 mwzeom.zeotap.com 1 redirects
1 cms.analytics.yahoo.com s.amazon-adsystem.com
1 amazon.partners.tremorhub.com s.amazon-adsystem.com
1 tags.bluekai.com 1 redirects
1 aa.agkn.com 1 redirects
1 dub.stats.paypal.com support.savethechildren.org
1 b.stats.paypal.com 1 redirects
1 widget.us.criteo.com support.savethechildren.org
1 sslwidget.criteo.com 1 redirects
1 a4.tribalfusion.com 1 redirects
1 www.trustedsite.com cdn.ywxi.net
1 adservice.google.de adservice.google.com
1 mug.criteo.com support.savethechildren.org
1 www.googleadservices.com www.googletagmanager.com
1 pt.ispot.tv support.savethechildren.org
1 dx.mountain.com assets.adobedtm.com
1 js.adsrvr.org assets.adobedtm.com
1 a.tribalfusion.com assets.adobedtm.com
1 www.dgtrx.com assets.adobedtm.com
1 static.criteo.net assets.adobedtm.com
1 a.opmnstr.com www.googletagmanager.com
1 savethechildrenfeder.tt.omtrdc.net browser.sentry-cdn.com
1 cm.everesttech.net 1 redirects
1 stc.demdex.net assets.adobedtm.com
1 files.savethechildren.org dx2eq2oh924g4.cloudfront.net
1 o69911.ingest.sentry.io browser.sentry-cdn.com
1 consentcdn.cookiebot.com consent.cookiebot.com
1 cdn.decibelinsight.net assets.adobedtm.com
1 browser.sentry-cdn.com support.savethechildren.org
1 www.savethechildren.org support.savethechildren.org
1 cdnjs.cloudflare.com support.savethechildren.org
1 e.savethechildren.org 1 redirects
0 px.surveywall-api.survata.com Failed s.amazon-adsystem.com
313 144
Subject Issuer Validity Valid
support.savethechildren.org
GeoTrust EV RSA CA 2018		 2022-02-03 -
2023-03-06		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
consent.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-04 -
2023-06-06		 a year crt.sh
www.savethechildren.org
Go Daddy Secure Certificate Authority - G2		 2021-12-01 -
2023-01-02		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
checkout.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-07-28 -
2023-08-28		 a year crt.sh
*.ywxi.net
Amazon		 2022-07-05 -
2023-08-03		 a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-11-26 -
2022-12-28		 a year crt.sh
*.decibelinsight.net
Amazon		 2022-02-13 -
2023-03-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-15 -
2023-06-17		 a year crt.sh
*.ingest.sentry.io
R3		 2022-06-21 -
2022-09-19		 3 months crt.sh
files.savethechildren.org
Go Daddy Secure Certificate Authority - G2		 2021-12-03 -
2022-10-25		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
smetrics.savethechildren.org
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-13 -
2023-06-13		 a year crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-11 -
2022-10-12		 a year crt.sh
*.s3-us-west-2.amazonaws.com
Amazon		 2021-12-17 -
2022-11-29		 a year crt.sh
a.opmnstr.com
R3		 2022-07-22 -
2022-10-20		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-05-18 -
2022-08-16		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
vfr12trk.com
Starfield Secure Certificate Authority - G2		 2021-12-24 -
2022-12-24		 a year crt.sh
*.leadsrx.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2022-04-05 -
2023-05-06		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.mountain.com
Go Daddy Secure Certificate Authority - G2		 2022-05-21 -
2023-06-22		 a year crt.sh
*.ispot.tv
R3		 2022-07-18 -
2022-10-16		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-06-10 -
2022-12-10		 6 months crt.sh
a.omappapi.com
R3		 2022-07-22 -
2022-10-20		 3 months crt.sh
api.opmnstr.com
Amazon		 2022-02-09 -
2023-03-10		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
payments.braintree-api.com
DigiCert SHA2 Extended Validation Server CA		 2021-12-08 -
2022-11-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
client-analytics.braintreegateway.com
DigiCert SHA2 High Assurance Server CA		 2022-03-16 -
2023-04-16		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-04-25 -
2023-04-25		 a year crt.sh
*.trustedsite.com
Amazon		 2022-01-25 -
2023-02-23		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
tags.wdsvc.net
Go Daddy Secure Certificate Authority - G2		 2021-11-01 -
2022-12-03		 a year crt.sh
*.tremorhub.com
Amazon		 2022-03-24 -
2023-04-22		 a year crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-15 -
2022-09-07		 6 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.samplicio.us
Amazon		 2022-03-18 -
2023-04-16		 a year crt.sh
public-prod-dspcookiematching.dmxleo.com
ZeroSSL RSA Domain Secure Site CA		 2022-07-26 -
2022-10-24		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-10		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-07 -
2023-06-02		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
nexus.ensighten.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-14 -
2022-10-12		 a year crt.sh
*.airpr.com
Amazon		 2021-12-10 -
2023-01-07		 a year crt.sh
securedvisit.com
Amazon		 2021-11-30 -
2022-12-27		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
exchange.mediavine.com
Amazon		 2022-07-06 -
2023-08-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
teads.tv
R3		 2022-06-01 -
2022-08-30		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-07 -
2022-11-30		 6 months crt.sh
*.yieldlab.net
DigiCert SHA2 Secure Server CA		 2022-01-14 -
2023-01-13		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.id5-sync.com
R3		 2022-05-31 -
2022-08-29		 3 months crt.sh
*.twiago.com
Sectigo RSA Domain Validation Secure Server CA		 2021-11-11 -
2022-12-12		 a year crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh

This page contains 21 frames:

Primary Page: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Frame ID: DA9A7CA264C808D9CE6C41FB40A95654
Requests: 193 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsupport.savethechildren.org&mid=
Frame ID: 1DDCDED6C80DB3910A032AB25E483C1B
Requests: 15 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: AC1DE29EEAA35D466C09D2907757BFCE
Requests: 1 HTTP requests in this frame

Frame: https://stc.demdex.net/dest5.html?d_nsid=0
Frame ID: 99FE46AA3FF9687E9F97E9CECE5AF376
Requests: 1 HTTP requests in this frame

Frame: https://10657097.fls.doubleclick.net/activityi;dc_pre=CPb-9YKyufkCFUOvmgod2swCMQ;cat=sitew0;ord=3174651261890.6885;src=10657097;type=sitew0
Frame ID: BC0B7FDEB54BFD0567164A4CE2AE52A6
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7b5e267f-6cf6-c436-4330-cc79e3ea1453%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.savethechildren.org/&ex-hargs=v%3D1.0%3Bc%3D2536428905417%3Bp%3D7B5E267F-6CF6-C436-4330-CC79E3EA1453&cb=32715478396665664&dcc=t
Frame ID: 9FE4F97858C52CFA3051EE0875CC5289
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=support.savethechildren.org&origin=onetag&us_privacy=1---
Frame ID: 976202310858157826F024156D9B68AA
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPb-9YKyufkCFUOvmgod2swCMQ;cat=sitew0;ord=3174651261890.6885;src=10657097;type=sitew0;~oref=https://support.savethechildren.org/
Frame ID: 599A259CA5945F710872A34611997738
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CPb-9YKyufkCFUOvmgod2swCMQ;cat=sitew0;ord=3174651261890.6885;src=10657097;type=sitew0;~oref=https://support.savethechildren.org/
Frame ID: 2CB554500E82010694B9B0360C20BE5E
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Frame ID: B09DD9601B01A29C913DDF5D32595835
Requests: 39 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 5F2E23CBFB68AA328257743BA314EBED
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=1fd2da1b9086905f949c6d8d1eb1cfba&t=1660035468.076&a=14
Frame ID: 1CCA8B65AB04586EE34EBAE9EF64C38F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 04BAB1179578075319BFE20CBA7AC287
Requests: 1 HTTP requests in this frame

Frame: https://4853738.fls.doubleclick.net/activityi;dc_pre=COCGwYSyufkCFdbDOwIdZaMIqA;src=4853738;type=dfp;cat=donat0;ord=9965936035362;gtm=2wg880;auiddc=1674618438.1660035468;~oref=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822
Frame ID: A749580400F110F6FDD725D47C0FADBF
Requests: 2 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 0FC5941EC2D46849BF97A26EEF4776FC
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=a6t02yu&ref=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822&upid=xvch1ck&upv=1.1.0
Frame ID: B3E63DD62A62FE9C1D0FD48B326AE40F
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-oTtt7tSp4Ls6bMlLBs3nOT6l-14vOlVFeKawBQ&expires=30
Frame ID: 0FA45644F3755C06F16EA5001DAC4C72
Requests: 30 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/azud70w/dsx8icm/iframe
Frame ID: 3351EB77AB1FBC03E80C0BC9801F5496
Requests: 2 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/f35s4e0/45k2r2v/iframe
Frame ID: 5B34698E3593E672DA94E43CD450F7DB
Requests: 2 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/f35s4e0/qa0mevt/iframe
Frame ID: 72DCA0732C3E5E87AF26C5B8CE7B0227
Requests: 2 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/f35s4e0/n4od8ve/iframe
Frame ID: 1B7CC102A576BE1D0748A497496C4122
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

2022 Eastern Kentucky Flood Crisis Fund - Save the Children

Page URL History Show full URLs

  1. http://e.savethechildren.org/a/hBi8Z--B8yKeXB962GbAAysnJBs/img?d_refcode_singleseg=New_Leads HTTP 307
    https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /site/Donation2?.*df_id=
  • js/convio/modules\.js
Overall confidence: 100%
Detected patterns
  • js\.braintreegateway\.com
Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • consent\.cookiebot\.com
Overall confidence: 100%
Detected patterns
  • //static\.criteo\.net/js/ld/ld\.js
Overall confidence: 100%
Detected patterns
  • //nexus\.ensighten\.com/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • (?:/yui/|yui\.yahooapis\.com)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js

Page Statistics

313
Requests

84 %
HTTPS

24 %
IPv6

92
Domains

144
Subdomains

106
IPs

11
Countries

3161 kB
Transfer

7881 kB
Size

131
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://e.savethechildren.org/a/hBi8Z--B8yKeXB962GbAAysnJBs/img?d_refcode_singleseg=New_Leads HTTP 307
    https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59
  • https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=6B0E659F56A9E70D7F000101%40AdobeOrg&d_nsid=0&ts=1660035467043 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=6B0E659F56A9E70D7F000101%40AdobeOrg&d_nsid=0&ts=1660035467043
Request Chain 86
  • https://cm.everesttech.net/cm/dd?d_uuid=28138524691330017423359110358507971215 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YvIhiwAAAG2kWQOJ
Request Chain 102
  • https://10657097.fls.doubleclick.net/activityi;cat=sitew0;ord=3174651261890.6885;src=10657097;type=sitew0 HTTP 302
  • https://10657097.fls.doubleclick.net/activityi;dc_pre=CPb-9YKyufkCFUOvmgod2swCMQ;cat=sitew0;ord=3174651261890.6885;src=10657097;type=sitew0
Request Chain 112
  • https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7b5e267f-6cf6-c436-4330-cc79e3ea1453%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.savethechildren.org/&ex-hargs=v%3D1.0%3Bc%3D2536428905417%3Bp%3D7B5E267F-6CF6-C436-4330-CC79E3EA1453&cb=32715478396665664 HTTP 302
  • https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7b5e267f-6cf6-c436-4330-cc79e3ea1453%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.savethechildren.org/&ex-hargs=v%3D1.0%3Bc%3D2536428905417%3Bp%3D7B5E267F-6CF6-C436-4330-CC79E3EA1453&cb=32715478396665664&dcc=t
Request Chain 116
  • https://tags.wdsvc.net/controller.js?id=100229 HTTP 302
  • https://tags.wdsvc.net/container.js?id=100229&v=4.00&t=1660035467963
Request Chain 156
  • https://gum.criteo.com/sid/json?origin=onetag&domain=savethechildren.org&sn=ChromeSyncframe&so=0&topUrl=support.savethechildren.org&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=mLs6SHwvMXFwSjBPbitRWDhqRVJObE9QdnJxeVJsYWFKdnNKZzdHdElQaTNRbE9NN0NZL1hTRXZmcEd2NEIzVnZUcFFCTWhBMmZZZ2MyVEVoeXpKS3FENEdxYmdBU1RyUHQrSlNRZkpUOFZKYWs4eE5SZjJ1WENyS1BPdXczYVlMbHQvQzJZQkJmWVUwR250R1FkUHlOczYvcFBiWVN5N1FVdjR6NE1OY1A3TGlEM3VyYjJqZkZrdVVqVm9EbmdPeGNuVlRhU25nQTlyV05sTVYxcG1haTVVQ3ZuQ3JTNWxReGcyQWpXYi9kMUdYekxRNFhPcTVVT3RRRCtnWlNOcms4SExHb0o4VDlONGpXK28rMFg0aXRyYkJSN0J4RUc1cFhMZzJ1NHg5WlZRajBqWT18&cppv=2
Request Chain 180
  • https://s.tribalfusion.com/visitor?%7B%22tagKey%22%3A%222481917101%22%2C%22th%22%3A7238200512%2C%22version%22%3A%221.0%22%2C%22tKey%22%3A%22a6mneM4craTsvaWsrfSA3OYTYcShLtfY%22%2C%22url%22%3A%22https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822%22%2C%22clientName%22%3A%22Save%2520the%2520Children%22%2C%22clientID%22%3A791263%2C%22eventType%22%3A%22visitor%22%2C%22segmentNumber%22%3A0%2C%22segmentName%22%3A%22Sitewide%22%7D HTTP 302
  • https://a4.tribalfusion.com/ipg?ip6=2001:1b60:2:240:3247::11&kv=%7B%22ord%22%3A%2015868300%2C%20%22clientID%22%3A%20791263%7D&redirect=https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://ib.adnxs.com/setuid?entity=305&code=$TF_USER_ID_ENC$
Request Chain 183
  • https://sslwidget.criteo.com/event?a=33523&v=5.12.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3Ddonation-form-6827-one-time%26ui_ecommerce%3D0%26ui_sponsor%3D0&p2=e%3Ddis&adce=1&bundle=4tnr7V9ldXJTMGxTQ2p3VlFBQVB1V3p0aVR1USUyRlJkWkJjS2hJWVMlMkYxeW1tcGo3Q2lwUW9oVGpXb2hSSUNGQWJaZUJMcDNHdEdNb29HRVF0YzlRQzFydUl3R3F3JTJCcFVmT0hMNlZXTTRCU3Juc0t4a1oxSmplQ3ZSZXlmRTRIVlMlMkI2R3RwdWFIQ1BIOFVNZ0xrenE1R20xRjhFQTcyTUIyUW1xM0tjOXl1blIlMkJIZWJvJTNE&tld=savethechildren.org&fu=https%253A%252F%252Fsupport.savethechildren.org%252Fsite%252FDonation2%253Fdf_id%253D6827%2526mfc_pref%253DT%25266827.donation%253Dform1%2526smtrctid%253DAAysnJ%2526cid%253DEmail%253A%253AEmer_Kentucky_Flood%253ANew_Leads%253A080822&dtycbr=51651&cs=1---&cv=1 HTTP 302
  • https://widget.us.criteo.com/event?a=33523&v=5.12.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3Ddonation-form-6827-one-time%26ui_ecommerce%3D0%26ui_sponsor%3D0&p2=e%3Ddis&adce=1&bundle=4tnr7V9ldXJTMGxTQ2p3VlFBQVB1V3p0aVR1USUyRlJkWkJjS2hJWVMlMkYxeW1tcGo3Q2lwUW9oVGpXb2hSSUNGQWJaZUJMcDNHdEdNb29HRVF0YzlRQzFydUl3R3F3JTJCcFVmT0hMNlZXTTRCU3Juc0t4a1oxSmplQ3ZSZXlmRTRIVlMlMkI2R3RwdWFIQ1BIOFVNZ0xrenE1R20xRjhFQTcyTUIyUW1xM0tjOXl1blIlMkJIZWJvJTNE&tld=savethechildren.org&fu=https%253A%252F%252Fsupport.savethechildren.org%252Fsite%252FDonation2%253Fdf_id%253D6827%2526mfc_pref%253DT%25266827.donation%253Dform1%2526smtrctid%253DAAysnJ%2526cid%253DEmail%253A%253AEmer_Kentucky_Flood%253ANew_Leads%253A080822&dtycbr=51651&cs=1---&cv=1
Request Chain 185
  • https://b.stats.paypal.com/counter.cgi?i=127.0.0.1&p=1fd2da1b9086905f949c6d8d1eb1cfba&t=1660035468.076&a=14 HTTP 302
  • https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=1fd2da1b9086905f949c6d8d1eb1cfba&t=1660035468.076&a=14
Request Chain 190
  • https://ib.adnxs.com/setuid/a9?entity=188&code=LdRLtiF7TnmunTILcahJLw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3DLdRLtiF7TnmunTILcahJLw%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=LdRLtiF7TnmunTILcahJLw
Request Chain 191
  • https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=217273104238001059302&ex=neustar.biz
Request Chain 192
  • https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=bIOGWKe_QkaJSVGJyLeBrg&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=bIOGWKe_QkaJSVGJyLeBrg&C=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=YvIhjLW6wNIABgaKk2SFzAAA
Request Chain 193
  • https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=3301b2ff3f772ac9138f0726dcd8dbc7
Request Chain 194
  • https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
Request Chain 195
  • https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=1qdPTCa1SdCAOTWgq1O87Q HTTP 302
  • https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=1qdPTCa1SdCAOTWgq1O87Q&verify=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=1qdPTCa1SdCAOTWgq1O87Q
Request Chain 196
  • https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
  • https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=f56879c0-729a-4d51-aed0-34df95ef65e6
Request Chain 199
  • https://mwzeom.zeotap.com/mw?zpartnerid=1353&zurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dzeotap%26id%3D%7BZCOOKIE%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=476c0da4-1247-44e3-41af-ce065ea2dcaa
Request Chain 200
  • https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=1b67cd627e43202bb832c2b83b1e31&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 201
  • https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
Request Chain 205
  • https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=fcdae62ce4128cf8
Request Chain 206
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=4GEeoIxnRWqpN4luF3OL_A&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4GEeoIxnRWqpN4luF3OL_A
Request Chain 207
  • https://dpm.demdex.net/ibs:dpid=139200&dpuuid=tBEcP4Y0S-G2S9hXFGXvUw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=28138524691330017423359110358507971215
Request Chain 208
  • https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=rfhDYxKYR5K_gdXKqukxkQ HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10818279625122487936&gdpr=&gdpr_consent=
Request Chain 210
  • https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5089366412164480040
Request Chain 211
  • https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=57f51bf8-17c1-11ed-9323-1d66682b0306 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=57f51bae-17c1-11ed-9323-1d66682b0306
Request Chain 212
  • https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
  • https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%2240c8bcd0-6082-4bb2-8032-5d30125adb7d%22,%22Time%22:%2220220809T085749.038916%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=40c8bcd0-6082-4bb2-8032-5d30125adb7d
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEGQiw5WwkNObso1zuOGqpQE&google_cver=1
Request Chain 214
  • https://usermatch.krxd.net/um/v2?partner=amzn HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=krux.com&id=PAel90Ia
Request Chain 215
  • https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=43d1ee24da64862f0959302b045d85c8
Request Chain 217
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=index&id=K6AWvOWOiqpwVEW-6gHr-Tc4ZH04ZgAC
Request Chain 218
  • https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
  • https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=semasio&id=D694E8BFB2733D14
Request Chain 219
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=5470547094483791091&ex=appnexus.com
Request Chain 221
  • https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=E4eefuGgz5z0lRxTci4NuQ&ex=rubiconproject.com&status=ok
Request Chain 222
  • https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=DWsPgu4aTpWuSr9TeXxdrA& HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=googleHMT
Request Chain 224
  • https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=6096ED688D21F2626012F715027EEC65
Request Chain 225
  • https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=83a5b91f25b6495542f390ebac79a4f6b7d32c9c8900ccaf1a2935776e7c6240
Request Chain 227
  • https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=c6348c71-a9fb-4c6e-bf9e-4f29c783ef3e-tuct9eba70d
Request Chain 250
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=C6277C815E1C40D28CEF7D10EEBC0C89&RedC=c.clarity.ms&MXFR=178AF585EC6D6BAD29E1E47EE86D65FE HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=C6277C815E1C40D28CEF7D10EEBC0C89&MUID=3E1F272316B66C92228B36D817646D93
Request Chain 252
  • https://4853738.fls.doubleclick.net/activityi;src=4853738;type=dfp;cat=donat0;ord=9965936035362;gtm=2wg880;auiddc=1674618438.1660035468;~oref=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822 HTTP 302
  • https://4853738.fls.doubleclick.net/activityi;dc_pre=COCGwYSyufkCFdbDOwIdZaMIqA;src=4853738;type=dfp;cat=donat0;ord=9965936035362;gtm=2wg880;auiddc=1674618438.1660035468;~oref=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822
Request Chain 262
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-1ccix9Sp4Ls6bMlLBs3nOT6l-15R2mhrb-MD6w&google_cm&google_hm=ay0xY2NpeDlTcDRMczZiTWxMQnMzbk9UNmwtMTVSMm1ocmItTUQ2dw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-1ccix9Sp4Ls6bMlLBs3nOT6l-15R2mhrb-MD6w&google_gid=CAESEGJ3kXj96wFm1blkCEqAfB4&google_cver=1&google_ula=913071,0
Request Chain 263
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5470547094483791091
Request Chain 264
  • https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-hX-M0NSp4Ls6bMlLBs3nOT6l-1455JZid86BBQ&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__ HTTP 302
  • https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-hX-M0NSp4Ls6bMlLBs3nOT6l-1455JZid86BBQ&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__&nut&uu=f8bd1908336e45c998f90ae65b43ca92 HTTP 307
  • https://cotads.adscale.de/ads/pixel/1by1.png?uid=fee0f497bb4d41e3f89fce3e168c9f9a75fa3e303bf2ef629c16eedd4e79bb28
Request Chain 266
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-KKPXEtSp4Ls6bMlLBs3nOT6l-147N7krcu6iOQ HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-KKPXEtSp4Ls6bMlLBs3nOT6l-147N7krcu6iOQ
Request Chain 281
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=JuD4lOfllZOqm-W5ZeTRroTEtvDmlan2
Request Chain 283
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-_udKctSp4Ls6bMlLBs3nOT6l-16A_8jgqSY5ng HTTP 303
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-_udKctSp4Ls6bMlLBs3nOT6l-16A_8jgqSY5ng&_li_chk=true&previous_uuid=95a2cd15f74446aca93f3501a18b5810 HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-_udKctSp4Ls6bMlLBs3nOT6l-16A_8jgqSY5ng
Request Chain 284
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-pDIk-dSp4Ls6bMlLBs3nOT6l-160o0axF8Glpg HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-pDIk-dSp4Ls6bMlLBs3nOT6l-160o0axF8Glpg&ang_testid=1
Request Chain 290
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=tA9OdLR0A4sVYtHd4V846DH8w74krlkK
Request Chain 292
  • https://dpx.airpr.com/px?hostname=support.savethechildren.org&profile=405343&ga_account_id=UA-85748307-2&ga_account_type=UA&ga_c=851053701.1660035468&om_account_type=OM&om_c=317910C7AD7CD665-4000144305625942&om_fallback_c=undefined&an=true HTTP 302
  • https://secure.adnxs.com/getuid?https://dpx.airpr.com/anpx?adnxs_uid=$UID&airpr_id=4864720820 HTTP 302
  • https://dpx.airpr.com/anpx?adnxs_uid=5470547094483791091&airpr_id=4864720820
Request Chain 295
  • https://insight.adsrvr.org/tags/azud70w/dsx8icm/iframe HTTP 303
  • https://d1eoo1tco6rr5e.cloudfront.net/azud70w/dsx8icm/iframe
Request Chain 297
  • https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
  • https://idsync.rlcdn.com/397596.gif?partner_uid=7ScRUjRdwag_-DxO5l9hfvy63PaplX6t
Request Chain 304
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=oczLx7LTAJIPBtAI1hCt3Tr4qXmiaBuh
Request Chain 307
  • https://insight.adsrvr.org/tags/f35s4e0/45k2r2v/iframe HTTP 303
  • https://d1eoo1tco6rr5e.cloudfront.net/f35s4e0/45k2r2v/iframe
Request Chain 308
  • https://insight.adsrvr.org/tags/f35s4e0/qa0mevt/iframe HTTP 303
  • https://d1eoo1tco6rr5e.cloudfront.net/f35s4e0/qa0mevt/iframe
Request Chain 309
  • https://insight.adsrvr.org/tags/f35s4e0/n4od8ve/iframe HTTP 303
  • https://d1eoo1tco6rr5e.cloudfront.net/f35s4e0/n4od8ve/iframe

313 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Donation2
support.savethechildren.org/site/
Redirect Chain
  • http://e.savethechildren.org/a/hBi8Z--B8yKeXB962GbAAysnJBs/img?d_refcode_singleseg=New_Leads
  • https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
112 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
cb737321042ff30c7aa056706e0cb18360cfebf8246b9ecbf876e5389f32f087
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com; report-uri https://support.savethechildren.org/site/XFrameViolation
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com; report-uri https://support.savethechildren.org/site/XFrameViolation
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 09 Aug 2022 08:57:46 GMT
Keep-Alive
timeout=15, max=187
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff

Redirect headers

Cache-Control
no-cache="set-cookie", private, no-cache
Connection
close
Content-Length
382
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 09 Aug 2022 08:57:45 GMT
Expires
Sun, 06 Nov 1994 08:49:37 GMT
Location
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
P3P
policyref="/w3c/p3p.xml",CP="NON DSP COR CURo ADMo DEVo TAIo IVAo IVDo OUR DELo IND UNI NAV"
Server
Apache
yui-min.js
support.savethechildren.org/yui3/yui/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://support.savethechildren.org/yui3/yui/yui-min.js
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
db4bb1e314a04c52d8ad52c3a66ce793a012910e88d90295767ec52d75a4d72f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:46 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 May 2010 16:44:29 GMT
Server
Apache
ETag
"3baa-487aa3880d540"
ntCoent-Length
15274
Content-Type
application/x-javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=258
Content-Length
6402
modules.js
support.savethechildren.org/js/convio/ 		15 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://support.savethechildren.org/js/convio/modules.js?version=2.9.1
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
aa432c05daee8749817b34c7d407845c3132dbb52fe62bb15f8d745cdb869134

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Feb 2021 06:52:36 GMT
Server
Apache
ETag
"3bb8-5bc0f7aebec8b"
ntCoent-Length
15288
Content-Type
application/x-javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=7
Content-Length
2729
utils.js
support.savethechildren.org/js/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://support.savethechildren.org/js/utils.js
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
56fb1bf075613aa1e61d6cf81fe7ae08d45fe7a16689d118bfa06e17600ac4cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Nov 2016 07:01:46 GMT
Server
Apache
ETag
"7f46-540ecf2687f1e"
ntCoent-Length
32582
Content-Type
application/x-javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=254
Content-Length
9855
obs_comp_rollup.js
support.savethechildren.org/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://support.savethechildren.org/js/obs_comp_rollup.js
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
957f312f39ed8ba93485141af5af501f1d2b7b372433d8ac77b0923a5c584204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Feb 2012 18:21:34 GMT
Server
Apache
ETag
"2936-4b863d94fc780"
ntCoent-Length
10550
Content-Type
application/x-javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=412
Content-Length
2548
default.css
support.savethechildren.org/css/themes/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://support.savethechildren.org/css/themes/default.css
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
135ae3e7f5e9b6c501a48f208ab55f701c066f5543fc4d7d64ef766cc722fae9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Jul 2013 19:12:15 GMT
Server
Apache
ETag
"11df-4e246affca1c0"
ntCoent-Length
4575
Content-Type
text/css
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=185
Content-Length
1256
alphacube.css
support.savethechildren.org/css/themes/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://support.savethechildren.org/css/themes/alphacube.css
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
dddb90184d87f59b1a025fa9b460ef0b25fbaa3ea192a83d31535dbb20ec10ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Cteonnt-Length
2648
Date
Tue, 09 Aug 2022 08:57:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Dec 2009 21:55:41 GMT
Server
Apache
ETag
"a58-479c5ef879140"
Content-Type
text/css
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=257
Content-Length
748
UserGlobalStyle.css
support.savethechildren.org/css/ 		23 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://support.savethechildren.org/css/UserGlobalStyle.css
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
86d95dcf819cd9f7ae82162e2c393d939f12fafaba93129517a5e8f42e62fba8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Mar 2019 17:07:00 GMT
Server
Apache
ETag
"5dce-5849dc4339500"
ntCoent-Length
24014
Content-Type
text/css
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=301
Content-Length
6878
ResponsiveBase.css
support.savethechildren.org/css/responsive/ 		8 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://support.savethechildren.org/css/responsive/ResponsiveBase.css
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
e1273a5e5ca6d6af7d88f9b231577008ca093f7950b46b601e1a2a9d203ea759

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 May 2016 22:09:59 GMT
Server
Apache
ETag
"1e21-5327011c9e67e"
ntCoent-Length
7713
Content-Type
text/css
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=183
Content-Length
3270
DonFormResponsive.css
support.savethechildren.org/css/responsive/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://support.savethechildren.org/css/responsive/DonFormResponsive.css
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
7fad060874c6d715e53ae10e92ebca22aebe769bc8efcf8454c9f9802be8de78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 May 2016 22:10:00 GMT
Server
Apache
ETag
"13f6-5327011d94446"
ntCoent-Length
5110
Content-Type
text/css
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=128
Content-Length
1519
FormComponentsBehavior.css
support.savethechildren.org/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://support.savethechildren.org/css/FormComponentsBehavior.css
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
b2d71a40f6794578a24e2c5c049734e609b43044b97adf3d8701780c26c9f083

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 May 2016 22:10:26 GMT
Server
Apache
ETag
"12be-5327013611e84"
ntCoent-Length
4798
Content-Type
text/css
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=327
Content-Length
1564
FormComponentsBehavior.js
support.savethechildren.org/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://support.savethechildren.org/js/FormComponentsBehavior.js
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
4edb816a596f9a4a768c41f9f21b5b2bcfb74f80f913a7f40b899c2d05ec1719

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Oct 2007 07:30:01 GMT
Server
Apache
ETag
"38fd-43d3815db5040"
ntCoent-Length
14589
Content-Type
application/x-javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=427
Content-Length
4166
don_level_elements.js
support.savethechildren.org/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://support.savethechildren.org/js/don_level_elements.js
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
2344bf11d8936ea401e4024d5e8f2060095264d179d34ee2388c6832c603ea27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Jul 2009 19:17:27 GMT
Server
Apache
ETag
"1195-46eaf4a04bfc0"
ntCoent-Length
4501
Content-Type
application/x-javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=269
Content-Length
1554
don_premium_elements.js
support.savethechildren.org/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://support.savethechildren.org/js/don_premium_elements.js
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
69bffd1a8ad326cbe635c1aa4501526b180044052ff34fe3c407763bc90e0930

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Apr 2008 22:18:29 GMT
Server
Apache
ETag
"2abd-44b04e57d7740"
ntCoent-Length
10941
Content-Type
application/x-javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=86
Content-Length
3121
donations2.js
support.savethechildren.org/js/ 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://support.savethechildren.org/js/donations2.js
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
9cdd1eae85ce614b8b8ae27bd5d03dc82f0fe2e9ed1f39bd48975c9e9e52993b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Feb 2012 18:21:34 GMT
Server
Apache
ETag
"163b-4b863d94fc780"
ntCoent-Length
5691
Content-Type
application/x-javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=6
Content-Length
1118
CustomStyle.css
support.savethechildren.org/css/ 		0
265 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://support.savethechildren.org/css/CustomStyle.css
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:46 GMT
Last-Modified
Thu, 10 Mar 2016 19:14:33 GMT
Server
Apache
ETag
"0-52db69fe8c594"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=429
Content-Length
0
CustomWysiwygStyle.css
support.savethechildren.org/css/ 		0
264 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://support.savethechildren.org/css/CustomWysiwygStyle.css
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:46 GMT
Last-Modified
Thu, 10 Mar 2016 19:14:33 GMT
Server
Apache
ETag
"0-52db69fe3c365"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=66
Content-Length
0
stc-styles.css
dx2eq2oh924g4.cloudfront.net/css/ 		460 KB
99 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dx2eq2oh924g4.cloudfront.net/css/stc-styles.css?cache=2022-06-28-13-10
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:ba00:12:b144:100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7bc1689cd0e0fc1cf506164c42791fdc58189241cfa918ec2d8b69afd8fad1a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 18:07:34 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 18:06:33 GMT
server
AmazonS3
age
485413
etag
W/"d945097bba426aa52c839968719bb2bf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
cache-control
max-age=604801
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
CHAeXY3IN8IIynjDUpyM2K2wnNqgqKWwn5FokAk_ULqwBMUj81gFIg==
jquery.fancybox.min.css
cdnjs.cloudflare.com/ajax/libs/fancybox/2.1.5/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/2.1.5/jquery.fancybox.min.css
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a5ed4bb4bb22800c5f3d7057a35cbdd8bb49686d8df119a8452122aa7b40b80
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5322572
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
955
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e58-f2d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVphaYARX5NkjeP3nTMtpESwmTXfSgk53ycub8rahu7JyOyLnqUSqGbFrH8pM4Y6%2Fos%2Fjtz7TAfhUDf2xMQ55hgJrRm0sPGp%2FtZGGR07fZW%2FozJsz21adbykbm6dT20PelhgtCToqyavxbGHj87vusBs"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
737f4940bf16916e-FRA
expires
Sun, 30 Jul 2023 08:57:46 GMT
launch-d47d2de11878.min.js
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ 		341 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js?t=2022-03-08
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d2af1b7194afb442a397879fc5f023b267adc41d9c639bd620c9d5b660526503

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:46 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 14:27:29 GMT
server
AkamaiNetStorage
etag
"e6631d0ef7c2545e5c759bec86d582f2:1658759249.955038"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://support.savethechildren.org
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
100744
expires
Tue, 09 Aug 2022 09:57:46 GMT
uc.js
consent.cookiebot.com/ 		100 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/uc.js
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:6785 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6804249c39aae7d80cd20c9d78213ce15c35d47b5c21821641c6182c16eed1b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
gzip
last-modified
Mon, 18 Jul 2022 09:11:56 GMT
etag
"27a0736d869ad81:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=130
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
accept-ranges
bytes
content-length
31207
expires
Tue, 09 Aug 2022 08:59:57 GMT
stc-logo.svg
dx2eq2oh924g4.cloudfront.net/images/logos/ 		16 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx2eq2oh924g4.cloudfront.net/images/logos/stc-logo.svg
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:ba00:12:b144:100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d92cb06b44cef6b07ba00f221cd8de90566b1779164e113d4f5a43bef4c64077

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 18:15:51 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 18:06:35 GMT
server
AmazonS3
age
484917
etag
W/"6c75d80a387556bec1fafca484ed608e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
cache-control
max-age=604801
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
ko5gLohvmu85yHGvF5-GrZjkcgo2yRGBcB4z1oOtI-Rpn2QQj6DKpA==
4-star-charity-navigator-234x60.jpg
dx2eq2oh924g4.cloudfront.net/images/content/pagebuilder/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx2eq2oh924g4.cloudfront.net/images/content/pagebuilder/4-star-charity-navigator-234x60.jpg
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:ba00:12:b144:100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
36b5697cea3adce6b7d19284a8fc074ab18f9ca01273ba853ee0f057415c9387

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 01:54:39 GMT
via
NS-CACHE-10.0: 32, 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
last-modified
Tue, 10 Mar 2020 17:45:29 GMT
server
Apache
age
25388
etag
"1de8-5a083af7fa57b"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P7
accept-ranges
bytes
content-length
7656
x-amz-cf-id
gEEnWRffGD0UIL09cZERsY1gPLSYoqG7F0SmGSW_OJhhfl11fTEHwA==
charity-watch-logo.png
dx2eq2oh924g4.cloudfront.net/images/logos/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx2eq2oh924g4.cloudfront.net/images/logos/charity-watch-logo.png
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:ba00:12:b144:100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
60cbe4e17fb6a2a02d3db7fa5126fb6a9adb26e054117a79d16aca4a2036610a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 05:59:06 GMT
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
last-modified
Wed, 27 Jul 2022 18:06:35 GMT
server
AmazonS3
age
529122
etag
"ed6930c5740c723587f4167c5323fae5"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604801
x-amz-cf-pop
FRA56-P7
accept-ranges
bytes
content-length
12543
x-amz-cf-id
OyMk3PU8ZAJe3Zs5fqnSeb-kMyOBORzSTvDMjJoSn3bhCPQlK1OCcQ==
bbb-logo.svg
dx2eq2oh924g4.cloudfront.net/images/logos/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx2eq2oh924g4.cloudfront.net/images/logos/bbb-logo.svg
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:ba00:12:b144:100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6e3b5e7ca053ee43ae72808728156e5e8629de1049cf3e92794439f2bfd052f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 18:16:36 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 18:06:35 GMT
server
AmazonS3
age
484872
etag
W/"c609e558a124b00f02921f903af5251a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
cache-control
max-age=604801
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
RhR5zkkEPxZ7r86jWlwad6HmTllATK7Xth8cCMddvKzr0ZTP-zbA2Q==
paypal-logo.png
support.savethechildren.org/images/payment/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://support.savethechildren.org/images/payment/paypal-logo.png
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
0f2dd730bc56ea9d8d0ee9c7ec142ec0e5ccb384da3fb24f94414aa7ccd9b48b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:47 GMT
Last-Modified
Wed, 17 Aug 2016 21:28:55 GMT
Server
Apache
ETag
"8a7-53a4b27108d50"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=462
Content-Length
2215
discovercard_sm.gif
support.savethechildren.org/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://support.savethechildren.org/images/discovercard_sm.gif
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
fbfc0cc592809f83bfde605255dafd78f525d1cee0f807973122895fe49e1c06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:47 GMT
Last-Modified
Mon, 22 Aug 2016 16:24:58 GMT
Server
Apache
ETag
"607-53aab7d37bc48"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=380
Content-Length
1543
amex_small.gif
support.savethechildren.org/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://support.savethechildren.org/images/amex_small.gif
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
9449ccf781bff1869fad09bc28ea4214e40fa767895eebc6fb37cf66cb4d27bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:47 GMT
Last-Modified
Mon, 22 Aug 2016 16:24:57 GMT
Server
Apache
ETag
"631-53aab7d2b75f9"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=263
Content-Length
1585
mastercd_small.gif
support.savethechildren.org/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://support.savethechildren.org/images/mastercd_small.gif
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
a18e784fb3201a4ce31830f8ca4918b2de835115e7ca09f676dc93b761acb0a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:47 GMT
Last-Modified
Mon, 22 Aug 2016 16:24:58 GMT
Server
Apache
ETag
"624-53aab7d3fc790"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=453
Content-Length
1572
visa_small.gif
support.savethechildren.org/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://support.savethechildren.org/images/visa_small.gif
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
db303c3d5b39371bb91fbc688df6e18f93a067713146f617ef27157b7ee38f74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:47 GMT
Last-Modified
Mon, 22 Aug 2016 16:24:57 GMT
Server
Apache
ETag
"5f7-53aab7d324d98"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=500
Content-Length
1527
apple-pay-payment-mark.png
support.savethechildren.org/wrpr/images/logos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://support.savethechildren.org/wrpr/images/logos/apple-pay-payment-mark.png
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
f845e4b8f5eebbe74c9b3c8cb4665d14067e530550e61ae72ebf4340296e1733

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:47 GMT
Last-Modified
Tue, 16 Jan 2018 16:39:19 GMT
Server
Apache
ETag
"c54-562e75f4d1690"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=4
Content-Length
3156
venmo-logo.svg
support.savethechildren.org/wrpr/images/logos/ 		531 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://support.savethechildren.org/wrpr/images/logos/venmo-logo.svg
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
df02d55d020c8804a1ecff3c85906ce4d599185870883d064381f165911ef52f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:47 GMT
Last-Modified
Fri, 06 Oct 2017 01:16:54 GMT
Server
Apache
ETag
"213-55ad698a744c7"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=410
Content-Length
531
google-pay-box-logo.png
support.savethechildren.org/wrpr/images/logos/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://support.savethechildren.org/wrpr/images/logos/google-pay-box-logo.png
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
f462ed01cdd9b02dcbda81b4cd1ac332b715a4048d554517ef6c17d81c43ad1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:47 GMT
Last-Modified
Wed, 05 Dec 2018 21:18:42 GMT
Server
Apache
ETag
"2a5c-57c4ced38079f"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=325
Content-Length
10844
apple-pay-donate.png
support.savethechildren.org/wrpr/images/logos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://support.savethechildren.org/wrpr/images/logos/apple-pay-donate.png
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
4cf635e0a393b85f4efd07b3a00b8c092329ffb42dcef45b0d99dca88efb7ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:47 GMT
Last-Modified
Tue, 16 Jan 2018 17:10:11 GMT
Server
Apache
ETag
"e30-562e7cdb3999b"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=451
Content-Length
3632
google-pay-logo.svg
support.savethechildren.org/wrpr/images/logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://support.savethechildren.org/wrpr/images/logos/google-pay-logo.svg
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
dda558a93891b2c9f4da39839ae644f25ddaed59e93807a342eea812441e46e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:47 GMT
Last-Modified
Wed, 05 Dec 2018 22:13:33 GMT
Server
Apache
ETag
"66f-57c4db15f0843"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=498
Content-Length
1647
card_visa_cvv.png
support.savethechildren.org/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://support.savethechildren.org/images/card_visa_cvv.png
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
a0e2f66644877655cd362b939852cb71181baecf71fd3dc2a1df419030809a3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:47 GMT
Last-Modified
Fri, 23 Sep 2016 17:56:23 GMT
Server
Apache
ETag
"bc1-53d307f185651"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=252
Content-Length
3009
card_amex_cvv.png
support.savethechildren.org/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://support.savethechildren.org/images/card_amex_cvv.png
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
9f1452b78e9dda47be12aca96738dea2114ade0fd9fe474ee3af364c0fcf766e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:47 GMT
Last-Modified
Fri, 23 Sep 2016 17:56:22 GMT
Server
Apache
ETag
"dec-53d307f081aa0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=377
Content-Length
3564
2021-annual-report-pie-chart-footer-version.png
www.savethechildren.org/content/dam/usa/images/annual-report/2021/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.savethechildren.org/content/dam/usa/images/annual-report/2021/2021-annual-report-pie-chart-footer-version.png
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-116.fra60.r.cloudfront.net
Software
Apache /
Resource Hash
98a0c74b6560ea8895c06d21857ecf1d8de31ee9d091cf94b8373a34ab68a4df
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' stc.marketing.adobe.com
Strict-Transport-Security max-age=63072000;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-dispatcher
dispatcher2useast1
content-security-policy
frame-ancestors 'self' stc.marketing.adobe.com
content-encoding
gzip
etag
"2eff-5e5c39e3344a5-gzip"
age
10006
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
11442
last-modified
Tue, 09 Aug 2022 00:00:19 GMT
server
Apache
x-frame-options
SAMEORIGIN
date
Tue, 09 Aug 2022 06:11:01 GMT
strict-transport-security
max-age=63072000;
content-type
image/png
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
cache-control
max-age=86400, no-cache="set-cookie"
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
x-amz-cf-id
N9drE7yio3F6FxUO83BWdeeb9oDwMW5lt3w76TJoZcn024rwgLV5gw==
expires
Wed, 10 Aug 2022 06:11:01 GMT
charity-navigator-logo.png
dx2eq2oh924g4.cloudfront.net/images/logos/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx2eq2oh924g4.cloudfront.net/images/logos/charity-navigator-logo.png
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:ba00:12:b144:100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ddaf05992cd382691c8644163c876c5ace24a4900478efdbe1ba7354af4f60cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 18:15:52 GMT
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
last-modified
Wed, 27 Jul 2022 18:06:35 GMT
server
AmazonS3
age
484915
etag
"a81ba267b17fa69211abc6ccfd93cb72"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604801
x-amz-cf-pop
FRA56-P7
accept-ranges
bytes
content-length
26644
x-amz-cf-id
k9Xk78OSVmXG0Sn2xSYKjPF4MEpRYodDcpSZV20X3t3zx4c5Dbqqrg==
facebook-initial.svg
dx2eq2oh924g4.cloudfront.net/images/icons/ 		892 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx2eq2oh924g4.cloudfront.net/images/icons/facebook-initial.svg
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:ba00:12:b144:100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
099a89edb65f4cd9501d6c1a11ef5f6b26ec28713c76a01629a42612f7c4908d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 18:16:37 GMT
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
last-modified
Wed, 27 Jul 2022 18:06:34 GMT
server
AmazonS3
age
484871
etag
"84abfea728af630e24ad9307d952dea1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=604801
x-amz-cf-pop
FRA56-P7
accept-ranges
bytes
content-length
892
x-amz-cf-id
v0xaQAPaC6QYHkCKqRzqJm-Rc9okVMbv8BWx1lDT1UHAfKnjAZnpCg==
twitter.svg
dx2eq2oh924g4.cloudfront.net/images/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx2eq2oh924g4.cloudfront.net/images/icons/twitter.svg
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:ba00:12:b144:100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fcb102140b7ffbe92fdb9dc9180565cc20e2f248d79fe439463c0159ef5317e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 18:16:37 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 18:06:35 GMT
server
AmazonS3
age
484871
etag
W/"6694ce1d25e04a635544f4ebb5b6a707"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
cache-control
max-age=604801
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
oHeSXhkfSJ8AUaqVPm4iw4MXNn60zj1vZm_MuEGQwuUx4xJFkWVq3A==
instagram.svg
dx2eq2oh924g4.cloudfront.net/images/icons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx2eq2oh924g4.cloudfront.net/images/icons/instagram.svg
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:ba00:12:b144:100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49ef92b367500b4ee119940a1b56ae67829a83f519e8af995e5d5b180f1731b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 18:15:53 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 18:06:34 GMT
server
AmazonS3
age
484915
etag
W/"e9d1fdc0855751a3a7717a44d56fcd90"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
cache-control
max-age=604801
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
0iBuuq4hbRcrdkk4UGjdVUZYs6qNpvcCxVsJK6T8rgEYz7rg21W5IA==
pinterest.svg
dx2eq2oh924g4.cloudfront.net/images/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx2eq2oh924g4.cloudfront.net/images/icons/pinterest.svg
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:ba00:12:b144:100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
104a57ba8de66a8ad8437e014f6984c52c5d0a3aceafa9b681496cd72b87673e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 18:16:38 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 18:06:35 GMT
server
AmazonS3
age
484870
etag
W/"7eb84c7de644f101e355ebd256e14a7c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
cache-control
max-age=604801
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
ThABlNlk5w15E5_xKvbFPsYl678JrkvrbOnrxmQLmA4bQszGVbgVqw==
youtube-tv.svg
dx2eq2oh924g4.cloudfront.net/images/icons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx2eq2oh924g4.cloudfront.net/images/icons/youtube-tv.svg
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:ba00:12:b144:100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
abc78c6fbb3027dfe1f1c2973e6c9e7e145fa3acd6670b25495a864351b878ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 18:16:38 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 18:06:35 GMT
server
AmazonS3
age
484870
etag
W/"28bed9dca312364b79f7c62e2b08374b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
cache-control
max-age=604801
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
XW9bhiU8tihbtaA6qBHx_M4Fg_tu5B1cxZfrQ0WCxYrdI3aMz10VDQ==
snapchat.svg
dx2eq2oh924g4.cloudfront.net/images/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx2eq2oh924g4.cloudfront.net/images/icons/snapchat.svg
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:ba00:12:b144:100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
481cc82a8339459184525d58ddc6f98e6fd4c57da6861e89b5f59440a94502c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 18:15:53 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 18:06:35 GMT
server
AmazonS3
age
484915
etag
W/"bfc12b886350f98f48b09f6dfb8f8144"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
cache-control
max-age=604801
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
kMatkA1-T_cIa8_4GkDjn8D8b8z3lgXORr53GW_hD3iFYiQVqTIbXg==
linkedin.svg
dx2eq2oh924g4.cloudfront.net/images/icons/ 		636 B
1007 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx2eq2oh924g4.cloudfront.net/images/icons/linkedin.svg
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:ba00:12:b144:100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f16f5e7a39830113f7119db6ee715eec682e3c879cc0ae5aeab6d2204153a9a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 18:16:39 GMT
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
last-modified
Wed, 27 Jul 2022 18:06:34 GMT
server
AmazonS3
age
484869
etag
"a93daa155228edfd9002b35cd6938b38"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=604801
x-amz-cf-pop
FRA56-P7
accept-ranges
bytes
content-length
636
x-amz-cf-id
cs4s_RZYgZ9qGVQu11u7_HYCCeof6jrOH8MWNDfPjydMCXGE0lrgQQ==
stc-vendor.js
dx2eq2oh924g4.cloudfront.net/js/ 		702 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dx2eq2oh924g4.cloudfront.net/js/stc-vendor.js
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:ba00:12:b144:100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
792879d4c65903d7897bf78d2a59764ac8de25cf3839eecd46fcf2683e63fb2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 18:07:36 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 18:06:36 GMT
server
AmazonS3
age
485411
etag
W/"eb04c7507c96c89fad6405944c7788fa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
cache-control
max-age=604801
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
Q529jJp8hTr04hvw3D0pIu_kunTnO-Iu92OVBQ4FvTuCHtFH0vtdsA==
stc-analytics-data-layer.js
dx2eq2oh924g4.cloudfront.net/js/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dx2eq2oh924g4.cloudfront.net/js/stc-analytics-data-layer.js?t=2022-02-01
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:ba00:12:b144:100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
95e67a043338e5fe448dc282f41915dfe871dd491269b6f2d892a46fc7e661b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 18:15:51 GMT
content-encoding
gzip
last-modified
Tue, 08 Mar 2022 23:15:00 GMT
server
AmazonS3
age
484916
etag
W/"0bd6613e2a77c5a43d2af1f8db6f0406"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
cache-control
max-age=604801
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
XZgi_u8RrHGOGzy9w00WgFArrwc2M_w_IT3KWceqwc_OB2qhwwqBMQ==
stc-site-alerts.js
dx2eq2oh924g4.cloudfront.net/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dx2eq2oh924g4.cloudfront.net/js/stc-site-alerts.js
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:ba00:12:b144:100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f6d77e663b8b758cb24403ab8280ac7b8b3aa2aca0a7942caa12e054ddf123f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 18:07:36 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 18:06:36 GMT
server
AmazonS3
age
485411
etag
W/"a3b0f4d9dce09b206eac81107f325d87"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
cache-control
max-age=604801
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
euzCbFaij_nOyWQVNkkqo57c1X_P0dtBG3WNMePgF-kMtUnryClrvg==
stc-scripts.js
dx2eq2oh924g4.cloudfront.net/js/ 		65 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dx2eq2oh924g4.cloudfront.net/js/stc-scripts.js?cache=2020-03-10
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:ba00:12:b144:100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e22ddbf693707a0400596edaa835b46f10a9e0003e728205735af5d8ae881fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 18:07:36 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 18:06:36 GMT
server
AmazonS3
age
485411
etag
W/"7ff7c20bb483932b2f053d498a367bb0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
cache-control
max-age=604801
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
MELOYpKB-iuBdJiMjQYszHQTrdQiCBYVbmnsiC8Gs4GtNqNY8Tzs0A==
pay.js
pay.google.com/gp/p/js/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3b6f87e7eb7e27cb769f7552282850747393fd7d3d374ab20f28a3326d7280d0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gUwnDWnGh9JRzjzzud9pZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-gUwnDWnGh9JRzjzzud9pZw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-gUwnDWnGh9JRzjzzud9pZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-gUwnDWnGh9JRzjzzud9pZw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
expires
Tue, 09 Aug 2022 08:57:47 GMT
client.min.js
js.braintreegateway.com/web/3.39.0/js/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.braintreegateway.com/web/3.39.0/js/client.min.js
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-47.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
0b49e7b48486b30c382a49fc34a7385230a87130314260f19cb1899388bca34e
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-encoding
gzip
etag
W/"62ded20b-997f"
age
18429
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 25 Jul 2022 17:25:31 GMT
server
nginx
date
Tue, 09 Aug 2022 03:53:32 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
GkWaKxKe1H9_K3Y_7qZiGF8KuEjeTc4yY5YQX40AEV1v_iVfF2sDTQ==
expires
Wed, 10 Aug 2022 03:50:38 GMT
apple-pay.min.js
js.braintreegateway.com/web/3.39.0/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.braintreegateway.com/web/3.39.0/js/apple-pay.min.js
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-47.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
a438afb23db5e904944da9621089e8314f86ae094f9a6f03b45caa66dbb120d7
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-encoding
gzip
etag
W/"62ded20b-3d47"
age
2714
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 25 Jul 2022 17:25:31 GMT
server
nginx
date
Tue, 09 Aug 2022 08:12:33 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
ATepyuSwEWi5qPc9erzFcFmMK-r44HbOG8o5ACbAadZ2qj8EQslttQ==
expires
Wed, 10 Aug 2022 08:12:33 GMT
venmo.min.js
js.braintreegateway.com/web/3.39.0/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.braintreegateway.com/web/3.39.0/js/venmo.min.js
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-47.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
0c8fba41f9e22f09c18be06b7269e43763908093cd19c25c0a015605935b2105
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-encoding
gzip
etag
W/"62ded20b-511e"
age
4505
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 25 Jul 2022 17:25:31 GMT
server
nginx
date
Tue, 09 Aug 2022 07:59:07 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
4zcSysFB3dH2-IjKLzXHkHwOGQzMAPGsdFX9hcdtEPRtQkJJ9EAiMA==
expires
Wed, 10 Aug 2022 07:42:42 GMT
google-payment.min.js
js.braintreegateway.com/web/3.39.0/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.braintreegateway.com/web/3.39.0/js/google-payment.min.js
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-47.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
b79c0b6d5fabf21da5599b0daf8ba491014004cdfe7dcb8df6ee43a26b836694
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-encoding
gzip
etag
W/"62ded20b-3a9d"
age
813
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 25 Jul 2022 17:25:31 GMT
server
nginx
date
Tue, 09 Aug 2022 08:44:14 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
k8E7LJqSJfpS3HRRK6G42l2ekinW6oIbDIEEiMpmegDfwTHQZnPiOA==
expires
Wed, 10 Aug 2022 08:44:14 GMT
data-collector.min.js
js.braintreegateway.com/web/3.39.0/js/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.braintreegateway.com/web/3.39.0/js/data-collector.min.js
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-47.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
5befd2a54e625956c71b77a339666c25fea1a34c017fd6e711b8bf1e3d7d4ece
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-encoding
gzip
etag
W/"62ded20b-6a23"
age
13683
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 25 Jul 2022 17:25:31 GMT
server
nginx
date
Tue, 09 Aug 2022 05:11:48 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
qnZf2JBREwudEncgVX3YAYkQoSqIy1eubB3R0pvgoyVqkAq5WfyyTw==
expires
Wed, 10 Aug 2022 05:09:44 GMT
stc-braintree-donation.js
dx2eq2oh924g4.cloudfront.net/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dx2eq2oh924g4.cloudfront.net/js/stc-braintree-donation.js
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:ba00:12:b144:100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0110d344f5e1d7a9a55ade4a01c6da8bd4070596d4c8ade3d89d48f4ab1cf21d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 18:16:42 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 18:06:36 GMT
server
AmazonS3
age
484866
etag
W/"cf4190bdd964077b1b60d322bf779634"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
cache-control
max-age=604801
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
HASbj3uuUMGWh_ZzMH7hT0_X3tfsdfqPojUMzUQiH9xgFjqtwB4ehg==
stc-donation.js
dx2eq2oh924g4.cloudfront.net/js/ 		62 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dx2eq2oh924g4.cloudfront.net/js/stc-donation.js?cache=2022-06-28
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:ba00:12:b144:100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40e392722e30aedecabeb46084f9dca410da4fa533b0c8b8d872cf99a729b8a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 18:16:35 GMT
content-encoding
gzip
last-modified
Wed, 27 Jul 2022 18:06:36 GMT
server
AmazonS3
age
484872
etag
W/"e50d8cef5b2ed91e5c252226e0a33055"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
cache-control
max-age=604801
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
G_fxsm4cubd-v0NwP5YgPWsWOxTd4wYWQmaqTDGPCA4aXJqCYKD2kA==
1.js
cdn.ywxi.net/js/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ywxi.net/js/1.js
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:ca00:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
ee01d40bfdd77aba5652b3ff93095712b618a6a2cc2637828bd875979cfe9cb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:50:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
463
content-security-policy-report-only
report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
x-cache
Hit from cloudfront
content-length
4567
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
referrer-policy
strict-origin-when-cross-origin
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
zzn2ukya12qn00s5k-9Z1sbvPmeeAMkBLw4aod4gRW6gnqYjTHu1yw==
expires
Tue, 09 Aug 2022 09:50:04 GMT
bundle.min.js
browser.sentry-cdn.com/6.19.2/ 		63 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/6.19.2/bundle.min.js
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
04a798f1de48c8e912b858a70fde58dbd12a9c1181d695709c2b27f25bb09a7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://support.savethechildren.org/
Origin
https://support.savethechildren.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
gzip
last-modified
Wed, 23 Mar 2022 19:36:25 GMT
server
Fastly
age
330855
etag
"f28e77b8098982ba99e035d45121555f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
20331
expires
Sat, 05 Aug 2023 13:03:32 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=6B0E659F56A9E70D7F000101%40AdobeOrg&d_nsid=0&ts=1660035467043
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=6B0E659F56A9E70D7F000101%40AdobeOrg&d_nsid=0&ts=1660035467043
362 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=6B0E659F56A9E70D7F000101%40AdobeOrg&d_nsid=0&ts=1660035467043
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Server
52.51.11.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-11-49.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f4b2b05a03ddf0db5b732abb146fbf59882c47b4c7c4b4696efadf6a176db653
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v038-03fc651d6.edge-irl1.demdex.com 6 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
ZjrLc6/JRfM=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://support.savethechildren.org
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
305
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v038-019009321.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://support.savethechildren.org
X-TID
g6o5FHh/S+I=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=6B0E659F56A9E70D7F000101%40AdobeOrg&d_nsid=0&ts=1660035467043
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js?t=2022-03-08
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 16:35:31 GMT
server
AkamaiNetStorage
etag
"d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://support.savethechildren.org
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12163
expires
Tue, 09 Aug 2022 09:57:47 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js?t=2022-03-08
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 16:35:31 GMT
server
AkamaiNetStorage
etag
"2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://support.savethechildren.org
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1597
expires
Tue, 09 Aug 2022 09:57:47 GMT
di.js
cdn.decibelinsight.net/i/13874/253647/ 		192 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.decibelinsight.net/i/13874/253647/di.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js?t=2022-03-08
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-116.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
929202b357da34f1988ff49fd76e1615f5ed381a2ecb6d4d0ae76eeef527a830
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
FRA56-P7
etag
W/000061040-18262831241
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
via
1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
cache-control
private, max-age=5400
access-control-allow-credentials
true
x-cache
Hit from cloudfront
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override
x-amz-cf-id
7UyW3DIDR0XBB0GvjSLEKY0EI4Y27HFzxUFQuolA_QN-T20uE6kPSg==
gtm.js
www.googletagmanager.com/ 		272 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MFG5K96
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
059528a26553e67b582045dac00b9e76675170cbb703d847c4be185545648e73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84523
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 Aug 2022 08:57:47 GMT
enter.svg
dx2eq2oh924g4.cloudfront.net/images/icons/ 		696 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx2eq2oh924g4.cloudfront.net/images/icons/enter.svg
Requested by
Host: dx2eq2oh924g4.cloudfront.net
URL: https://dx2eq2oh924g4.cloudfront.net/css/stc-styles.css?cache=2022-06-28-13-10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:ba00:12:b144:100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17423a3fc16f9d010a773780b8f21b45ab58580afc0118bb8bcd6a96b1cd5f8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dx2eq2oh924g4.cloudfront.net/css/stc-styles.css?cache=2022-06-28-13-10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 18:54:43 GMT
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
last-modified
Wed, 27 Jul 2022 18:06:34 GMT
server
AmazonS3
age
482585
etag
"588e481c2fbb2c2387f62e208dd4f685"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=604801
x-amz-cf-pop
FRA56-P7
accept-ranges
bytes
content-length
696
x-amz-cf-id
PyNd-6-Fe3yJ1hHB_Ci9hySEEsF1-ZyzheGpSIYljvdx_pZuqnq0rA==
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v20/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: dx2eq2oh924g4.cloudfront.net
URL: https://dx2eq2oh924g4.cloudfront.net/css/stc-styles.css?cache=2022-06-28-13-10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dx2eq2oh924g4.cloudfront.net/
Origin
https://support.savethechildren.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 11:19:39 GMT
x-content-type-options
nosniff
age
596288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14176
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 02 Aug 2023 11:19:39 GMT
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v20/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: dx2eq2oh924g4.cloudfront.net
URL: https://dx2eq2oh924g4.cloudfront.net/css/stc-styles.css?cache=2022-06-28-13-10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dx2eq2oh924g4.cloudfront.net/
Origin
https://support.savethechildren.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 15:48:36 GMT
x-content-type-options
nosniff
age
493751
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14044
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:07 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 03 Aug 2023 15:48:36 GMT
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYjMdZwl.woff2
fonts.gstatic.com/s/oswald/v40/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v40/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYjMdZwl.woff2
Requested by
Host: dx2eq2oh924g4.cloudfront.net
URL: https://dx2eq2oh924g4.cloudfront.net/css/stc-styles.css?cache=2022-06-28-13-10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29ebdbb570753623b8ed9a6d19f4c79fb42b2481c21cb4141eb055b7d177e79a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dx2eq2oh924g4.cloudfront.net/
Origin
https://support.savethechildren.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 14:14:34 GMT
x-content-type-options
nosniff
age
585793
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17720
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:17:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Aug 2023 14:14:34 GMT
loader-min.js
support.savethechildren.org/yui3/loader/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://support.savethechildren.org/yui3/loader/loader-min.js
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/yui3/yui/yui-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
aa095c1b39b9a80b9847de7118da49affeeed83f3ef5d154759d0ee9471392a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:47 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 May 2010 16:44:29 GMT
Server
Apache
ETag
"3c99-487aa3880d540"
ntCoent-Length
15513
Content-Type
application/x-javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=87
Content-Length
5337
truncated
/ 		187 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4bb29fc16bdac8b50ea87d923f8df87d7459e533afe6871dcc33c039787e5271

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
DonationForm_Right_CH1356084.png
support.savethechildren.org/images/content/pagebuilder/ 		735 KB
735 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://support.savethechildren.org/images/content/pagebuilder/DonationForm_Right_CH1356084.png
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
c2db1040f8bd8f01e730405e5e71407930a4f95b3823e0ef1b2fedaa033fb2bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:47 GMT
Last-Modified
Fri, 29 Jul 2022 15:12:59 GMT
Server
Apache
ETag
"b7c6e-5e4f315e69850"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=385
Content-Length
752750
S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
fonts.gstatic.com/s/lato/v20/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
Requested by
Host: dx2eq2oh924g4.cloudfront.net
URL: https://dx2eq2oh924g4.cloudfront.net/css/stc-styles.css?cache=2022-06-28-13-10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dx2eq2oh924g4.cloudfront.net/
Origin
https://support.savethechildren.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 20:59:45 GMT
x-content-type-options
nosniff
age
475082
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14864
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:08 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 03 Aug 2023 20:59:45 GMT
payframe
pay.google.com/gp/p/ui/ Frame 1DDC 		18 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsupport.savethechildren.org&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c321de5065295ed763d5a8cc53ca6894a860faa6bde5a5fb18a50dbca55b180
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-n1Z7Npox0TN73TopBeNSxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-n1Z7Npox0TN73TopBeNSxA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://support.savethechildren.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-n1Z7Npox0TN73TopBeNSxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-n1Z7Npox0TN73TopBeNSxA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Tue, 09 Aug 2022 08:57:47 GMT
expires
Tue, 09 Aug 2022 08:57:47 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame AC1D 		627 B
692 B 		Document
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:886::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

Request headers

Referer
https://support.savethechildren.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=31535935
content-encoding
gzip
content-length
392
content-type
text/html
date
Tue, 09 Aug 2022 08:57:47 GMT
etag
"3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires
Wed, 09 Aug 2023 08:56:42 GMT
last-modified
Mon, 04 Apr 2022 07:23:49 GMT
server
AkamaiNetStorage
server-timing
cdn-cache; desc=HIT edge; dur=1
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,1
cc.js
consent.cookiebot.com/398fa4c9-90ea-4dbe-b61c-52e460fbedac/ 		239 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/398fa4c9-90ea-4dbe-b61c-52e460fbedac/cc.js?renew=false&referer=support.savethechildren.org&dnt=false&init=false
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:6785 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ccc4874859206649591607f32661c7969b0b33f17c7f5070c2bbd0de80b8db2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
private, max-age=1
content-length
56992
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
/
o69911.ingest.sentry.io/api/149624/envelope/ 		2 B
285 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o69911.ingest.sentry.io/api/149624/envelope/?sentry_key=fb2348d581ce4ac5b42a4abf41ab4208&sentry_version=7
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.2/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://support.savethechildren.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://support.savethechildren.org
access-control-expose-headers
x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
apple-pay-payment-mark.png
support.savethechildren.org/wrpr/images/logos/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://support.savethechildren.org/wrpr/images/logos/apple-pay-payment-mark.png
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
f845e4b8f5eebbe74c9b3c8cb4665d14067e530550e61ae72ebf4340296e1733

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:47 GMT
Last-Modified
Tue, 16 Jan 2018 16:39:19 GMT
Server
Apache
ETag
"c54-562e75f4d1690"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=425
Content-Length
3156
venmo-logo.svg
support.savethechildren.org/wrpr/images/logos/ 		531 B
805 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://support.savethechildren.org/wrpr/images/logos/venmo-logo.svg
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
df02d55d020c8804a1ecff3c85906ce4d599185870883d064381f165911ef52f

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:47 GMT
Last-Modified
Fri, 06 Oct 2017 01:16:54 GMT
Server
Apache
ETag
"213-55ad698a744c7"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=452
Content-Length
531
google-pay-box-logo.png
support.savethechildren.org/wrpr/images/logos/ 		11 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://support.savethechildren.org/wrpr/images/logos/google-pay-box-logo.png
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
f462ed01cdd9b02dcbda81b4cd1ac332b715a4048d554517ef6c17d81c43ad1a

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:47 GMT
Last-Modified
Wed, 05 Dec 2018 21:18:42 GMT
Server
Apache
ETag
"2a5c-57c4ced38079f"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=499
Content-Length
10844
apple-pay-donate.png
support.savethechildren.org/wrpr/images/logos/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://support.savethechildren.org/wrpr/images/logos/apple-pay-donate.png
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
4cf635e0a393b85f4efd07b3a00b8c092329ffb42dcef45b0d99dca88efb7ac5

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:47 GMT
Last-Modified
Tue, 16 Jan 2018 17:10:11 GMT
Server
Apache
ETag
"e30-562e7cdb3999b"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=3
Content-Length
3632
google-pay-logo.svg
support.savethechildren.org/wrpr/images/logos/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://support.savethechildren.org/wrpr/images/logos/google-pay-logo.svg
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
dda558a93891b2c9f4da39839ae644f25ddaed59e93807a342eea812441e46e5

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:47 GMT
Last-Modified
Wed, 05 Dec 2018 22:13:33 GMT
Server
Apache
ETag
"66f-57c4db15f0843"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=378
Content-Length
1647
gettoken.php
files.savethechildren.org/braintree/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.savethechildren.org/braintree/gettoken.php?callback=jQuery22403524603241606401_1660035467133&_=1660035467134
Requested by
Host: dx2eq2oh924g4.cloudfront.net
URL: https://dx2eq2oh924g4.cloudfront.net/js/stc-vendor.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
208.113.174.133 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS
files.savethechildren.org
Software
Apache /
Resource Hash
873058adc8972c0463b4f9c3403eaaafe75e76a70e14c97423bd16f5ba3b8d35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
content-length
1369
expires
Thu, 19 Nov 1981 08:52:00 GMT
PixelServer
support.savethechildren.org/site/ 		43 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://support.savethechildren.org/site/PixelServer?t=undefined
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:47 GMT
Cache-Control
no-store
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=15, max=83
Content-Length
43
Content-Type
image/gif
question-circle.svg
support.savethechildren.org/wrpr/images/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://support.savethechildren.org/wrpr/images/icons/question-circle.svg
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
bb365468028d285187c7eebd9d9f5f55d2f27b0f3512c21601decb7d47e9cf31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:47 GMT
Last-Modified
Tue, 02 Nov 2021 02:27:04 GMT
Server
Apache
ETag
"7f9-5cfc50777202f"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=183
Content-Length
2041
dest5.html
stc.demdex.net/ Frame 99FE 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stc.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js?t=2022-03-08
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.150.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-150-117.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://support.savethechildren.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-1-v038-0d17c4202.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
JhMmp4pIRpw=
content-encoding
gzip
date
Tue, 9 Aug 2022 08:57:47 GMT
last-modified
Wed, 3 Aug 2022 11:53:45 GMT
vary
accept-encoding
id
smetrics.savethechildren.org/ 		48 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.savethechildren.org/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=6B0E659F56A9E70D7F000101%40AdobeOrg&mid=28479789434087277423321183972064477247&ts=1660035467330
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.2/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
c7b6bd7db7079b3108c37481b6bf1b01c05ab099723d7058d570c51288d7ef5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://support.savethechildren.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-69c8d8cc76-pttz4
vary
Origin
x-c
main-1661.I2f39db.M0-585
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://support.savethechildren.org
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YvIhiwAAAG2kWQOJ
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=28138524691330017423359110358507971215
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YvIhiwAAAG2kWQOJ
42 B
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YvIhiwAAAG2kWQOJ
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Server
52.51.11.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-11-49.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS
dcscanary-prod-irl1-1-v044-00dc34f34.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
GZP2oXkJRFY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YvIhiwAAAG2kWQOJ
Date
Tue, 09 Aug 2022 08:57:47 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
delivery
savethechildrenfeder.tt.omtrdc.net/rest/v1/ 		363 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://savethechildrenfeder.tt.omtrdc.net/rest/v1/delivery?client=savethechildrenfeder&sessionId=f8fee0e4ba194cde9dc97ac804ef1a38&version=2.9.0
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.2/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.84.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-84-199.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c8edc026a9aba67c65ca1faf10b38e66398f8bde92f7f60cd1a72d2c3625635b

Request headers

Referer
https://support.savethechildren.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://support.savethechildren.org
access-control-allow-credentials
true
timing-allow-origin
*
x-request-id
481441ec936707498899d968d3d0eec6
client.json
s3-us-west-2.amazonaws.com/mfesecure-public/host/support.savethechildren.org/ 		213 B
999 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-2.amazonaws.com/mfesecure-public/host/support.savethechildren.org/client.json?source=jsmain
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.241.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
72d7e0722e1c2197a307be6b15a4d53baddaa07d63dce5f6225a9de527507862

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:49 GMT
Content-Encoding
gzip
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
TM66BHJ00WVG43NM
x-amz-replication-status
COMPLETED
Content-Length
176
x-amz-id-2
YHq53KfgBPAkQp3OfI8zFg3bwFKa9NDVIGBv5lKOADCLGEyGFnajegXRZPzxYH9qL37LBL2pGsw=
Last-Modified
Tue, 02 Aug 2022 07:53:12 GMT
Server
AmazonS3
ETag
"6c7aba4b8f4fe0a8e68e6423efed8b9e"
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, HEAD
x-amz-version-id
ZCicU5MxxuOVBNXyNAWyMSMpM9hNL1DZ
Access-Control-Allow-Origin
https://support.savethechildren.org
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Cache-Control
public, max-age=60
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Type
application/json
client.json
s3-us-west-2.amazonaws.com/mfesecure-public/host/support.savethechildren.org/ 		213 B
999 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-2.amazonaws.com/mfesecure-public/host/support.savethechildren.org/client.json?source=jsinline
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.241.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
72d7e0722e1c2197a307be6b15a4d53baddaa07d63dce5f6225a9de527507862

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:49 GMT
Content-Encoding
gzip
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
TM65NXJCCJPP35SY
x-amz-replication-status
COMPLETED
Content-Length
176
x-amz-id-2
5FounIjEXSkkeAHY6U3SmWJeyP5gJK43qyyq1s07/EqPz9Hfb0POM75cQXoLvdK4neR86tdf2wk=
Last-Modified
Tue, 02 Aug 2022 07:53:12 GMT
Server
AmazonS3
ETag
"6c7aba4b8f4fe0a8e68e6423efed8b9e"
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, HEAD
x-amz-version-id
ZCicU5MxxuOVBNXyNAWyMSMpM9hNL1DZ
Access-Control-Allow-Origin
https://support.savethechildren.org
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Cache-Control
public, max-age=60
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Type
application/json
api.min.js
a.opmnstr.com/app/js/ 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.opmnstr.com/app/js/api.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFG5K96
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e01::883:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software
BunnyCDN-AMS-883 /
Resource Hash
2c308d399f0572b3e2c80622604dcf2e4417308049a1667fc27c1d4a18b0e769

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
br
cdn-edgestorageid
883
perma-cache
HIT
cdn-storageserver
DE-164
cdn-cachedat
08/05/2022 15:42:26
cdn-pullzone
293267
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
server
BunnyCDN-AMS-883
access-control-allow-origin
*
last-modified
Fri, 05 Aug 2022 15:40:42 GMT
cdn-proxyver
1.02
cdn-fileserver
405
etag
W/"62ed39fa-30fcf"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
ec6081e0873db751d965f24c926088ab
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
truncated
/ 		973 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 1DDC 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsupport.savethechildren.org&mid=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1608
content-type
text/html; charset=UTF-8
m=_b,_tp,_r
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.t2yCsQr-p30.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfri... Frame 1DDC 		153 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.t2yCsQr-p30.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfri9BECss7C3xaom0FunLPKNzP9mBQ/m=_b,_tp,_r
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsupport.savethechildren.org&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ef0b374e788cf021877ea0158526a25b035fb112a5404a55768cb563ad05d45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 16:23:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59629
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54885
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 10:25:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Aug 2023 16:23:58 GMT
id
dpm.demdex.net/ 		362 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=6B0E659F56A9E70D7F000101%40AdobeOrg&d_nsid=0&d_mid=28479789434087277423321183972064477247&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=userid%0128479789434087277423321183972064477247&ts=1660035467547
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.11.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-11-49.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0cb55bfdaefc1c61db83febcd4f03faa2a6e4b859bad56142ef8996b11a31f52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://support.savethechildren.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v038-03e3bd466.edge-irl1.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Error
300
X-TID
4dZ3CkUeRs4=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://support.savethechildren.org
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
305
Expires
Thu, 01 Jan 1970 00:00:00 UTC
RCf79fc1038c2a4b72bdfd02defa7e8cbc-source.min.js
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/3e5bac3e378b/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/3e5bac3e378b/RCf79fc1038c2a4b72bdfd02defa7e8cbc-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js?t=2022-03-08
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
21b2d1f982899583a1cf29dad48ce276cbe44838051e4bb373a6813d15fde88d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 14:27:31 GMT
server
AkamaiNetStorage
etag
"792e99dba62b4eb519e76a9fe417022c:1658759251.1192"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://support.savethechildren.org
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
1078
expires
Tue, 09 Aug 2022 09:57:47 GMT
RCa0df4cd8b88d4571ba669bc769fb3c9c-source.min.js
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/3e5bac3e378b/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/3e5bac3e378b/RCa0df4cd8b88d4571ba669bc769fb3c9c-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js?t=2022-03-08
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c435781231782d13145522b494623de0b6b8037ccfcc5f6f605b85ace8223f15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 14:27:31 GMT
server
AkamaiNetStorage
etag
"792e99dba62b4eb519e76a9fe417022c:1658759251.1192"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://support.savethechildren.org
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
1195
expires
Tue, 09 Aug 2022 09:57:47 GMT
RC890fe151cf724ae6ab6953052f02d8be-source.min.js
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/3e5bac3e378b/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/3e5bac3e378b/RC890fe151cf724ae6ab6953052f02d8be-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js?t=2022-03-08
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9a6db81127dceb32c40c1d5a1a328bef9e126a6bbe573a0ced1648ab6cdc578c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 14:27:31 GMT
server
AkamaiNetStorage
etag
"792e99dba62b4eb519e76a9fe417022c:1658759251.1192"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://support.savethechildren.org
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
837
expires
Tue, 09 Aug 2022 09:57:47 GMT
RCb36da39812024952b27cbb37fe487ff2-source.min.js
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/3e5bac3e378b/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/3e5bac3e378b/RCb36da39812024952b27cbb37fe487ff2-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js?t=2022-03-08
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
896312e222613bf6e4f12824e6d088838a10fa107a8124f38f419dcdf7a44e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 14:27:31 GMT
server
AkamaiNetStorage
etag
"792e99dba62b4eb519e76a9fe417022c:1658759251.1192"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://support.savethechildren.org
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
1464
expires
Tue, 09 Aug 2022 09:57:47 GMT
RC85e990005f5d4576a8167cf1a1a6c1b4-source.min.js
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/3e5bac3e378b/ 		2 KB
981 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/3e5bac3e378b/RC85e990005f5d4576a8167cf1a1a6c1b4-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js?t=2022-03-08
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
91ccf2606796c7906790d2db7fac7984a84882a6d05c8ef0b6914aa5e8391cf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 14:27:31 GMT
server
AkamaiNetStorage
etag
"792e99dba62b4eb519e76a9fe417022c:1658759251.1192"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://support.savethechildren.org
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
710
expires
Tue, 09 Aug 2022 09:57:47 GMT
RCfc1bafc7dd23416bbee79cc22c704e2f-source.min.js
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/3e5bac3e378b/ 		1 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/3e5bac3e378b/RCfc1bafc7dd23416bbee79cc22c704e2f-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js?t=2022-03-08
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
529e2c135c9479f5ccddc5e644f4d6f1b1a693b02c5945b71aa62d25576858a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 14:27:31 GMT
server
AkamaiNetStorage
etag
"792e99dba62b4eb519e76a9fe417022c:1658759251.1192"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://support.savethechildren.org
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
632
expires
Tue, 09 Aug 2022 09:57:47 GMT
RCfe755607805f45a9963b2842bf07d903-source.min.js
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/3e5bac3e378b/ 		781 B
718 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/3e5bac3e378b/RCfe755607805f45a9963b2842bf07d903-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js?t=2022-03-08
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e12aaa2a4b986fa17c07ce4c0cd32b980694871255337c90e1738aa29e9095fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 14:27:31 GMT
server
AkamaiNetStorage
etag
"792e99dba62b4eb519e76a9fe417022c:1658759251.1192"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://support.savethechildren.org
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
446
expires
Tue, 09 Aug 2022 09:57:47 GMT
activityi;dc_pre=CPb-9YKyufkCFUOvmgod2swCMQ;cat=sitew0;ord=3174651261890.6885;src=10657097;type=sitew0
10657097.fls.doubleclick.net/ Frame BC0B
Redirect Chain
  • https://10657097.fls.doubleclick.net/activityi;cat=sitew0;ord=3174651261890.6885;src=10657097;type=sitew0?
  • https://10657097.fls.doubleclick.net/activityi;dc_pre=CPb-9YKyufkCFUOvmgod2swCMQ;cat=sitew0;ord=3174651261890.6885;src=10657097;type=sitew0?
450 B
375 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10657097.fls.doubleclick.net/activityi;dc_pre=CPb-9YKyufkCFUOvmgod2swCMQ;cat=sitew0;ord=3174651261890.6885;src=10657097;type=sitew0?
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js?t=2022-03-08
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
e9f3a360c72a78979068996976210eef43a7e3b565fd19fc22cd2821ca08cd2c
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://support.savethechildren.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
350
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 08:57:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 08:57:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10657097.fls.doubleclick.net/activityi;dc_pre=CPb-9YKyufkCFUOvmgod2swCMQ;cat=sitew0;ord=3174651261890.6885;src=10657097;type=sitew0?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
RC29e9ca088d454b16a61689b7b7827234-source.min.js
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/3e5bac3e378b/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/3e5bac3e378b/RC29e9ca088d454b16a61689b7b7827234-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js?t=2022-03-08
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
93237d914c1b6b30af773ec1a9abb50d3d13da2c963c40a7d808ac184e2a0df8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 14:27:31 GMT
server
AkamaiNetStorage
etag
"792e99dba62b4eb519e76a9fe417022c:1658759251.1192"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://support.savethechildren.org
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
781
expires
Tue, 09 Aug 2022 09:57:47 GMT
RC543a5c6ce5a74ab5951bb5d2f65f9cdf-source.min.js
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/3e5bac3e378b/ 		947 B
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/3e5bac3e378b/RC543a5c6ce5a74ab5951bb5d2f65f9cdf-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js?t=2022-03-08
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5f6b21d3884b4496c158b1defe06fb0ccc4b637890a2bb47089b7dc01213a32c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 14:27:31 GMT
server
AkamaiNetStorage
etag
"792e99dba62b4eb519e76a9fe417022c:1658759251.1192"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://support.savethechildren.org
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
515
expires
Tue, 09 Aug 2022 09:57:47 GMT
RC70221449d05c4c009c1482b20cbbc153-source.min.js
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/3e5bac3e378b/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/3e5bac3e378b/RC70221449d05c4c009c1482b20cbbc153-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js?t=2022-03-08
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
fd1c1a2397b23ce32007294e78aeac9d9299c5fb39596bf6b0b5a2077c318e14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 14:27:31 GMT
server
AkamaiNetStorage
etag
"792e99dba62b4eb519e76a9fe417022c:1658759251.1192"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://support.savethechildren.org
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
812
expires
Tue, 09 Aug 2022 09:57:47 GMT
RCeacb79e41c2e4edbaefa7f3947ba2208-source.min.js
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/3e5bac3e378b/ 		1 KB
872 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/3e5bac3e378b/RCeacb79e41c2e4edbaefa7f3947ba2208-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js?t=2022-03-08
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
546c75b744febdb538ada85219ae6764193b442ce1bbaa4a3594182e85f7911c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 14:27:31 GMT
server
AkamaiNetStorage
etag
"792e99dba62b4eb519e76a9fe417022c:1658759251.1192"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://support.savethechildren.org
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
601
expires
Tue, 09 Aug 2022 09:57:47 GMT
RCe1e1b434f35b4ae6b2e3062f395d32e0-source.min.js
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/3e5bac3e378b/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/3e5bac3e378b/RCe1e1b434f35b4ae6b2e3062f395d32e0-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js?t=2022-03-08
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4cc71a038b77c6edee0568cc4d0d99e867b5fb334b34784a4df3add33756043d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 14:27:31 GMT
server
AkamaiNetStorage
etag
"792e99dba62b4eb519e76a9fe417022c:1658759251.1192"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://support.savethechildren.org
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
1020
expires
Tue, 09 Aug 2022 09:57:47 GMT
RC6f334b10b26f458fb9594f438b46577a-source.min.js
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/3e5bac3e378b/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/3e5bac3e378b/RC6f334b10b26f458fb9594f438b46577a-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js?t=2022-03-08
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ac5715344c53f972acf9f9786a383da5fd78b0a8f12e695522d399716203eab2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 14:27:31 GMT
server
AkamaiNetStorage
etag
"792e99dba62b4eb519e76a9fe417022c:1658759251.1192"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://support.savethechildren.org
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
1059
expires
Tue, 09 Aug 2022 09:57:47 GMT
fbevents.js
connect.facebook.net/en_US/ 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js?t=2022-03-08
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e75555ca161f289d4830a84a1856b37a9cb0077f78af600fb47c67c135baa8fd
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26506
x-xss-protection
0
pragma
public
x-fb-debug
to5JWsgBfqbRzPeMemBQZL+Lw7xF/vh/6fiN4hTn3Fz3rdjOSzYyOs0AifT/zobOXP2sADskdTtahcJn78U0TQ==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Tue, 09 Aug 2022 08:57:47 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ld.js
static.criteo.net/js/ld/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js?t=2022-03-08
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0e937847c7e07ed15db23b99d02385f8a76a534837159ec603319dab64a5a9ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
gzip
last-modified
Wed, 29 Jun 2022 07:49:23 GMT
server
nginx
etag
W/"62bc0403-a792"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 10 Aug 2022 08:57:47 GMT
savethechildren.js
d1n00d49gkbray.cloudfront.net/js/ 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1n00d49gkbray.cloudfront.net/js/savethechildren.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js?t=2022-03-08
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:dc00:9:7c30:be80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd674f0b8199125dfd7034a04f0ce6c54340f94ed822090b118e15a93dfb9986

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
RGH6edrCYNdTDp1Jr7x.Fr0QILIUPOje
content-encoding
gzip
etag
W/"86e44efde64d32462e156f24206aa5b2"
last-modified
Wed, 29 Jun 2022 15:02:27 GMT
server
AmazonS3
age
19555
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
date
Tue, 09 Aug 2022 03:37:21 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
55719JnsPNnFy3uoAMGqa-lyVSqlhCCJ23l2xlYmohwDQcAfnhsRpw==
iu3
s.amazon-adsystem.com/ Frame 9FE4
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7b5e267f-6cf6-c436-4330-cc79e3ea1453%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.savethechildren.org/&ex-hargs=v%3D1.0%3Bc%3D253...
  • https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7b5e267f-6cf6-c436-4330-cc79e3ea1453%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.savethechildren.org/&ex-hargs=v%3D1.0%3Bc%3D253...
1008 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7b5e267f-6cf6-c436-4330-cc79e3ea1453%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.savethechildren.org/&ex-hargs=v%3D1.0%3Bc%3D2536428905417%3Bp%3D7B5E267F-6CF6-C436-4330-CC79E3EA1453&cb=32715478396665664&dcc=t
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
0436a20374fdff49c82c70f65ef3663336c6f3405cc02e16e7a0252b4e2dbb07
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://support.savethechildren.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1008
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 09 Aug 2022 08:57:48 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
T05F37E6MPX457HT56AF

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 09 Aug 2022 08:57:47 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7b5e267f-6cf6-c436-4330-cc79e3ea1453%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.savethechildren.org/&ex-hargs=v%3D1.0%3Bc%3D2536428905417%3Bp%3D7B5E267F-6CF6-C436-4330-CC79E3EA1453&cb=32715478396665664&dcc=t
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
EFY8FTAS7WB31ZBH2C48
everflow.js
www.dgtrx.com/scripts/sdk/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dgtrx.com/scripts/sdk/everflow.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js?t=2022-03-08
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.238 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
238.72.98.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5b9c72f61918d403ff3b4847600ecf00a4d01eef3f0e0f85ccf357920514e533

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
text/javascript
content-encoding
gzip
cache-control
max-age=14400
x-eflow-request-id
2acbe89d-b3c4-4afe-9655-f9c2c227f88e
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel.js
a.tribalfusion.com/pixel/tags/Save%20the%20Children/791263/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/pixel/tags/Save%20the%20Children/791263/pixel.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js?t=2022-03-08
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b986d774c858e94ecb4cd87d7a43e08cbdde1b0896e047f52c0ad07ffa6be4ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2002
x-function
151
last-modified
Fri, 13 Aug 2021 06:35:37 GMT
server
cloudflare
x-reuse-index
480
etag
14094569274683928320
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600, private
cf-ray
737f49493bbe6945-FRA
expires
Tue, 09 Aug 2022 09:57:47 GMT
visitor.js
app.leadsrx.com/ 		18 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.leadsrx.com/visitor.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js?t=2022-03-08
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.41.199.196 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-199-196.us-west-2.compute.amazonaws.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
6b5116bd2cb4809c6634b99a9b1ea0a0aeda596a94817682a0e4811e35eccc58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:48 GMT
last-modified
Tue, 09 Aug 2022 04:32:20 GMT
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
accept-ranges
bytes
etag
"492f-5e5c76b0f0fe5"
content-length
18735
content-type
application/javascript
container.js
tags.wdsvc.net/
Redirect Chain
  • https://tags.wdsvc.net/controller.js?id=100229
  • https://tags.wdsvc.net/container.js?id=100229&v=4.00&t=1660035467963
27 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.wdsvc.net/container.js?id=100229&v=4.00&t=1660035467963
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Server
52.55.9.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-9-32.compute-1.amazonaws.com
Software
/
Resource Hash
e2a8a1ea72672dbf4bffbdb52c167dc5041297d7349a69782d767094aaad3e82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:48 GMT
Content-Type
text/javascript
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Content-length
27242
Expires
Mon, 3 Jan 2005 13:00:00 GMT

Redirect headers

location
https://tags.wdsvc.net/container.js?id=100229&v=4.00&t=1660035467963
Date
Tue, 09 Aug 2022 08:57:47 GMT
Cache-Control
private, no-cache
Connection
keep-alive
Keep-Alive
timeout=5
Transfer-Encoding
chunked
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js?t=2022-03-08
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-15-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 07:27:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
5446
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-P7
X-Amz-Cf-Id
sKLKYeD0xEDHwe8YEJQD-gmNUhQKFfseAm_y8sT1FZ4I2psrWDyU1w==
spx
dx.mountain.com/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dx.mountain.com/spx?dxver=4.0.0&shaid=32293&tdr=&plh=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822&cb=36590385649221530&term=value
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js?t=2022-03-08
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.69.255.140 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-255-140.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
8ba6e14ffb975812ae9f1c3c10f192a9fdb8c0a91f6580120e6bbafadde2ad13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:48 GMT
content-encoding
gzip
connection
close
content-type
application/javascript;charset=utf-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
expires
Thu, 01 Jan 1970 00:00:00 GMT
m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.t2yCsQr-p30.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.W40... Frame 1DDC 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.t2yCsQr-p30.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.W40dIAOFshM.L.B1.O/am=B4A/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgIhV4VPYbAupuSKNiSjPmY9xb1ig/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.t2yCsQr-p30.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfri9BECss7C3xaom0FunLPKNzP9mBQ/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ced71e74eb97964171b44922ce51a1614c36a8aebc19a36617c47765e50cd2d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 17:06:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57100
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28790
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 01:24:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Aug 2023 17:06:07 GMT
js
www.googletagmanager.com/gtag/ 		105 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-11620455
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js?t=2022-03-08
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1fbf42d1b22606f9fae41a9532aea2294de767da24ecb2e9db3de3a2427e082b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41643
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 Aug 2022 08:57:47 GMT
TC-4134-1.gif
pt.ispot.tv/v2/ 		43 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pt.ispot.tv/v2/TC-4134-1.gif?app=web&type=visit
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:47 GMT
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
0
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js?t=2022-03-08
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
12dd3e968ced8f01649560da4cf975edff617d25ba4585dda428377529220da0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 17:32:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 05A25232E9884C6CBE4FF5874DC4C4F7 Ref B: FRAEDGE1214 Ref C: 2022-08-09T08:57:47Z
etag
"80a8697a8a2d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Tue, 09 Aug 2022 08:57:47 GMT
accept-ranges
bytes
content-length
11367
api.min.css
a.omappapi.com/app/js/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/api.min.css
Requested by
Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e01::883:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software
BunnyCDN-AMS-883 /
Resource Hash
4b99a75a42582fd22e780855dfb50880df624ce43988616f4b19dc7ba90f1250

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
br
cdn-edgestorageid
879
perma-cache
HIT
cdn-storageserver
DE-198
cdn-cachedat
08/05/2022 15:41:40
cdn-pullzone
293267
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
server
BunnyCDN-AMS-883
access-control-allow-origin
*
last-modified
Fri, 05 Aug 2022 15:40:30 GMT
cdn-proxyver
1.02
cdn-fileserver
404
etag
W/"62ed39ee-464c"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
acdcc4087fb880bbf3ebda90cd9eca4e
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
71376
api.omappapi.com/v2/embed/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.omappapi.com/v2/embed/71376?d=support.savethechildren.org
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.2/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-59.fra56.r.cloudfront.net
Software
Pagely Gateway/1.5.1 /
Resource Hash
5a9e1d4af47ee8ba35c573e2f3525fd114bd1d512f3b191e807c583b9a0e60c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
gzip
x-cache-config
0 0
x-amz-cf-pop
FRA56-P5
x-cache-status
HIT
x-cache
Miss from cloudfront
access-control-allow-headers
X-CSRF-Token
x-optinmonster-account
80223
x-user-agent
standard--
last-modified
Thu, 19 Aug 2021 16:16:48 GMT
server
Pagely Gateway/1.5.1
etag
W/"603edebe0227f08d179d982c63e36159"
vary
Accept-Encoding, User-Agent
content-type
application/json
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
access-control-expose-headers
X-OptinMonster-Account, X-User-Agent
cache-control
public, max-age=30, stale-while-revalidate=1800
access-control-allow-origin
*
x-amz-cf-id
snz_oDWPpWnkr8pDRBuCqbCM1QEXDo5tek0bsz4pib6wvZn3s5ovwA==
expires
Tue, 09 Aug 2022 08:42:52 GMT
s67857668306322
smetrics.savethechildren.org/b/ss/stcf.prod.us/5.1/JS-2.22.4-LCUM/ 		43 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.savethechildren.org/b/ss/stcf.prod.us/5.1/JS-2.22.4-LCUM/s67857668306322
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.2/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://support.savethechildren.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
x-content-type-options
nosniff
x-c
main-1661.I2f39db.M0-585
p3p
CP="This is not a P3P policy"
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 10 Aug 2022 08:57:47 GMT
server
jag
xserver
anedge-69c8d8cc76-447jq
etag
3564899021565034496-4619839237405002012
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
https://support.savethechildren.org
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
expires
Mon, 08 Aug 2022 08:57:47 GMT
s63106914543425
smetrics.savethechildren.org/b/ss/stcf.prod.us/5.1/JS-2.22.4-LCUM/ 		43 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.savethechildren.org/b/ss/stcf.prod.us/5.1/JS-2.22.4-LCUM/s63106914543425
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.2/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://support.savethechildren.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
x-content-type-options
nosniff
x-c
main-1661.I2f39db.M0-585
p3p
CP="This is not a P3P policy"
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 10 Aug 2022 08:57:47 GMT
server
jag
xserver
anedge-69c8d8cc76-l5km5
etag
3564899022583267328-4619697756888301499
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
https://support.savethechildren.org
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
expires
Mon, 08 Aug 2022 08:57:47 GMT
175734969458030
connect.facebook.net/signals/config/ 		295 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/175734969458030?v=2.9.73&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
63e22009e53a6fb18693088f8ac6bd2a8975cf92c534132f9132acc27f179c25
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
4sTXelGpOdrdpB+rLGFba+XBf7WbETQyG/bLVJIBA7/3134Xz7gEgBAo3UuVWdLUd3yGo1WPUzcjgzcPn/CJ/g==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 09 Aug 2022 08:57:47 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1660035467768
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ Frame 1DDC 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.t2yCsQr-p30.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.W40dIAOFshM.L.B1.O/am=B4A/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgIhV4VPYbAupuSKNiSjPmY9xb1ig/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6947
date
Tue, 09 Aug 2022 07:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 09 Aug 2022 09:02:00 GMT
pay
pay.google.com/gp/p/ui/ Frame 1DDC 		1 MB
352 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.t2yCsQr-p30.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfri9BECss7C3xaom0FunLPKNzP9mBQ/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1f98f081ddb399e374057d25fba8f7e9c272bf58b6d62c6d4c0e069af88be2a3
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce--LQcRDrdeoH2_FPkP94Eyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce--LQcRDrdeoH2_FPkP94Eyw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge
server
ESF
cross-origin-opener-policy
unsafe-none
date
Tue, 09 Aug 2022 08:57:47 GMT
x-frame-options
DENY
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce--LQcRDrdeoH2_FPkP94Eyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce--LQcRDrdeoH2_FPkP94Eyw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires
Tue, 09 Aug 2022 08:57:47 GMT
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-85748307-2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFG5K96
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
09923331599e977cd792a40c5d7366d449ac78d7e68e70b99c9226fa07c1dac0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41861
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 Aug 2022 08:57:47 GMT
js
www.googletagmanager.com/gtag/ 		174 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1069852215&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFG5K96
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f3bb97c786c64e84e11aa7326b0823ffb0504a870afbee1ed76d5e66cc0b2aae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63762
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 Aug 2022 08:57:47 GMT
logging.js
support.savethechildren.org/js/convio/ 		656 B
600 B 		Script
General
Check archive.org
Download Go to
Full URL
https://support.savethechildren.org/js/convio/logging.js
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/yui3/yui/yui-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
9949830afb880a5b2473a3638a93f29952c71695d3190e35af43e8b75c989607

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Cteonnt-Length
656
Date
Tue, 09 Aug 2022 08:57:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Feb 2013 18:22:03 GMT
Server
Apache
ETag
"290-4d4fe4946c8c0"
Content-Type
application/x-javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=407
Content-Length
239
syncframe
gum.criteo.com/ Frame 9762 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=support.savethechildren.org&origin=onetag&us_privacy=1---
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
507add04d1c6597d1eaca7599452be07bd58c4fca04d195808df2909d610d9e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://support.savethechildren.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6145
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 08:57:47 GMT
server-processing-duration-in-ticks
2277
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-85748307-2&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6947
date
Tue, 09 Aug 2022 07:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 09 Aug 2022 09:02:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1069852215&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15160
x-xss-protection
0
server
cafe
etag
9823212955285023900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 09 Aug 2022 08:57:47 GMT
json
api.omappapi.com/v3/geolocate/ 		559 B
966 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.omappapi.com/v3/geolocate/json
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.2/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-59.fra56.r.cloudfront.net
Software
Pagely Gateway/1.5.1 /
Resource Hash
7e9f48e17e45119d7ac6f2414847ceedc5d37a9d4b4fac2b60aed8bada09fe58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-cache-config
0 0
x-amz-cf-pop
FRA56-P5
x-cache-status
BYPASS
x-cache
Miss from cloudfront
content-length
559
x-user-agent
standard--
server
Pagely Gateway/1.5.1
x-ratelimit-remaining
999
content-type
application/json
access-control-allow-origin
*
x-ratelimit-reset
1660035527
x-ratelimit-limit
1000
x-pagely-debug
mainblock
x-amz-cf-id
l7QrGmHRs9BqafJYj0N5angp8mT6AZVp_rwFxhcZzPH3RyC9UOAwTg==
webfont.js
a.omappapi.com/app/js/webfont/1.5.18/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/webfont/1.5.18/webfont.js
Requested by
Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e01::883:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software
BunnyCDN-AMS-883 /
Resource Hash
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
br
cdn-edgestorageid
879
perma-cache
HIT
cdn-storageserver
DE-167
cdn-cachedat
08/05/2022 15:31:27
cdn-pullzone
293267
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
server
BunnyCDN-AMS-883
access-control-allow-origin
*
last-modified
Fri, 05 Aug 2022 15:30:54 GMT
cdn-proxyver
1.02
cdn-fileserver
419
etag
W/"62ed37ae-40cb"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
00a1a506c45656cdbd7c630d89c3d4f5
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.t2yCsQr-p30.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.W40... Frame 1DDC 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.t2yCsQr-p30.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.W40dIAOFshM.L.B1.O/am=B4A/d=1/exm=Das5Le,IZT63,PrPYRd,Ru0Pgb,ZyYHPb,_b,_r,_tp,hc6Ubd,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgIhV4VPYbAupuSKNiSjPmY9xb1ig/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.t2yCsQr-p30.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfri9BECss7C3xaom0FunLPKNzP9mBQ/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19fad0a6f2ebf74c760ea5b61802a785b98f2b72d1b6babe7f57dab88ba04fba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 17:06:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57099
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7488
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 01:24:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Aug 2023 17:06:08 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.t2yCsQr-p30.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.W40... Frame 1DDC 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.t2yCsQr-p30.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.W40dIAOFshM.L.B1.O/am=B4A/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrgIhV4VPYbAupuSKNiSjPmY9xb1ig/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.t2yCsQr-p30.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfri9BECss7C3xaom0FunLPKNzP9mBQ/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7140d8f813e8c56dd2b65c4991933ecf0c74bea78c2f3b37830c04179093376
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 17:06:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57099
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14138
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 01:24:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Aug 2023 17:06:08 GMT
log
play.google.com/ Frame 1DDC 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.t2yCsQr-p30.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfri9BECss7C3xaom0FunLPKNzP9mBQ/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 09 Aug 2022 08:57:48 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 09 Aug 2022 08:57:48 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 09 Aug 2022 08:57:47 GMT
expires
Tue, 09 Aug 2022 08:57:47 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 1DDC 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.t2yCsQr-p30.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfri9BECss7C3xaom0FunLPKNzP9mBQ/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 09 Aug 2022 08:57:48 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 09 Aug 2022 08:57:48 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 09 Aug 2022 08:57:47 GMT
expires
Tue, 09 Aug 2022 08:57:47 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 1DDC 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.t2yCsQr-p30.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfri9BECss7C3xaom0FunLPKNzP9mBQ/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 09 Aug 2022 08:57:48 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 09 Aug 2022 08:57:48 GMT
/
adservice.google.com/ddm/fls/i/dc_pre=CPb-9YKyufkCFUOvmgod2swCMQ;cat=sitew0;ord=3174651261890.6885;src=10657097;type=sitew0;~oref=https://support.savethechildren.org/ Frame 599A 		449 B
819 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CPb-9YKyufkCFUOvmgod2swCMQ;cat=sitew0;ord=3174651261890.6885;src=10657097;type=sitew0;~oref=https://support.savethechildren.org/
Requested by
Host: 10657097.fls.doubleclick.net
URL: https://10657097.fls.doubleclick.net/activityi;dc_pre=CPb-9YKyufkCFUOvmgod2swCMQ;cat=sitew0;ord=3174651261890.6885;src=10657097;type=sitew0?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b5a044bcf28975c9d1b32059d3da9bcfbe235b7f6c4f72e13b43f425cbfc55f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10657097.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
350
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 08:57:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 09 Aug 2022 08:57:47 GMT
expires
Tue, 09 Aug 2022 08:57:47 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=175734969458030&ev=PageView&dl=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822&rl=&if=false&ts=1660035467856&sw=1600&sh=1200&v=2.9.73&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22476958242912126%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%222690107274549883%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%22512804019569006%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22554416668662072%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%221151582051705481%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1660035467855.798039617&it=1660035467682&coo=false&rqm=GET
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 09 Aug 2022 08:57:47 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=175734969458030&ev=ViewContent&dl=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822&rl=&if=false&ts=1660035467858&cd[content_type]=product&cd[content_ids]=%5B%22donation-form-6827-one-time%22%2C%22donation-form-6827-tip-up-one-time%22%5D&sw=1600&sh=1200&v=2.9.73&r=stable&ec=1&o=30&fbp=fb.1.1660035467855.798039617&it=1660035467682&coo=false&rqm=GET
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 09 Aug 2022 08:57:47 GMT
graphql
payments.braintree-api.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://payments.braintree-api.com/graphql
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.156.167.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-167-229.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6d7284f85995d2144555ccc6263959b12ad5471df7cddfa7af37cb96e03a52f7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Referer
https://support.savethechildren.org/
accept-language
de-DE,de;q=0.9
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2NjAxMjE4NjcsImp0aSI6IjVhNDJkMjliLWU4MzEtNDIwZS1iNTA1LWExM2IxYWMwM2U3OCIsInN1YiI6IjR0eWI4OXpuazdqM3Q2N3QiLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6IjR0eWI4OXpuazdqM3Q2N3QiLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0IjpmYWxzZX0sInJpZ2h0cyI6WyJtYW5hZ2VfdmF1bHQiXSwic2NvcGUiOlsiQnJhaW50cmVlOlZhdWx0Il0sIm9wdGlvbnMiOnt9fQ.KZ3cAwac4EZ9jl8fkmOzAawJe3sGjPOCz3F9P4V6byoqORPEILwoWFi-uTuiGOGIaHAAZmw-WotAHmKnQXwwrQ
Braintree-Version
2018-05-10
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:48 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
server
nginx
X-Frame-Options
DENY
vary
Braintree-Version, Accept-Encoding
Content-Type
application/json
access-control-allow-origin
https://support.savethechildren.org
Cache-Control
no-cache, no-store
braintree-version
2016-10-07
paypal-debug-id
03fa44c595fd4
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Length
1080
graphql
payments.braintree-api.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://payments.braintree-api.com/graphql
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.156.167.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-167-229.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,braintree-version,content-type
Access-Control-Request-Method
POST
Origin
https://support.savethechildren.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
access-control-allow-headers
authorization,braintree-version,content-type
access-control-allow-methods
GET,DELETE,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://support.savethechildren.org
access-control-max-age
1800
date
Tue, 09 Aug 2022 08:57:47 GMT
paypal-debug-id
e8fc3462e3444
server
nginx
transfer-encoding
chunked
log
play.google.com/ Frame 1DDC 		131 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.t2yCsQr-p30.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfri9BECss7C3xaom0FunLPKNzP9mBQ/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 09 Aug 2022 08:57:47 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1844572355&t=pageview&_s=1&dl=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822&dp=%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822&ul=en-us&de=windows-1252&dt=2022%20Eastern%20Kentucky%20Flood%20Crisis%20Fund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=295808909&gjid=850424733&cid=851053701.1660035468&tid=UA-85748307-2&_gid=1048913252.1660035468&_r=1&gtm=2ou880&did=dMWZhNz&gdid=dMWZhNz&z=1986369743
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.2/bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://support.savethechildren.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://support.savethechildren.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
5439503.js
bat.bing.com/p/action/ 		1 KB
842 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5439503.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9831a5c4f65805f968ee933a01864d965eb16c84f57f68156d122b654bfed8a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 564C453D74804D099C0E094A5FE020EE Ref B: FRAEDGE1214 Ref C: 2022-08-09T08:57:47Z
date
Tue, 09 Aug 2022 08:57:47 GMT
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private,max-age=60
content-length
666
0
bat.bing.com/action/ 		0
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5439503&Ver=2&mid=7e430d42-5d32-4d95-8b66-df58dcd85245&sid=57481b8017c111ed88e2db9885a1c238&vid=574852d017c111eda845e56ef4d77821&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=2022%20Eastern%20Kentucky%20Flood%20Crisis%20Fund%20-%20Save%20the%20Children&p=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822&r=&lt=2104&evt=pageLoad&sv=1&rn=51585
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8BE1209487DC4A5E944DA9340040FDAF Ref B: FRAEDGE1214 Ref C: 2022-08-09T08:57:47Z
date
Tue, 09 Aug 2022 08:57:47 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
displayAd.js
s.tribalfusion.com/ 		677 B
734 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/displayAd.js?dver=0.8&th=7238200512
Requested by
Host: a.tribalfusion.com
URL: https://a.tribalfusion.com/pixel/tags/Save%20the%20Children/791263/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5681a903ffd5c9b73aabf9ea138fadaa23e6a4d912ae6b56c6afdc90871bae57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:48 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
327
x-function
153
last-modified
Wed, 11 Aug 2021 04:08:51 GMT
server
cloudflare
x-reuse-index
79
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
private
cf-ray
737f494a8d556945-FRA
expires
Mon, 07 Nov 2022 08:57:48 GMT
sid
mug.criteo.com/ Frame 9762
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=savethechildren.org&sn=ChromeSyncframe&so=0&topUrl=support.savethechildren.org&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=mLs6SHwvMXFwSjBPbitRWDhqRVJObE9QdnJxeVJsYWFKdnNKZzdHdElQaTNRbE9NN0NZL1hTRXZmcEd2NEIzVnZUcFFCTWhBMmZZZ2MyVEVoeXpKS3FENEdxYmdBU1RyUHQrSlNRZkpUOFZKYWs4eE5SZjJ1WENyS1BPdX...
454 B
650 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=mLs6SHwvMXFwSjBPbitRWDhqRVJObE9QdnJxeVJsYWFKdnNKZzdHdElQaTNRbE9NN0NZL1hTRXZmcEd2NEIzVnZUcFFCTWhBMmZZZ2MyVEVoeXpKS3FENEdxYmdBU1RyUHQrSlNRZkpUOFZKYWs4eE5SZjJ1WENyS1BPdXczYVlMbHQvQzJZQkJmWVUwR250R1FkUHlOczYvcFBiWVN5N1FVdjR6NE1OY1A3TGlEM3VyYjJqZkZrdVVqVm9EbmdPeGNuVlRhU25nQTlyV05sTVYxcG1haTVVQ3ZuQ3JTNWxReGcyQWpXYi9kMUdYekxRNFhPcTVVT3RRRCtnWlNOcms4SExHb0o4VDlONGpXK28rMFg0aXRyYkJSN0J4RUc1cFhMZzJ1NHg5WlZRajBqWT18&cppv=2
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
a1b9fd485c1f1c97169a1738e8b111c407b9270bbe3ce67958059684a7e2eb65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3739
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:47 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=mLs6SHwvMXFwSjBPbitRWDhqRVJObE9QdnJxeVJsYWFKdnNKZzdHdElQaTNRbE9NN0NZL1hTRXZmcEd2NEIzVnZUcFFCTWhBMmZZZ2MyVEVoeXpKS3FENEdxYmdBU1RyUHQrSlNRZkpUOFZKYWs4eE5SZjJ1WENyS1BPdXczYVlMbHQvQzJZQkJmWVUwR250R1FkUHlOczYvcFBiWVN5N1FVdjR6NE1OY1A3TGlEM3VyYjJqZkZrdVVqVm9EbmdPeGNuVlRhU25nQTlyV05sTVYxcG1haTVVQ3ZuQ3JTNWxReGcyQWpXYi9kMUdYekxRNFhPcTVVT3RRRCtnWlNOcms4SExHb0o4VDlONGpXK28rMFg0aXRyYkJSN0J4RUc1cFhMZzJ1NHg5WlZRajBqWT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1971
content-length
567
expires
0
jquery-detect-existing.js
support.savethechildren.org/jquery/ 		532 B
684 B 		Script
General
Check archive.org
Download Go to
Full URL
https://support.savethechildren.org/jquery/jquery-detect-existing.js
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/yui3/yui/yui-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
adae8181e3273af1702575e59e9c29b34eedf74943cdde9758a4ccf8e39c5641

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Cteonnt-Length
532
Date
Tue, 09 Aug 2022 08:57:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Jul 2012 19:53:23 GMT
Server
Apache
ETag
"214-4c598b70372c0"
Content-Type
application/x-javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=406
Content-Length
323
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1069852215/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1069852215/?random=1660035467908&cv=9&fst=1660035467908&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa880&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822&tiba=2022%20Eastern%20Kentucky%20Flood%20Crisis%20Fund%20-%20Save%20the%20Children&auid=1674618438.1660035468&hn=www.googleadservices.com&us_privacy=1---&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
80c38be616343203da0b9f4a74f73b63c08602650ecdb8bcc618cfce6d6795dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1164
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adservice.google.de/ddm/fls/i/dc_pre=CPb-9YKyufkCFUOvmgod2swCMQ;cat=sitew0;ord=3174651261890.6885;src=10657097;type=sitew0;~oref=https://support.savethechildren.org/ Frame 2CB5 		194 B
870 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CPb-9YKyufkCFUOvmgod2swCMQ;cat=sitew0;ord=3174651261890.6885;src=10657097;type=sitew0;~oref=https://support.savethechildren.org/
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPb-9YKyufkCFUOvmgod2swCMQ;cat=sitew0;ord=3174651261890.6885;src=10657097;type=sitew0;~oref=https://support.savethechildren.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
177
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 08:57:48 GMT
expires
Tue, 09 Aug 2022 08:57:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/1069852215/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1069852215/?random=1660035467908&cv=9&fst=1660032000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa880&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822&tiba=2022%20Eastern%20Kentucky%20Flood%20Crisis%20Fund%20-%20Save%20the%20Children&async=1&fmt=3&is_vtc=1&random=2378173500&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1069852215/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1069852215/?random=1660035467908&cv=9&fst=1660032000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa880&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822&tiba=2022%20Eastern%20Kentucky%20Flood%20Crisis%20Fund%20-%20Save%20the%20Children&async=1&fmt=3&is_vtc=1&random=2378173500&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery-1.6.4.min.js
support.savethechildren.org/jquery/ 		130 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://support.savethechildren.org/jquery/jquery-1.6.4.min.js
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/yui3/yui/yui-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
931bf6ce88f5237d3795bca1fcfb831181a75de7add4b03e6e7b17b3c79a8ca4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Cteonnt-Length
133384
Date
Tue, 09 Aug 2022 08:57:48 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 May 2020 05:05:40 GMT
Server
Apache
ETag
"20908-5a6c26584b2fd"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=405
4tyb89znk7j3t67t
client-analytics.braintreegateway.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/4tyb89znk7j3t67t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.248.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-248-163.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://support.savethechildren.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://support.savethechildren.org
Access-Control-Max-Age
3000
Connection
keep-alive
Content-Length
0
Date
Tue, 09 Aug 2022 08:57:48 GMT
Server
nginx
4tyb89znk7j3t67t
client-analytics.braintreegateway.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/4tyb89znk7j3t67t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.248.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-248-163.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://support.savethechildren.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://support.savethechildren.org
Access-Control-Max-Age
3000
Connection
keep-alive
Content-Length
0
Date
Tue, 09 Aug 2022 08:57:48 GMT
Server
nginx
4tyb89znk7j3t67t
client-analytics.braintreegateway.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/4tyb89znk7j3t67t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.248.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-248-163.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://support.savethechildren.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://support.savethechildren.org
Access-Control-Max-Age
3000
Connection
keep-alive
Content-Length
0
Date
Tue, 09 Aug 2022 08:57:48 GMT
Server
nginx
4tyb89znk7j3t67t
client-analytics.braintreegateway.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/4tyb89znk7j3t67t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.248.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-248-163.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://support.savethechildren.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://support.savethechildren.org
Access-Control-Max-Age
3000
Connection
keep-alive
Content-Length
0
Date
Tue, 09 Aug 2022 08:57:48 GMT
Server
nginx
4tyb89znk7j3t67t
client-analytics.braintreegateway.com/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/4tyb89znk7j3t67t
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.248.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-248-163.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://support.savethechildren.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 09 Aug 2022 08:57:48 GMT
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://support.savethechildren.org
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
0
4tyb89znk7j3t67t
client-analytics.braintreegateway.com/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/4tyb89znk7j3t67t
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.248.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-248-163.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://support.savethechildren.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 09 Aug 2022 08:57:48 GMT
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://support.savethechildren.org
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
0
4tyb89znk7j3t67t
client-analytics.braintreegateway.com/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/4tyb89znk7j3t67t
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.248.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-248-163.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://support.savethechildren.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 09 Aug 2022 08:57:48 GMT
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://support.savethechildren.org
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
0
4tyb89znk7j3t67t
client-analytics.braintreegateway.com/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/4tyb89znk7j3t67t
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.248.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-248-163.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://support.savethechildren.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 09 Aug 2022 08:57:48 GMT
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://support.savethechildren.org
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
0
fb.js
c.paypal.com/da/r/ 		57 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.39.0/js/data-collector.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2BA) /
Resource Hash
5653386a8725820e2a79eac4ea2fe4a1689bd997e943211069e96fd6e58b94ba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53895
x-cache
HIT
paypal-debug-id
8eee85a658fb9
access-control-max-age
86400
access-control-allow-methods
GET
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=2
dc
ccg11-origin-www-1.paypal.com
content-length
19828
last-modified
Wed, 20 Jul 2022 20:39:48 GMT
server
ECAcc (frd/E2BA)
traceparent
00-00000000000000000008eee85a658fb9-cef7281caf614cab-01
etag
"62d86814-e22f"
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 08:57:48 GMT
log
play.google.com/ Frame 1DDC 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.t2yCsQr-p30.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfri9BECss7C3xaom0FunLPKNzP9mBQ/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 09 Aug 2022 08:57:48 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 09 Aug 2022 08:57:48 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 09 Aug 2022 08:57:48 GMT
expires
Tue, 09 Aug 2022 08:57:48 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 1DDC 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.t2yCsQr-p30.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfri9BECss7C3xaom0FunLPKNzP9mBQ/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 09 Aug 2022 08:57:48 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 09 Aug 2022 08:57:48 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 09 Aug 2022 08:57:48 GMT
expires
Tue, 09 Aug 2022 08:57:48 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 1DDC 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.t2yCsQr-p30.es5.O/am=B4A/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfri9BECss7C3xaom0FunLPKNzP9mBQ/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 09 Aug 2022 08:57:48 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Tue, 09 Aug 2022 08:57:48 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 09 Aug 2022 08:57:48 GMT
expires
Tue, 09 Aug 2022 08:57:48 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
ajax
www.trustedsite.com/rpc/ 		6 B
949 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.trustedsite.com/rpc/ajax?do=tmjs-visit&host=support.savethechildren.org&rand=1660035468184
Requested by
Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.20.4.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-20-4-138.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:48 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-security-policy-report-only
report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
content-length
26
x-content-type-options
nosniff
205.svg
cdn.ywxi.net/meter/support.savethechildren.org/ 		20 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ywxi.net/meter/support.savethechildren.org/205.svg?ts=1659426791676&l=en-US
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:ca00:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
1a0989896f2933670321396aa9d0581db5ec8bdf3327691ca35f9c4bfa98c8fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:40:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1066
content-security-policy-report-only
report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
x-cache
Hit from cloudfront
content-length
7400
referrer-policy
strict-origin-when-cross-origin
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cache-control
public
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
lUkuJWgjnzwkPbT2D2kn_f8eCUlsiDiRyePqF40CVblp1uSl9ecc-Q==
expires
Tue, 09 Aug 2022 09:40:02 GMT
setuid
ib.adnxs.com/
Redirect Chain
  • https://s.tribalfusion.com/visitor?%7B%22tagKey%22%3A%222481917101%22%2C%22th%22%3A7238200512%2C%22version%22%3A%221.0%22%2C%22tKey%22%3A%22a6mneM4craTsvaWsrfSA3OYTYcShLtfY%22%2C%22url%22%3A%22http...
  • https://a4.tribalfusion.com/ipg?ip6=2001:1b60:2:240:3247::11&kv=%7B%22ord%22%3A%2015868300%2C%20%22clientID%22%3A%20791263%7D&redirect=https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.matc...
  • https://ib.adnxs.com/setuid?entity=305&code=$TF_USER_ID_ENC$
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=305&code=$TF_USER_ID_ENC$
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:48 GMT
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9ee386b0-7e01-433e-8d44-c84cef3676ea
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:48 GMT
cf-cache-status
DYNAMIC
x-function
201
server
cloudflare
x-reuse-index
308
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
737f494e6b7f9a0c-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://ib.adnxs.com/setuid?entity=305&code=$TF_USER_ID_ENC$
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
5439503
www.clarity.ms/tag/uet/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/5439503
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/5439503.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:2277 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
e2fd55a8f4de5b2168adabe37df04032a92d8e182bb0a3136c0ebd301b76ca1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:48 GMT
x-powered-by
ASP.NET
x-azure-ref
0jCHyYgAAAAA8Il7sH3fmTak4DT0nEh6mUkJBMzBFREdFMDgwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
expires
-1
cache-control
no-cache, no-store
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
pr
s.amazon-adsystem.com/v3/ Frame B09D 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7b5e267f-6cf6-c436-4330-cc79e3ea1453%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.savethechildren.org/&ex-hargs=v%3D1.0%3Bc%3D2536428905417%3Bp%3D7B5E267F-6CF6-C436-4330-CC79E3EA1453&cb=32715478396665664&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
62d972edd9b193edb16366d40a35923d8a7d4bf7a114b02ab124607824321514
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D7b5e267f-6cf6-c436-4330-cc79e3ea1453%26type%3D4%26m%3D1&ex-fch=416613&ex-src=https://www.savethechildren.org/&ex-hargs=v%3D1.0%3Bc%3D2536428905417%3Bp%3D7B5E267F-6CF6-C436-4330-CC79E3EA1453&cb=32715478396665664&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
5831
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 09 Aug 2022 08:57:48 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
V9BPZ38CGZ3PSQ33NF2H
event
widget.us.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=33523&v=5.12.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3Ddonation-form-6827-one-time%26ui_ecommerce%3D0%26ui_sponsor%3D0&p2=e%3Ddis&adce=1&bundle=4tnr7V9ldXJTM...
  • https://widget.us.criteo.com/event?a=33523&v=5.12.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3Ddonation-form-6827-one-time%26ui_ecommerce%3D0%26ui_sponsor%3D0&p2=e%3Ddis&adce=1&bundle=4tnr7V9ldXJTM...
9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=33523&v=5.12.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3Ddonation-form-6827-one-time%26ui_ecommerce%3D0%26ui_sponsor%3D0&p2=e%3Ddis&adce=1&bundle=4tnr7V9ldXJTMGxTQ2p3VlFBQVB1V3p0aVR1USUyRlJkWkJjS2hJWVMlMkYxeW1tcGo3Q2lwUW9oVGpXb2hSSUNGQWJaZUJMcDNHdEdNb29HRVF0YzlRQzFydUl3R3F3JTJCcFVmT0hMNlZXTTRCU3Juc0t4a1oxSmplQ3ZSZXlmRTRIVlMlMkI2R3RwdWFIQ1BIOFVNZ0xrenE1R20xRjhFQTcyTUIyUW1xM0tjOXl1blIlMkJIZWJvJTNE&tld=savethechildren.org&fu=https%253A%252F%252Fsupport.savethechildren.org%252Fsite%252FDonation2%253Fdf_id%253D6827%2526mfc_pref%253DT%25266827.donation%253Dform1%2526smtrctid%253DAAysnJ%2526cid%253DEmail%253A%253AEmer_Kentucky_Flood%253ANew_Leads%253A080822&dtycbr=51651&cs=1---&cv=1
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
ae02ca926d1ecbadd3e4d5f89e7dd6d9ba25b553b894721b6916f90132e9d0ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:47 GMT
content-encoding
gzip
server
Kestrel
timing-allow-origin
*
strict-transport-security
max-age=31536000; preload;
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
15367825
content-type
application/x-javascript
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:48 GMT
content-encoding
gzip
server
Kestrel
location
https://widget.us.criteo.com/event?a=33523&v=5.12.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3Ddonation-form-6827-one-time%26ui_ecommerce%3D0%26ui_sponsor%3D0&p2=e%3Ddis&adce=1&bundle=4tnr7V9ldXJTMGxTQ2p3VlFBQVB1V3p0aVR1USUyRlJkWkJjS2hJWVMlMkYxeW1tcGo3Q2lwUW9oVGpXb2hSSUNGQWJaZUJMcDNHdEdNb29HRVF0YzlRQzFydUl3R3F3JTJCcFVmT0hMNlZXTTRCU3Juc0t4a1oxSmplQ3ZSZXlmRTRIVlMlMkI2R3RwdWFIQ1BIOFVNZ0xrenE1R20xRjhFQTcyTUIyUW1xM0tjOXl1blIlMkJIZWJvJTNE&tld=savethechildren.org&fu=https%253A%252F%252Fsupport.savethechildren.org%252Fsite%252FDonation2%253Fdf_id%253D6827%2526mfc_pref%253DT%25266827.donation%253Dform1%2526smtrctid%253DAAysnJ%2526cid%253DEmail%253A%253AEmer_Kentucky_Flood%253ANew_Leads%253A080822&dtycbr=51651&cs=1---&cv=1
strict-transport-security
max-age=31536000; preload;
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
8691141
timing-allow-origin
*
content-length
0
expires
0
i
c.paypal.com/v1/r/d/ Frame 5F2E 		160 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8E85) /
Resource Hash
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://support.savethechildren.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
141
content-security-policy-report-only
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html;charset=UTF-8
correlation-id
7d652806d560c
date
Tue, 09 Aug 2022 08:57:47 GMT
paypal-debug-id
7d652806d560c
server
ECAcc (frc/8E85)
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=170
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
traceparent
00-00000000000000000007d652806d560c-23963446b5f90d2c-01
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
counter2.cgi
dub.stats.paypal.com/ Frame 1CCA
Redirect Chain
  • https://b.stats.paypal.com/counter.cgi?i=127.0.0.1&p=1fd2da1b9086905f949c6d8d1eb1cfba&t=1660035468.076&a=14
  • https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=1fd2da1b9086905f949c6d8d1eb1cfba&t=1660035468.076&a=14
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=1fd2da1b9086905f949c6d8d1eb1cfba&t=1660035468.076&a=14
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Server
64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software
PayPal-B.Stats/1.0 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:48 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
42
Content-Type
image/jpeg

Redirect headers

Location
https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=1fd2da1b9086905f949c6d8d1eb1cfba&t=1660035468.076&a=14
Date
Tue, 09 Aug 2022 08:57:48 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
0
Content-Type
application/octet-stream
/
tags.wdsvc.net/tpc-eval/ 		21 B
284 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.wdsvc.net/tpc-eval/?lid=18281d30b29-tags1-1fe594ce2e5e8b
Requested by
Host: tags.wdsvc.net
URL: https://tags.wdsvc.net/controller.js?id=100229
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.55.9.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-9-32.compute-1.amazonaws.com
Software
/
Resource Hash
b0e70b299ab9c122ad93531fa8e5309833baecd53dd55c992c538f8b33bfa22d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:48 GMT
Content-Type
text/javascript
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Content-length
21
Expires
Mon, 3 Jan 2005 13:00:00 GMT
jquery-noconflict.js
support.savethechildren.org/jquery/ 		1 KB
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://support.savethechildren.org/jquery/jquery-noconflict.js
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/yui3/yui/yui-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
53380404709f3d3e845a1e33be4d4e0bac1a77845e10f68111ffb474a4bf0961

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Cteonnt-Length
1135
Date
Tue, 09 Aug 2022 08:57:48 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Jul 2012 19:53:23 GMT
Server
Apache
ETag
"46f-4c598b70372c0"
Content-Type
application/x-javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=119
Content-Length
574
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1069852215/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1069852215/?random=1660035468375&cv=9&fst=1660035468375&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa880&sendb=1&ig=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822&tiba=2022%20Eastern%20Kentucky%20Flood%20Crisis%20Fund%20-%20Save%20the%20Children&auid=1674618438.1660035468&hn=www.googleadservices.com&us_privacy=1---&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
172204f6057752a2dedb4e0358a3e3b1b22646aa449f2eb8c8eba420d4845a86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1162
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 04BA 		0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://support.savethechildren.org
Referer
https://support.savethechildren.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://support.savethechildren.org
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 08:57:48 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
ecm3
s.amazon-adsystem.com/ Frame B09D
Redirect Chain
  • https://ib.adnxs.com/setuid/a9?entity=188&code=LdRLtiF7TnmunTILcahJLw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3DLdRLtiF7TnmunTILcahJLw%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID
  • https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=LdRLtiF7TnmunTILcahJLw
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=LdRLtiF7TnmunTILcahJLw
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
QB4D4HV6PS736PR401JY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:48 GMT
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5b0367b5-1233-48ed-a11c-d925b2eba0b7
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=LdRLtiF7TnmunTILcahJLw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame B09D
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212284268
  • https://s.amazon-adsystem.com/ecm3?id=217273104238001059302&ex=neustar.biz
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=217273104238001059302&ex=neustar.biz
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
QZY0HP4RT9WGA9R1A5QJ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:48 GMT
server
AAWebServer
location
https://s.amazon-adsystem.com/ecm3?id=217273104238001059302&ex=neustar.biz
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
ecm3
s.amazon-adsystem.com/ Frame B09D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=bIOGWKe_QkaJSVGJyLeBrg&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=bIOGWKe_QkaJSVGJyLeBrg&C=1
  • https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=YvIhjLW6wNIABgaKk2SFzAAA
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=YvIhjLW6wNIABgaKk2SFzAAA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
G4721SJZ4PHQQFR6J3EC
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QIZKjyk5rFzoVu9thQFEYn6YdLY8JFaxBV2pocfV1KWMoK4EfRpaeHExgw1OhK%2Bt1hZY6P7FNB8yzH%2Fp4KYxA%2FOPTrILTCzarYp1Hs3Av%2FMVYMR3IyBmzVXZrD0JuKTf7zcM4900pJvY0A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=YvIhjLW6wNIABgaKk2SFzAAA
cache-control
no-cache
cf-ray
737f494e48629be2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame B09D
Redirect Chain
  • https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
  • https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=3301b2ff3f772ac9138f0726dcd8dbc7
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=3301b2ff3f772ac9138f0726dcd8dbc7
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
J0XXHDEPFDVPXJXPJTKW
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=3301b2ff3f772ac9138f0726dcd8dbc7
Date
Tue, 09 Aug 2022 08:57:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame B09D
Redirect Chain
  • https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
  • https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
T0K8NF8CH5S457Q0Q6ZG
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
date
Tue, 09 Aug 2022 08:57:48 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
ecm3
s.amazon-adsystem.com/ Frame B09D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=1qdPTCa1SdCAOTWgq1O87Q
  • https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=1qdPTCa1SdCAOTWgq1O87Q&verify=true
  • https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=1qdPTCa1SdCAOTWgq1O87Q
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=1qdPTCa1SdCAOTWgq1O87Q
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
XX9K7QJNENE88C537ZNC
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=1qdPTCa1SdCAOTWgq1O87Q
date
Tue, 09 Aug 2022 08:57:48 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ecm3
s.amazon-adsystem.com/ Frame B09D
Redirect Chain
  • https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
  • https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=f56879c0-729a-4d51-aed0-34df95ef65e6
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=f56879c0-729a-4d51-aed0-34df95ef65e6
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
1AHQZX5DB5KVYCT8820D
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
Date
Tue, 09 Aug 2022 08:57:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
0
Location
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=f56879c0-729a-4d51-aed0-34df95ef65e6
sync
amazon.partners.tremorhub.com/ Frame B09D 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:68f0:5178:951f:deb4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:48 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
cms
cms.analytics.yahoo.com/ Frame B09D 		0
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spcms.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:48 GMT
via
http/1.1 spdc0103.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
ecm3
s.amazon-adsystem.com/ Frame B09D
Redirect Chain
  • https://mwzeom.zeotap.com/mw?zpartnerid=1353&zurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dzeotap%26id%3D%7BZCOOKIE%7D
  • https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=476c0da4-1247-44e3-41af-ce065ea2dcaa
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=476c0da4-1247-44e3-41af-ce065ea2dcaa
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
9SNK0PSZ586F6MQHTV6X
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 09 Aug 2022 08:57:48 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=476c0da4-1247-44e3-41af-ce065ea2dcaa
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
737f494dd8b89168-FRA
access-control-allow-headers
*
ecm3
s.amazon-adsystem.com/ Frame B09D
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545
  • https://s.amazon-adsystem.com/ecm3?id=1b67cd627e43202bb832c2b83b1e31&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=1b67cd627e43202bb832c2b83b1e31&ex=freewheel.tv&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
1ZXWKRHP3DCS6ZQB75HW
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:48 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=1b67cd627e43202bb832c2b83b1e31&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1660035468608048-524
Expires
Tue, 09 Aug 2022 08:57:48 GMT
ecm3
s.amazon-adsystem.com/ Frame B09D
Redirect Chain
  • https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
  • https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
WSDWBQ8G235GP97JVFGE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 09 Aug 2022 08:57:48 GMT
via
1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P4
content-security-policy-report-only
default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=7NJJPMDA6ZD9XDGFRRZD:sn=www.imdb.com
x-cache
Miss from cloudfront
vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
content-length
0
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
server
Server
x-amz-rid
7NJJPMDA6ZD9XDGFRRZD
strict-transport-security
max-age=31536000; includeSubDomains
location
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
permissions-policy
interest-cohort=()
x-robots-tag
noindex, nofollow
x-amz-cf-id
9-WoddSEP9CRyZ30PGnK8hnj_t8nmHM6gu45RbYmvR42NXOXRij7NA==
usermatch.gif
beacon.krxd.net/ Frame B09D 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=amzn&partner_uid=YAL9MRmdQrCoV0zsH9uJkg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dkrux.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.253.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-253-121.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:48 GMT
cache-control
private, no-cache, no-store
x-request-time
D=37 t=1660035468
x-served-by
beacon-n012-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel.gif
usersync.samplicio.us/amazon/ Frame B09D 		0
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.217.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-217-42.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:49 GMT
Server
nginx/1.20.0
Location
https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame B09D 		0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1868&dspUserId=8xUMhHqyQcC0JqxaTKvLvQ&redir=https://s.amazon-adsystem.com/ecm3?ex=dailymotionHMT1&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.65.124.66 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ingress-03-pub-prod-ix7.vip.dailymotion.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-dm-lb-name
ingress-nginx-nginx-in-cluster-fpgnl
date
Tue, 09 Aug 2022 08:57:48 GMT
content-length
0
strict-transport-security
max-age=15724800; includeSubDomains
ecm3
s.amazon-adsystem.com/ Frame B09D
Redirect Chain
  • https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=fcdae62ce4128cf8
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=fcdae62ce4128cf8
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
RTC1XXS6MES5DDFKYKXX
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 09 Aug 2022 08:57:49 GMT
x-content-type-options
nosniff
location
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=fcdae62ce4128cf8
x-frame-options
SAMEORIGIN
access-control-allow-methods
HEAD,OPTIONS,GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
content-security-policy
default-src 'self'
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type, Authorization
content-length
93
ecm3
s.amazon-adsystem.com/ Frame B09D
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=4GEeoIxnRWqpN4luF3OL_A&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4GEeoIxnRWqpN4luF3OL_A
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4GEeoIxnRWqpN4luF3OL_A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
AHHR08P5HSXMGXEXECZ9
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4GEeoIxnRWqpN4luF3OL_A
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame B09D
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=139200&dpuuid=tBEcP4Y0S-G2S9hXFGXvUw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=28138524691330017423359110358507971215
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=28138524691330017423359110358507971215
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:48 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
769JEKK3BWABRYYRNPDN
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS
dcs-prod-irl1-2-v038-03d48035f.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
oEQexzAWQ2w=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=28138524691330017423359110358507971215
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ecm3
s.amazon-adsystem.com/ Frame B09D
Redirect Chain
  • https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=rfhDYxKYR5K_gdXKqukxkQ
  • https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10818279625122487936&gdpr=&gdpr_consent=
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10818279625122487936&gdpr=&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
E4G2FCJ832S8QK5CKC9S
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:48 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10818279625122487936&gdpr=&gdpr_consent=
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
z
px.surveywall-api.survata.com/ Frame B09D 		0
0
ecm3
s.amazon-adsystem.com/ Frame B09D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5089366412164480040
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5089366412164480040
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BY6WCK5ERJVGBS3ZTV6Z
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:49 GMT
server
nginx
location
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=5089366412164480040
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ecm3
s.amazon-adsystem.com/ Frame B09D
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=57f51bf8-17c1-11ed-9323-1d66682b0306
  • https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=57f51bae-17c1-11ed-9323-1d66682b0306
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=57f51bae-17c1-11ed-9323-1d66682b0306
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
X0E6ZS4X29BZBGTQT7ST
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Tue, 09 Aug 2022 08:57:49 GMT
Server
nginx
Location
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=57f51bae-17c1-11ed-9323-1d66682b0306
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
105
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame B09D
Redirect Chain
  • https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
  • https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%2240c8bcd0-6082-4bb2-8032-5d30125adb7d%22,%22Time%22:%2220220809T085749.038916%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
  • https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=40c8bcd0-6082-4bb2-8032-5d30125adb7d
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=40c8bcd0-6082-4bb2-8032-5d30125adb7d
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
KTHZS0WTMW0ZG465R0K1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=40c8bcd0-6082-4bb2-8032-5d30125adb7d
Server
LogModule 0.4
Content-Length
204
Content-Type
text/html; charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame B09D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
  • https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEGQiw5WwkNObso1zuOGqpQE&google_cver=1
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEGQiw5WwkNObso1zuOGqpQE&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
111HPDR1DAPY0G62SJZM
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEGQiw5WwkNObso1zuOGqpQE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame B09D
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=amzn
  • https://s.amazon-adsystem.com/ecm3?ex=krux.com&id=PAel90Ia
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=krux.com&id=PAel90Ia
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
QCYD7BF7NPFXM8TEVQ6P
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
//s.amazon-adsystem.com/ecm3?ex=krux.com&id=PAel90Ia
date
Tue, 09 Aug 2022 08:57:49 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a001-ash-prod.krxd.net
ecm3
s.amazon-adsystem.com/ Frame B09D
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
  • https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
  • https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=43d1ee24da64862f0959302b045d85c8
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=43d1ee24da64862f0959302b045d85c8
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
YN9R83TDN85Z3K1M4QNY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=43d1ee24da64862f0959302b045d85c8
date
Tue, 09 Aug 2022 08:57:49 GMT
via
1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
content-length
0
x-amz-cf-id
Ry8I0aFkAZ5xhIU8xrZseMlke92l31DUlc4K3aXBAZPrvZFG26N4DA==
x-cache
Miss from cloudfront
cm
us-u.openx.net/w/1.0/ Frame B09D 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:49 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame B09D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
  • https://s.amazon-adsystem.com/ecm3?ex=index&id=K6AWvOWOiqpwVEW-6gHr-Tc4ZH04ZgAC
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index&id=K6AWvOWOiqpwVEW-6gHr-Tc4ZH04ZgAC
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
9QHTHCGR2HYKVQTY47SV
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O8eA1srxLtZNBMxCjMtEkIaPiaWDKU1p%2FBVFFcHyHLzoIcQIx0e11s8kxAxVquQWmj1mv0rGP0sKDEHHAes5FuhrxMu5Qi7CJXqnyDifF%2FRD6uCZOPZMc8tM%2FcgZprZGSu5%2BtBP48CkNpg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://s.amazon-adsystem.com/ecm3?ex=index&id=K6AWvOWOiqpwVEW-6gHr-Tc4ZH04ZgAC
cache-control
no-cache
cf-ray
737f49521b97bb62-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame B09D
Redirect Chain
  • https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
  • https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
  • https://s.amazon-adsystem.com/ecm3?ex=semasio&id=D694E8BFB2733D14
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=D694E8BFB2733D14
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
Q5E92Z3C9951174KX87A
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:49 GMT
frontend-id
13
location
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=D694E8BFB2733D14
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame B09D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=5470547094483791091&ex=appnexus.com
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=5470547094483791091&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
5FMAFEMXC5WBJ4ZVEXZJ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:49 GMT
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
59a46c7b-84c4-444d-8913-d128061942c0
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.amazon-adsystem.com/ecm3?id=5470547094483791091&ex=appnexus.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame B09D 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=ZJM66CfBSTe_f7P4d0u2bg&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%3D%24%7BDSP_UID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:48 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8
ecm3
s.amazon-adsystem.com/ Frame B09D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2179&pt=n
  • https://s.amazon-adsystem.com/ecm3?id=E4eefuGgz5z0lRxTci4NuQ&ex=rubiconproject.com&status=ok
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=E4eefuGgz5z0lRxTci4NuQ&ex=rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
X6449S9K9DVT5Q4472Q2
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?id=E4eefuGgz5z0lRxTci4NuQ&ex=rubiconproject.com&status=ok
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame B09D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=DWsPgu4aTpWuSr9TeXxdrA&
  • https://s.amazon-adsystem.com/ecm3?ex=googleHMT
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=googleHMT
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
CZR5T72BEHFSW9BP1ZBE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.amazon-adsystem.com/ecm3?ex=googleHMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
244
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
loadus.exelator.com/load/ Frame B09D 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:49 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
ecm3
s.amazon-adsystem.com/ Frame B09D
Redirect Chain
  • https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
  • https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=6096ED688D21F2626012F715027EEC65
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=6096ED688D21F2626012F715027EEC65
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
7A6NMX2KNJF7419HXFXD
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Tue, 09 Aug 2022 08:57:49 GMT
Server
openresty/1.15.8.2
P3P
CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Location
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=6096ED688D21F2626012F715027EEC65
Cache-Control
no-cache, private
Connection
keep-alive
Content-Type
text/html
Content-Length
151
Expires
Tue, 09 Aug 2022 08:57:48 GMT
ecm3
s.amazon-adsystem.com/ Frame B09D
Redirect Chain
  • https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=83a5b91f25b6495542f390ebac79a4f6b7d32c9c8900ccaf1a2935776e7c6240
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=83a5b91f25b6495542f390ebac79a4f6b7d32c9c8900ccaf1a2935776e7c6240
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
TZHYBN29KPN8YE20MGKG
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:49 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=83a5b91f25b6495542f390ebac79a4f6b7d32c9c8900ccaf1a2935776e7c6240
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
0
retry-after
0
expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame B09D 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame B09D
Redirect Chain
  • https://sync.taboola.com/sg/amazon-a9-network/1/rtb
  • https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=c6348c71-a9fb-4c6e-bf9e-4f29c783ef3e-tuct9eba70d
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=c6348c71-a9fb-4c6e-bf9e-4f29c783ef3e-tuct9eba70d
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=YAL9MRmdQrCoV0zsH9uJkg&dmt=3&ex-pl-n-g-hmt=DWsPgu4aTpWuSr9TeXxdrA&ep=mfS4I4Lxm4iN8M-0MyueFd10XyKb0DRSWOn-h9VzOWV0w4L0WaD71xchvfBxeZy7GQ_fBgWr4WrRqdm9qICVMk3CkuJ3k2t0Q1ypqOMFYapnOyfwfBgN6mQn6G7sywD_NQ87fpajIH_C8-XU6F4SK8e_V4enmp_cWKzESFpiBWYSVoPaEUYU0KC43I1cEzCo91vqA_6CAdKmdUO-D1FeyrBfDyATXuKjWXmWO9yrYOEt9nlv98vm5H_nE3WmVDiIaUKQwWCQCQcNvXpuzmMINMeNNOQzlVn50Qk8rhjO7Z0Xu9C9A_qi2_kEGWLBjRxudhWP43SvFepAe_ai7AuCzFa30Godg-_saCrCB2Sx9CkjhfLvoAsDN0HOKRWzh4l1Rn3gODKGPIOv8AN_aM8tIXCZAKb7NLPzEZjnZhfTWNFMAD8W3Fp6nz7IjU5XI-JQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:49 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
7NW6NNHTEF83XQ2ZZK17
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=c6348c71-a9fb-4c6e-bf9e-4f29c783ef3e-tuct9eba70d
date
Tue, 09 Aug 2022 08:57:49 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
29622
visitor.php
app.leadsrx.com/ 		105 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.leadsrx.com/visitor.php?acctTag=yqahgl42094&tz=0&ref=&u=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822&t=2022%20Eastern%20Kentucky%20Flood%20Crisis%20Fund%20-%20Save%20the%20Children&lc=null&anon=0&vin=null
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.2/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.41.199.196 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-199-196.us-west-2.compute.amazonaws.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash
68b4a874738c080b32168620bdf50403c5992de0ec152d99362dea144d4dad71

Request headers

Referer
https://support.savethechildren.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://support.savethechildren.org
date
Tue, 09 Aug 2022 08:57:49 GMT
access-control-allow-credentials
true
server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
x-powered-by
PHP/5.6.40
content-length
105
content-type
text/html; charset=utf-8
/
www.google.com/pagead/1p-user-list/1069852215/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1069852215/?random=1660035468375&cv=9&fst=1660032000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa880&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822&tiba=2022%20Eastern%20Kentucky%20Flood%20Crisis%20Fund%20-%20Save%20the%20Children&async=1&fmt=3&is_vtc=1&random=3411372003&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1069852215/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1069852215/?random=1660035468375&cv=9&fst=1660032000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa880&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822&tiba=2022%20Eastern%20Kentucky%20Flood%20Crisis%20Fund%20-%20Save%20the%20Children&async=1&fmt=3&is_vtc=1&random=3411372003&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fb.js
c.paypal.com/da/r/ Frame 5F2E 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2BA) /
Resource Hash
5653386a8725820e2a79eac4ea2fe4a1689bd997e943211069e96fd6e58b94ba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53895
x-cache
HIT
paypal-debug-id
8eee85a658fb9
access-control-max-age
86400
access-control-allow-methods
GET
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=1
dc
ccg11-origin-www-1.paypal.com
content-length
19828
last-modified
Wed, 20 Jul 2022 20:39:48 GMT
server
ECAcc (frd/E2BA)
traceparent
00-00000000000000000008eee85a658fb9-cef7281caf614cab-01
etag
"62d86814-e22f"
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 08:57:48 GMT
jquery-ui-1.8.16.custom.min.js
support.savethechildren.org/jquery/plugins/ui/ 		206 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://support.savethechildren.org/jquery/plugins/ui/jquery-ui-1.8.16.custom.min.js
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/yui3/yui/yui-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
c6692607384f0b261f38edee88dc75ee817827d26aecc4ae765ada9aa92dd36b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Cteonnt-Length
210463
Date
Tue, 09 Aug 2022 08:57:48 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Feb 2012 18:21:34 GMT
Server
Apache
ETag
"3361f-4b863d94fc780"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=54
p1
c.paypal.com/v1/r/d/b/ Frame 5F2E 		125 B
714 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/p1
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FBF) /
Resource Hash
70bda825b76097196639c3e99fb6eb6f85a15779cb2c78f50a3c858eccb75983
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 09 Aug 2022 08:57:48 GMT
correlation-id
a7ff70fe3caa0
content-type
application/json
server
ECAcc (frc/8FBF)
traceparent
00-0000000000000000000a7ff70fe3caa0-14b039ab2131f2b3-01
strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id
a7ff70fe3caa0
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=200
timing-allow-origin
*
content-length
125
e
c.paypal.com/v1/r/d/b/ Frame 5F2E 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/e
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F48) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 09 Aug 2022 08:57:48 GMT
correlation-id
642d4ab83a733
server
ECAcc (frc/8F48)
traceparent
00-0000000000000000000642d4ab83a733-a8f4f327cb8dcfb4-01
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
642d4ab83a733
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=173
timing-allow-origin
*
p3
c6.paypal.com/v1/r/d/b/ Frame 5F2E 		0
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c6.paypal.com/v1/r/d/b/p3?f=1fd2da1b9086905f949c6d8d1eb1cfba&s=BRAINTREE_SIGNIN
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::291 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:48 GMT
via
1.1 varnish
correlation-id
82fcd6b45a7fb
traceparent
00-000000000000000000082fcd6b45a7fb-3f4c754f5aac89d1-01
x-timer
S1660035469.606934,VS0,VE177
x-served-by
cache-hhn4047-HHN
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
paypal-debug-id
82fcd6b45a7fb
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges
bytes
timing-allow-origin
*
content-length
0
x-cache-hits
0
clarity.js
www.clarity.ms/eus2-f/s/0.6.37/ 		53 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2-f/s/0.6.37/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/5439503
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:2277 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
9e8ba124b0c73a351df657b54d58db545fe810e16c0d9b07824a64864792a20d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:48 GMT
content-encoding
br
etag
"1d8aa4ff65ff896"
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
x-azure-ref
0jCHyYgAAAAB2DEAira85Q4NjRse6BUDCUkJBMzBFREdFMDgwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges
bytes
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
st
px.mountain.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://px.mountain.com/st?ga_tracking_id=UA-85748307-2&ga_client_id=851053701.1660035468&shpt=2022%20Eastern%20Kentucky%20Flood%20Crisis%20Fund%20-%20Save%20the%20Children&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-85748307-2%22%2C%22ga_client_id%22%3A%22851053701.1660035468%22%2C%22shpt%22%3A%222022%20Eastern%20Kentucky%20Flood%20Crisis%20Fund%20-%20Save%20the%20Children%22%2C%22dcm_cid%22%3A%22851053701.1660035468%22%2C%22dcm_gid%22%3A%221048913252.1660035468%22%2C%22ga_gclid%22%3A%22851053701.1660035468%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A1%2C%22getClientIdByGA%22%3A%22OK%22%2C%22ga_gclid%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=851053701.1660035468&dcm_gid=1048913252.1660035468&dxver=4.0.0&shaid=32293&plh=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822&cb=36590385649221530&term=value&shadditional=googletagmanager%3Dtrue%2Ccriteo%3Dtrue
Requested by
Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=32293&tdr=&plh=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822&cb=36590385649221530&term=value
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.81.173.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-173-170.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
0e2fdac237b412bab43090b2f5f5d42f543a9e0d63becbcfba32ae790a2fdbb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 09 Aug 2022 08:57:49 GMT
content-encoding
gzip
connection
close
p3p
CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
content-type
application/javascript;charset=utf-8
collect
n.clarity.ms/ 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n.clarity.ms/collect
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.2/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://support.savethechildren.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
https://support.savethechildren.org
date
Tue, 09 Aug 2022 08:57:48 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
collect
n.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n.clarity.ms/collect
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.2/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://support.savethechildren.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
https://support.savethechildren.org
date
Tue, 09 Aug 2022 08:57:49 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
gs
gs.mountain.com/ 		144 B
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gs.mountain.com/gs
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.212.4.35 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-212-4-35.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
cd2a5c365b2eef6af0acbc9b56ae6a767913dbdfeebfec9b4e4231f895818a8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:49 GMT
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
1
connection
close
content-type
application/javascript;charset=utf-8
access-control-allow-headers
Accept, Content-Type, x-requested-with, X-Custom-Header
content-length
144
x-application-context
application:prod:8080
st
px.mountain.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://px.mountain.com/st?ga_tracking_id=UA-85748307-2&ga_client_id=851053701.1660035468&shpt=2022%20Eastern%20Kentucky%20Flood%20Crisis%20Fund%20-%20Save%20the%20Children&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-85748307-2%22%2C%22ga_client_id%22%3A%22851053701.1660035468%22%2C%22shpt%22%3A%222022%20Eastern%20Kentucky%20Flood%20Crisis%20Fund%20-%20Save%20the%20Children%22%2C%22dcm_cid%22%3A%22851053701.1660035468%22%2C%22dcm_gid%22%3A%221048913252.1660035468%22%2C%22ga_gclid%22%3A%22851053701.1660035468%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A1%2C%22getClientIdByGA%22%3A%22OK%22%2C%22ga_gclid%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=851053701.1660035468&dcm_gid=1048913252.1660035468&dxver=4.0.0&shaid=32293&plh=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822&term=value&shadditional=googletagmanager%3Dtrue%2Ccriteo%3Dtrue&cb=1660035469319555&shguid=4302ee67-fcba-3bf8-b467-7a3b51f6c6ff&shgts=1660035470130
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.81.173.170 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-173-170.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
6a0928ab6815e155bd7dfd1e3bcba9033ef3022f40b877b4f508a2f340a76f04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 09 Aug 2022 08:57:50 GMT
content-encoding
gzip
connection
close
p3p
CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
content-type
application/javascript;charset=utf-8
post-log
tags.wdsvc.net/ 		0
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.wdsvc.net/post-log?v=4.00&t=1660035468073
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.55.9.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-9-32.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://support.savethechildren.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://support.savethechildren.org
Date
Tue, 09 Aug 2022 08:57:50 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=5
Content-length
0
Content-Type
text/html
/
insight.adsrvr.org/track/evnt/ 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/evnt/?adv=0ugbyxx&ct=0:8hrabaq&fmt=3&td1=18281d30b29-tags1-1fe594ce2e5e8b
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
insight.adsrvr.org/track/conv/ 		70 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/conv/?adv=0ugbyxx&ct=0:v28zupp&fmt=3&orderid=&vf=&v=&td1=18281d30b29-tags1-1fe594ce2e5e8b
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
insight.adsrvr.org/track/conv/ 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/conv/?adv=0ugbyxx&ct=0:rlc0tuy&fmt=3&orderid=&vf=&v=&td1=18281d30b29-tags1-1fe594ce2e5e8b
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
insight.adsrvr.org/track/evnt/ 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/evnt/?adv=0ugbyxx&ct=0:l703v0i&fmt=3&td1=18281d30b29-tags1-1fe594ce2e5e8b
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
generic
match.adsrvr.org/track/cmf/ 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=582351e9-17c1-11ed-b412-a742ebe07e1d&gdpr=&gdpr_consent=
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
insight.adsrvr.org/track/evnt/ 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/evnt/?adv=tl1i3bn&ct=0:kr1qq9a&fmt=3
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:50 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
AjaxHelper;jsessionid=00000000.app30125b
support.savethechildren.org/site/ 		35 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://support.savethechildren.org/site/AjaxHelper;jsessionid=00000000.app30125b?NONCE_TOKEN=97E9F90C9D4447235519BE8295E8CC0D
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.123.154.123 , United States, ASN15148 (BLACKBAUD-ASN, US),
Reverse DNS
cluster3.convio.net
Software
Apache /
Resource Hash
0d17243f4d997014fe0d8e4be3bb2037b1e1266f1608a2269ae146dc8d7ffa7c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com; report-uri https://support.savethechildren.org/site/XFrameViolation
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Transfer-Encoding
chunked
Content-Type
text/html;charset=ISO-8859-1
Cache-Control
no-store
Content-Security-Policy
frame-ancestors 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com; report-uri https://support.savethechildren.org/site/XFrameViolation
Connection
Keep-Alive
Keep-Alive
timeout=15, max=429
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=C6277C815E1C40D28CEF7D10EEBC0C89&RedC=c.clarity.ms&MXFR=178AF585EC6D6BAD29E1E47EE86D65FE
  • https://c.clarity.ms/c.gif?CtsSyncId=C6277C815E1C40D28CEF7D10EEBC0C89&MUID=3E1F272316B66C92228B36D817646D93
42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=C6277C815E1C40D28CEF7D10EEBC0C89&MUID=3E1F272316B66C92228B36D817646D93
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:51 GMT
last-modified
Thu, 28 Jul 2022 20:41:52 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"82531c78c2a2d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A01CE5B804B144E8AACC0C355A76BF15 Ref B: FRAEDGE1214 Ref C: 2022-08-09T08:57:51Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=C6277C815E1C40D28CEF7D10EEBC0C89&MUID=3E1F272316B66C92228B36D817646D93
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFG5K96
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ae57d5e97bf1a0db8777b7531cd32cb09ee6f07bed183bb880469cc20f355086

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:51 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 21:38:45 GMT
etag
"ca88912498e17137955859948f14e272+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
15196
x-served-by
cache-iad-kiad7000096-IAD, cache-hhn11571-HHN
activityi;dc_pre=COCGwYSyufkCFdbDOwIdZaMIqA;src=4853738;type=dfp;cat=donat0;ord=9965936035362;gtm=2wg880;auiddc=1674618438.1660035468;~oref=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonati...
4853738.fls.doubleclick.net/ Frame A749
Redirect Chain
  • https://4853738.fls.doubleclick.net/activityi;src=4853738;type=dfp;cat=donat0;ord=9965936035362;gtm=2wg880;auiddc=1674618438.1660035468;~oref=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDona...
  • https://4853738.fls.doubleclick.net/activityi;dc_pre=COCGwYSyufkCFdbDOwIdZaMIqA;src=4853738;type=dfp;cat=donat0;ord=9965936035362;gtm=2wg880;auiddc=1674618438.1660035468;~oref=https%3A%2F%2Fsupport...
718 B
552 B 		Document
General
Check archive.org
Download Go to
Full URL
https://4853738.fls.doubleclick.net/activityi;dc_pre=COCGwYSyufkCFdbDOwIdZaMIqA;src=4853738;type=dfp;cat=donat0;ord=9965936035362;gtm=2wg880;auiddc=1674618438.1660035468;~oref=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFG5K96
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
7954b167764abb203ff46da6559927a733c6d6c115ab6b55355b853d5a9c9013
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
529
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 08:57:51 GMT
expires
Tue, 09 Aug 2022 08:57:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 08:57:51 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://4853738.fls.doubleclick.net/activityi;dc_pre=COCGwYSyufkCFdbDOwIdZaMIqA;src=4853738;type=dfp;cat=donat0;ord=9965936035362;gtm=2wg880;auiddc=1674618438.1660035468;~oref=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
savethechildren.js
d1n00d49gkbray.cloudfront.net/js/ 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1n00d49gkbray.cloudfront.net/js/savethechildren.js
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:dc00:9:7c30:be80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd674f0b8199125dfd7034a04f0ce6c54340f94ed822090b118e15a93dfb9986

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
RGH6edrCYNdTDp1Jr7x.Fr0QILIUPOje
content-encoding
gzip
etag
W/"86e44efde64d32462e156f24206aa5b2"
last-modified
Wed, 29 Jun 2022 15:02:27 GMT
server
AmazonS3
age
19558
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
date
Tue, 09 Aug 2022 03:37:21 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
32TOF_m7LlTkPQoqfYWobUW9ROdEieHvwR_6zRjSv9KrjkovDGxmcA==
obtp.js
amplify.outbrain.com/cp/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.185.80 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-185-80.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 Jun 2022 14:06:31 GMT
Server
AkamaiNetStorage
ETag
"51de2e10510f823326f9b30ea6068a2a:1655820557.452892"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3249
Expires
Tue, 09 Aug 2022 09:17:51 GMT
Bootstrap.js
nexus.ensighten.com/choozle/10170/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/10170/Bootstrap.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFG5K96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-91.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
82d252b0331bf97dded0f4bf4948272698618523d184b1cc476f3f1807f15b74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 04:10:30 GMT
content-encoding
br
age
1572442
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 13 Jun 2022 14:49:13 GMT
server
AmazonS3
etag
W/"18ffa018e5b503b5b4ff4b33ae1fb30c"
vary
Accept-Encoding
x-amz-version-id
fT_tumJdhdhIumBYXlKaiUul3kyT.7tv
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
cache-control
max-age=300
x-amz-cf-pop
FRA60-P4
content-type
application/javascript; charset=utf-8
x-amz-cf-id
2juqn-Ictx_nvHV9f2Jeaonwsgtd7kCCZR90aBubFL5n87uHBZsApQ==
airpr.js
px.airpr.com/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://px.airpr.com/airpr.js
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-19.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
529b9c583e6cf8da02c9cadf8c38b5714198f0fde2dcde01da2d5ee681228738

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 04:46:51 GMT
content-encoding
gzip
last-modified
Sat, 21 Apr 2018 18:03:55 GMT
server
nginx
age
15059
etag
"5adb7d0b-853"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
cache-control
max-age=43200
x-amz-cf-pop
FRA56-P6
content-length
2131
x-amz-cf-id
pdxvCN7JEZvov2RT-FdMl1XeYjKojStMEs50LSzjLhzqxkg5hG3yhw==
expires
Tue, 09 Aug 2022 17:04:21 GMT
sv.js
track.securedvisit.com/js/ 		59 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.securedvisit.com/js/sv.js
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.35.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-35-161.compute-1.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
f9df1da2e337cc44e3d87a5dc93f8271933b5ee914c7046ef02e281014b6cda0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:51 GMT
content-encoding
gzip
last-modified
Tue, 09 Aug 2022 08:57:51 GMT
server
nginx/1.20.2
etag
W/"273cf9801333aefc61a4f311b0692f6a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, private
expires
Tue, 09 Aug 2022 08:57:51 GMT
asyncPixelSync
pixel.sitescout.com/dmp/ Frame 0FC5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by
Host: support.savethechildren.org
URL: https://support.savethechildren.org/site/Donation2?df_id=6827&mfc_pref=T&6827.donation=form1&smtrctid=AAysnJ&cid=Email::Emer_Kentucky_Flood:New_Leads:080822
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 -, , ASN (),
Reverse DNS
Software
AC1.1 /
Resource Hash

Request headers

Referer
https://support.savethechildren.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0,no-cache,no-store
date
Tue, 09 Aug 2022 08:57:52 GMT
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
server
AC1.1
5919bb7250f42d43
pixel.sitescout.com/iap/ 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/iap/5919bb7250f42d43
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 -, , ASN (),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:52 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
up
insight.adsrvr.org/track/ Frame B3E6 		0
181 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=a6t02yu&ref=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822&upid=xvch1ck&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://support.savethechildren.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html
date
Tue, 09 Aug 2022 08:57:50 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
sync
x.bidswitch.net/ Frame 0FA4 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-oTtt7tSp4Ls6bMlLBs3nOT6l-14vOlVFeKawBQ&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.255.74 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-255-74.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 0FA4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-1ccix9Sp4Ls6bMlLBs3nOT6l-15R2mhrb-MD6w&google_cm&google_hm=ay0xY2NpeDlTcDRMczZiTWxMQnMzbk9UNmwtMTVSMm1oc...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-1ccix9Sp4Ls6bMlLBs3nOT6l-15R2mhrb-MD6w&google_gid=CAESEGJ3kXj96wFm1blkCEqAfB4&google_cver=1&google_ula=913071,0
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-1ccix9Sp4Ls6bMlLBs3nOT6l-15R2mhrb-MD6w&google_gid=CAESEGJ3kXj96wFm1blkCEqAfB4&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:50 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
885787
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-1ccix9Sp4Ls6bMlLBs3nOT6l-15R2mhrb-MD6w&google_gid=CAESEGJ3kXj96wFm1blkCEqAfB4&google_cver=1&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 0FA4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5470547094483791091
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5470547094483791091
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:50 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3285993
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:50 GMT
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
fa206351-716d-4f39-916b-c9bd9d27d8a4
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5470547094483791091
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
1by1.png
cotads.adscale.de/ads/pixel/ Frame 0FA4
Redirect Chain
  • https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-hX-M0NSp4Ls6bMlLBs3nOT6l-1455JZid86BBQ&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__
  • https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-hX-M0NSp4Ls6bMlLBs3nOT6l-1455JZid86BBQ&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__&nut&uu=f8bd19...
  • https://cotads.adscale.de/ads/pixel/1by1.png?uid=fee0f497bb4d41e3f89fce3e168c9f9a75fa3e303bf2ef629c16eedd4e79bb28
321 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cotads.adscale.de/ads/pixel/1by1.png?uid=fee0f497bb4d41e3f89fce3e168c9f9a75fa3e303bf2ef629c16eedd4e79bb28
Protocol
H2
Server
2600:9000:223d:9c00:1b:832b:ac00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
678743e83d255d34a3476fa3eed80d55d212874f0fe98285a54fbf293f8b73ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
L15pFHSGGE_bHbLCyc84fBPpy1DC4jsd
via
1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
last-modified
Tue, 08 Sep 2020 23:05:25 GMT
server
AmazonS3
age
344756
etag
"c1ab48a971e5c1a7eae346346487762d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800
date
Sat, 06 Aug 2022 00:45:06 GMT
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
content-length
321
x-amz-cf-id
zphwizGGwP4_m883M5hEaaepSWurHlqti_syz0k9dvGtJN54r-nghQ==

Redirect headers

location
https://cotads.adscale.de/ads/pixel/1by1.png?uid=fee0f497bb4d41e3f89fce3e168c9f9a75fa3e303bf2ef629c16eedd4e79bb28
date
Tue, 09 Aug 2022 08:57:51 GMT
content-length
0
p3p
CP=NOI PSA OUR
rum
r.casalemedia.com/ Frame 0FA4 		43 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-aB6GaNSp4Ls6bMlLBs3nOT6l-15sYI7OvdCABg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
737f495dfb609956-FRA
pragma
no-cache
date
Tue, 09 Aug 2022 08:57:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VVI03Ibooxs2vT%2FhHBftvEr705nbDhggL2Zz29lAFEarpgQgoBJuz6WwnHsxd4ukfMP1Nce0kKzuxp%2FEOZrSvZt%2BvZqyybYn02DcCdbHLv%2Bi1DvLeWlsg9MspuQsd%2FkVZCKd"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0
match
ad.360yield.com/ul_cb/ Frame 0FA4
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-KKPXEtSp4Ls6bMlLBs3nOT6l-147N7krcu6iOQ
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-KKPXEtSp4Ls6bMlLBs3nOT6l-147N7krcu6iOQ
43 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-KKPXEtSp4Ls6bMlLBs3nOT6l-147N7krcu6iOQ
Protocol
H2
Server
54.76.86.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-86-227.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 09 Aug 2022 08:57:51 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-KKPXEtSp4Ls6bMlLBs3nOT6l-147N7krcu6iOQ
date
Tue, 09 Aug 2022 08:57:51 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cksync.php
contextual.media.net/ Frame 0FA4 		45 B
785 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-8k32rtSp4Ls6bMlLBs3nOT6l-16yFi1vXheF-Q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-38-97.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Tue, 09 Aug 2022 08:57:51 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 09 Aug 2022 08:57:51 GMT
push
exchange.mediavine.com/usersync/ Frame 0FA4 		40 B
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-Q-6XKNSp4Ls6bMlLBs3nOT6l-15D1PLK8MfuKA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.150.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-150-140.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:51 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
cookie-sync
sync.outbrain.com/ Frame 0FA4 		0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-uCoP_tSp4Ls6bMlLBs3nOT6l-15smIcLlyyOVA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:51 GMT
Cache-Control
no-cache
X-TraceId
0bb7985fd2d946ae5e37f7f14c89f01a
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 0FA4 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-UMtYy9Sp4Ls6bMlLBs3nOT6l-15g_dVSQy0Jyg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:51 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame 0FA4 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-ZrqxyNSp4Ls6bMlLBs3nOT6l-15090Hl0_xJKA&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif
v1
match.sharethrough.com/sync/ Frame 0FA4 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-nLc0H9Sp4Ls6bMlLBs3nOT6l-14Q9vt_ay45GQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.249.194 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-249-194.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:51 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 0FA4 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-mH-2-NSp4Ls6bMlLBs3nOT6l-16p0UuxglOMrg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.106 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:51 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 0FA4 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-R8PeodSp4Ls6bMlLBs3nOT6l-17f4P3xBbyORg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
29562
um
criteo-sync.teads.tv/ Frame 0FA4 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-t1OTB9Sp4Ls6bMlLBs3nOT6l-14XCzcim9DYQA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-128-226.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:51 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 09 Aug 2022 08:57:51 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 0FA4 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-SqGPItSp4Ls6bMlLBs3nOT6l-15DjQ-bnu-n3Q&dongle=013b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame 0FA4 		0
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-p0zg1NSp4Ls6bMlLBs3nOT6l-17TPggNgTqE2w
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:50 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
m
ad.yieldlab.net/ Frame 0FA4 		0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dm_id=8666&ext_id=k-WumLIdSp4Ls6bMlLBs3nOT6l-152HRLHhwNrHg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.102.147 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-102-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:51 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Mon, 08 Aug 2022 08:57:51 GMT
pixel
cm.adform.net/ Frame 0FA4 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-xi6OStSp4Ls6bMlLBs3nOT6l-148dyS8vg_6lw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:51 GMT
last-modified
Wed, 11 Oct 2017 14:26:30 GMT
server
nginx
accept-ranges
bytes
etag
"59de2a16-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame 0FA4 		49 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-QWf3p9Sp4Ls6bMlLBs3nOT6l-149jiQEcI4f-A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:51 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0
ibs:dpid=28645&dpuuid=JuD4lOfllZOqm-W5ZeTRroTEtvDmlan2
dpm.demdex.net/ Frame 0FA4
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=JuD4lOfllZOqm-W5ZeTRroTEtvDmlan2
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=JuD4lOfllZOqm-W5ZeTRroTEtvDmlan2
Protocol
HTTP/1.1
Server
52.51.11.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-11-49.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v038-00508e2e6.edge-irl1.demdex.com 5 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
32RmCkF+ThY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=JuD4lOfllZOqm-W5ZeTRroTEtvDmlan2
date
Tue, 09 Aug 2022 08:57:50 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2797
content-length
198
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
9.gif
id5-sync.com/s/966/ Frame 0FA4 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-CFukfdSp4Ls6bMlLBs3nOT6l-16oOfPwYpb6bw
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:50 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
28292
i6.liadm.com/s/ Frame 0FA4
Redirect Chain
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-_udKctSp4Ls6bMlLBs3nOT6l-16A_8jgqSY5ng
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-_udKctSp4Ls6bMlLBs3nOT6l-16A_8jgqSY5ng&_li_chk=true&previous_uuid=95a2cd15f74446aca93f3501a18b5810
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-_udKctSp4Ls6bMlLBs3nOT6l-16A_8jgqSY5ng
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-_udKctSp4Ls6bMlLBs3nOT6l-16A_8jgqSY5ng
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:be9:db47:5744:e7ff Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:52 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-_udKctSp4Ls6bMlLBs3nOT6l-16A_8jgqSY5ng
Date
Tue, 09 Aug 2022 08:57:51 GMT
Connection
keep-alive
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
sync
ad.sxp.smartclip.net/ Frame 0FA4
Redirect Chain
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-pDIk-dSp4Ls6bMlLBs3nOT6l-160o0axF8Glpg
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-pDIk-dSp4Ls6bMlLBs3nOT6l-160o0axF8Glpg&ang_testid=1
42 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-pDIk-dSp4Ls6bMlLBs3nOT6l-160o0axF8Glpg&ang_testid=1
Protocol
H2
Server
35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.194.186.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:51 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Tue, 09 Aug 2022 08:57:51 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-pDIk-dSp4Ls6bMlLBs3nOT6l-160o0axF8Glpg&ang_testid=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
criteo-partners.tremorhub.com/ Frame 0FA4 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-MgtmUNSp4Ls6bMlLBs3nOT6l-14ejfRXCl56GQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:68f0:5178:951f:deb4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:51 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame 0FA4 		43 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-r8INH9Sp4Ls6bMlLBs3nOT6l-17rCu1KyXuqVA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.30
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 09 Aug 2022 08:57:51 GMT
server
Apache
x-powered-by
PHP/7.3.30
content-length
43
content-type
image/gif
b404e5e3-3993-47ab-888e-fe8124aaceef
https://support.savethechildren.org/ 		15 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://support.savethechildren.org/b404e5e3-3993-47ab-888e-fe8124aaceef
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a899d637d49e28f84b577793f5c111c57fc2e631ddeacb567261b7bc6f96b58b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
15521
Content-Type
application/javascript
3f1716cc-8629-4b88-b645-07d674fc94f0
https://support.savethechildren.org/ 		15 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://support.savethechildren.org/3f1716cc-8629-4b88-b645-07d674fc94f0
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a899d637d49e28f84b577793f5c111c57fc2e631ddeacb567261b7bc6f96b58b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
15521
Content-Type
application/javascript
id
smetrics.savethechildren.org/ 		87 B
289 B 		Script
General
Check archive.org
Download Go to
Full URL
https://smetrics.savethechildren.org/id?callback=_airpr_ns.om_cookie
Requested by
Host: px.airpr.com
URL: https://px.airpr.com/airpr.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
34c767311f85c3a8a9fa6e98f8f443233cf20ce4f952134e72d0cf2b0701e1cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:51 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-69c8d8cc76-vv8zl
vary
Origin
x-c
main-1661.I2f39db.M0-585
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
87
x-xss-protection
1; mode=block
usermatch.gif
beacon.krxd.net/ Frame 0FA4
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=tA9OdLR0A4sVYtHd4V846DH8w74krlkK
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=tA9OdLR0A4sVYtHd4V846DH8w74krlkK
Protocol
H2
Server
52.214.253.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-253-121.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:51 GMT
cache-control
private, no-cache, no-store
x-request-time
D=29 t=1660035471
x-served-by
beacon-n020-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=tA9OdLR0A4sVYtHd4V846DH8w74krlkK
date
Tue, 09 Aug 2022 08:57:50 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2886
content-length
218
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
dc_pre=COCGwYSyufkCFdbDOwIdZaMIqA;src=4853738;type=dfp;cat=donat0;ord=9965936035362;gtm=2wg880;auiddc=*;~oref=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%...
adservice.google.com/ddm/fls/z/ Frame A749 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=COCGwYSyufkCFdbDOwIdZaMIqA;src=4853738;type=dfp;cat=donat0;ord=9965936035362;gtm=2wg880;auiddc=*;~oref=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822
Requested by
Host: 4853738.fls.doubleclick.net
URL: https://4853738.fls.doubleclick.net/activityi;dc_pre=COCGwYSyufkCFdbDOwIdZaMIqA;src=4853738;type=dfp;cat=donat0;ord=9965936035362;gtm=2wg880;auiddc=1674618438.1660035468;~oref=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4853738.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anpx
dpx.airpr.com/
Redirect Chain
  • https://dpx.airpr.com/px?hostname=support.savethechildren.org&profile=405343&ga_account_id=UA-85748307-2&ga_account_type=UA&ga_c=851053701.1660035468&om_account_type=OM&om_c=317910C7AD7CD665-400014...
  • https://secure.adnxs.com/getuid?https://dpx.airpr.com/anpx?adnxs_uid=$UID&airpr_id=4864720820
  • https://dpx.airpr.com/anpx?adnxs_uid=5470547094483791091&airpr_id=4864720820
0
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpx.airpr.com/anpx?adnxs_uid=5470547094483791091&airpr_id=4864720820
Protocol
H2
Server
18.185.197.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-197-79.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:51 GMT
cache-control
private
server
nginx

Redirect headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:51 GMT
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
27e9c34c-e29a-4eaa-ab23-3b3e5df99d01
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dpx.airpr.com/anpx?adnxs_uid=5470547094483791091&airpr_id=4864720820
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cachedClickId
tr.outbrain.com/ 		35 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00569da938e06cb48f6f60ece5ae3d324c
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:51 GMT
content-encoding
gzip
X-TraceId
76da9a6489c4d8c5ef4a176419042410
Content-Length
56
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=00569da938e06cb48f6f60ece5ae3d324c&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822&optOut=false&bust=0722537249302786&referrer=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 08:57:51 GMT
Cache-Control
no-cache
X-TraceId
385fc2c0bcf086a9b03e984de0e29f38
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
iframe
d1eoo1tco6rr5e.cloudfront.net/azud70w/dsx8icm/ Frame 3351
Redirect Chain
  • https://insight.adsrvr.org/tags/azud70w/dsx8icm/iframe
  • https://d1eoo1tco6rr5e.cloudfront.net/azud70w/dsx8icm/iframe
138 B
668 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d1eoo1tco6rr5e.cloudfront.net/azud70w/dsx8icm/iframe
Requested by
Host: 4853738.fls.doubleclick.net
URL: https://4853738.fls.doubleclick.net/activityi;dc_pre=COCGwYSyufkCFdbDOwIdZaMIqA;src=4853738;type=dfp;cat=donat0;ord=9965936035362;gtm=2wg880;auiddc=1674618438.1660035468;~oref=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.22.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-22-149.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
34b6561b0dc821aebf895b623ba64d09d00a153c22610f0f71f67ecc3d9e6769

Request headers

Referer
https://4853738.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
14714
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
138
Content-Type
text/html
Date
Tue, 09 Aug 2022 04:52:38 GMT
ETag
"f93df8b2ff069891dcc9a5c0ff142bde"
Last-Modified
Fri, 01 Oct 2021 23:57:00 GMT
Server
AmazonS3
Via
1.1 92835d2f5794bba6bff3a83645bbf4c4.cloudfront.net (CloudFront)
X-Amz-Cf-Id
XRG7Ce6uZdqrq96ImkazgcJ7_M_2N61Xfmnsa21jb3I6twh4phOIyQ==
X-Amz-Cf-Pop
VIE50-P1
X-Cache
Hit from cloudfront
x-amz-server-side-encryption
AES256

Redirect headers

content-length
183
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 08:57:51 GMT
location
https://d1eoo1tco6rr5e.cloudfront.net/azud70w/dsx8icm/iframe
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
serverComponent.php
nexus.ensighten.com/choozle/10170/ 		535 B
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/10170/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/choozle/10170/code/&publishedOn=Mon%20Jun%2013%2014:49:02%20GMT%202022&ClientID=923&PageID=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/10170/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-91.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
c3f40399edac98ec178e2da047452af5b129faf52831cf46bba1275c23130923

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:51 GMT
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
no-cache, no-store
content-length
535
x-amz-cf-id
drbVP1gufTVlHvXKi1wHIbN65VQCGBScIrJeE4xOXd1YZGsD_Z41DQ==
expires
Tue, 09 Aug 2022 08:57:50 GMT
397596.gif
idsync.rlcdn.com/ Frame 0FA4
Redirect Chain
  • https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
  • https://idsync.rlcdn.com/397596.gif?partner_uid=7ScRUjRdwag_-DxO5l9hfvy63PaplX6t
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/397596.gif?partner_uid=7ScRUjRdwag_-DxO5l9hfvy63PaplX6t
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:57:51 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

location
https://idsync.rlcdn.com/397596.gif?partner_uid=7ScRUjRdwag_-DxO5l9hfvy63PaplX6t
date
Tue, 09 Aug 2022 08:57:50 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2642
content-length
197
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
07285131fb793c9edbc1a300e9502bf5.js
nexus.ensighten.com/choozle/10170/code/ 		2 KB
1009 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/10170/code/07285131fb793c9edbc1a300e9502bf5.js?conditionId0=4927691&conditionId1=4871227&conditionId2=4872711
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/10170/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-91.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3f65c3dcc1c537bf31a736d0d32b468580d8a3f3ee96f93e3befcb0a871a9a28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 04:10:31 GMT
content-encoding
br
age
1572441
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 13 Jun 2022 14:49:13 GMT
server
AmazonS3
etag
W/"c6e0d9cd7e124dd83def90c29c5a679e"
vary
Accept-Encoding
x-amz-version-id
yWQcOchPsepRFc6ofkFJ9kbwERYN9jZj
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA60-P4
content-type
application/javascript; charset=utf-8
x-amz-cf-id
KA9_51n_5V3sifjZ0rSKo-qE6JuQugqtAi4ytbam2MzUSy6pery_lQ==
6fa385984d6889f764a1c93297b6aa5b.js
nexus.ensighten.com/choozle/10170/code/ 		670 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/10170/code/6fa385984d6889f764a1c93297b6aa5b.js?conditionId0=4872641
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/10170/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-91.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ace295496b301814db400fa3ab2ee42f6403bc12b4f57f6a09a467edc07462d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 22:57:54 GMT
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
age
1504798
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
670
last-modified
Thu, 12 Aug 2021 12:21:01 GMT
server
AmazonS3
etag
"f6af68e7de160d101dfee1c9cef30a1a"
x-amz-version-id
hisBbi7Lm.C1c3NM9TR2suc8fDWQkkk9
cache-control
max-age=315360000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-amz-cf-id
VEo_UoIgcgVIRlhOH2FeGS8axxvH3nX85cfn8DaRZ52-29sLXSU8GA==
0954ce0040a8fc5aeab3289dc26bb80c.js
nexus.ensighten.com/choozle/10170/code/ 		2 KB
840 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/10170/code/0954ce0040a8fc5aeab3289dc26bb80c.js?conditionId0=421905
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/10170/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-91.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37b5bcadb5d884158218785c2647fb6945d73906315d5abe754232158748259e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 04:10:31 GMT
content-encoding
br
age
1572441
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 13 Jun 2022 14:49:13 GMT
server
AmazonS3
etag
W/"c4e2839424f981629cf0fe2178ff9ef7"
vary
Accept-Encoding
x-amz-version-id
jmpzjXQT9NQsQ8wKHWAp4CLwVbc46grs
via
1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA60-P4
content-type
application/javascript; charset=utf-8
x-amz-cf-id
8IsD0prQVbeuue9D_3sbcSptYiFDRAOXmzRZY8-4sm6pVrtqCQ2hbQ==
iui3
s.amazon-adsystem.com/ 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D35707a8f-2b39-c482-69de-13a5cbb7cbf2%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.savethechildren.org/&ex-hargs=v%3D1.0%3Bc%3D585550389931295878%3Bp%3D35707A8F-2B39-C482-69DE-13A5CBB7CBF2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:51 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BH5HM579WA52XJM2RCXG
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
adsct
t.co/i/ 		43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=50bc9696-8297-4f2a-b2e0-973210c06ee7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=7830454e-a0c0-4207-9341-170bde1b3475&tw_document_href=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvjd8&type=javascript&version=2.4.15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-response-time
110
date
Tue, 09 Aug 2022 08:57:51 GMT
server
tsa_o
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
53e1e00259a2d46c50b04f5868375c054b775ffad79277357cfe4f72e244321f
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=50bc9696-8297-4f2a-b2e0-973210c06ee7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=7830454e-a0c0-4207-9341-170bde1b3475&tw_document_href=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D6827%26mfc_pref%3DT%266827.donation%3Dform1%26smtrctid%3DAAysnJ%26cid%3DEmail%3A%3AEmer_Kentucky_Flood%3ANew_Leads%3A080822&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvjd8&type=javascript&version=2.4.15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://support.savethechildren.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-response-time
106
date
Tue, 09 Aug 2022 08:57:51 GMT
server
tsa_o
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
1a30aaca751a519fdab35880099db54ed0e953e881a701ecfa49275311e324b1
content-length
43
cs
s.thebrighttag.com/ Frame 0FA4
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=oczLx7LTAJIPBtAI1hCt3Tr4qXmiaBuh
35 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=oczLx7LTAJIPBtAI1hCt3Tr4qXmiaBuh
Protocol
H2
Server
3.128.220.23 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-128-220-23.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
x-bt-requestid
59872731-17c1-11ed-9065-0000ac170024
server
nginx
date
Tue, 09 Aug 2022 08:57:51 GMT
p3p
CP=NOI DSP COR NID
access-control-allow-origin
cache-control
private, must-revalidate
content-type
image/gif
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=oczLx7LTAJIPBtAI1hCt3Tr4qXmiaBuh
date
Tue, 09 Aug 2022 08:57:50 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2470
content-length
203
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
/
insight.adsrvr.org/track/pxl/ Frame 3351 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=azud70w&ct=0:dsx8icm&fmt=3
Requested by
Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/azud70w/dsx8icm/iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
m
ad.yieldlab.net/ Frame 0FA4 		0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-WumLIdSp4Ls6bMlLBs3nOT6l-152HRLHhwNrHg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.102.147 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-102-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 08:57:51 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Mon, 08 Aug 2022 08:57:51 GMT
iframe
d1eoo1tco6rr5e.cloudfront.net/f35s4e0/45k2r2v/ Frame 5B34
Redirect Chain
  • https://insight.adsrvr.org/tags/f35s4e0/45k2r2v/iframe
  • https://d1eoo1tco6rr5e.cloudfront.net/f35s4e0/45k2r2v/iframe
138 B
668 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d1eoo1tco6rr5e.cloudfront.net/f35s4e0/45k2r2v/iframe
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/10170/code/6fa385984d6889f764a1c93297b6aa5b.js?conditionId0=4872641
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.22.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-22-149.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
67869f72a4e69347a58428a26deacf581ff95e6e4266e3a2916d0e4449e787b4

Request headers

Referer
https://support.savethechildren.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
14714
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
138
Content-Type
text/html
Date
Tue, 09 Aug 2022 04:52:37 GMT
ETag
"8aeb0d72efbabf5e0ad88b4ae7c40e54"
Last-Modified
Sat, 02 Oct 2021 00:02:02 GMT
Server
AmazonS3
Via
1.1 92835d2f5794bba6bff3a83645bbf4c4.cloudfront.net (CloudFront)
X-Amz-Cf-Id
-xDrAHcHuc-DnNpaLyC7cV1G-uorf_8e7YthA7Uh9RWxzpbuVsSxJw==
X-Amz-Cf-Pop
VIE50-P1
X-Cache
Hit from cloudfront
x-amz-server-side-encryption
AES256

Redirect headers

content-length
183
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 08:57:51 GMT
location
https://d1eoo1tco6rr5e.cloudfront.net/f35s4e0/45k2r2v/iframe
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
iframe
d1eoo1tco6rr5e.cloudfront.net/f35s4e0/qa0mevt/ Frame 72DC
Redirect Chain
  • https://insight.adsrvr.org/tags/f35s4e0/qa0mevt/iframe
  • https://d1eoo1tco6rr5e.cloudfront.net/f35s4e0/qa0mevt/iframe
138 B
668 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d1eoo1tco6rr5e.cloudfront.net/f35s4e0/qa0mevt/iframe
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/10170/code/07285131fb793c9edbc1a300e9502bf5.js?conditionId0=4927691&conditionId1=4871227&conditionId2=4872711
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.22.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-22-149.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9479c1288cf240cf605993ef0fcda98d749b6b7fb8e4ee584be29ed1856aca3

Request headers

Referer
https://support.savethechildren.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
19504
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
138
Content-Type
text/html
Date
Tue, 09 Aug 2022 03:32:48 GMT
ETag
"d6f3ec45e4993f46db4a53dc1f01b599"
Last-Modified
Sat, 02 Oct 2021 00:02:02 GMT
Server
AmazonS3
Via
1.1 92835d2f5794bba6bff3a83645bbf4c4.cloudfront.net (CloudFront)
X-Amz-Cf-Id
w7CUV-ZN71aXWIhwNOZ3B7jn9rUH8K4uIobl6KChpQ3ywQq24Ee_0Q==
X-Amz-Cf-Pop
VIE50-P1
X-Cache
Hit from cloudfront
x-amz-server-side-encryption
AES256

Redirect headers

content-length
183
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 08:57:51 GMT
location
https://d1eoo1tco6rr5e.cloudfront.net/f35s4e0/qa0mevt/iframe
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
iframe
d1eoo1tco6rr5e.cloudfront.net/f35s4e0/n4od8ve/ Frame 1B7C
Redirect Chain
  • https://insight.adsrvr.org/tags/f35s4e0/n4od8ve/iframe
  • https://d1eoo1tco6rr5e.cloudfront.net/f35s4e0/n4od8ve/iframe
132 B
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d1eoo1tco6rr5e.cloudfront.net/f35s4e0/n4od8ve/iframe
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/10170/code/07285131fb793c9edbc1a300e9502bf5.js?conditionId0=4927691&conditionId1=4871227&conditionId2=4872711
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.22.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-22-149.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50bb9c8f4af577f3289f597f2441f177967721b438fd1737b937ef69f4a58062

Request headers

Referer
https://support.savethechildren.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
27905
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
132
Content-Type
text/html
Date
Tue, 09 Aug 2022 01:12:47 GMT
ETag
"bc0416914b6a26dae5dfd258e572b291"
Last-Modified
Sat, 02 Oct 2021 00:02:02 GMT
Server
AmazonS3
Via
1.1 af4c7c5690ef99c2d2945817a4e41504.cloudfront.net (CloudFront)
X-Amz-Cf-Id
ArS-KSj2RXLZxes4s8zrftL6HI0iKIDNcLY9oN-XuhJshHNTiCun6w==
X-Amz-Cf-Pop
VIE50-P1
X-Cache
Hit from cloudfront
x-amz-server-side-encryption
AES256

Redirect headers

content-length
183
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 08:57:51 GMT
location
https://d1eoo1tco6rr5e.cloudfront.net/f35s4e0/n4od8ve/iframe
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
/
insight.adsrvr.org/track/pxl/ Frame 5B34 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=f35s4e0&ct=0:45k2r2v&fmt=3
Requested by
Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/f35s4e0/45k2r2v/iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
insight.adsrvr.org/track/pxl/ Frame 72DC 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=f35s4e0&ct=0:qa0mevt&fmt=3
Requested by
Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/f35s4e0/qa0mevt/iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
insight.adsrvr.org/track/pxl/ Frame 1B7C 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=f35s4e0&ct=0:n4od8ve&fmt=3
Requested by
Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/f35s4e0/n4od8ve/iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 08:57:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
collect
n.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://n.clarity.ms/collect
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.19.2/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://support.savethechildren.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
https://support.savethechildren.org
date
Tue, 09 Aug 2022 08:57:52 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
px.surveywall-api.survata.com
URL
https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D

Verdicts & Comments Add Verdict or Comment

576 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| YUI function| getModules object| Y function| emptyFunction function| toFunction function| remapConsoleFunctions object| Utils object| UtilsConstants function| addOnLoadHandler function| getObj function| MM_swapImgRestore function| MM_preloadImages function| MM_findObj function| MM_swapImage function| MM_openBrWindow function| appendToUrl function| addHiddenInput function| CurrencyContext object| utils_currencyContext function| setCurrencyContext function| parseCurrency function| formatCurrency function| getCurrencyScalingFactor string| utils_digits function| parseIntStrict function| getSelOptionObject function| getOptionSelection function| addOptionToSelect function| deselectOption function| changeLinksToStayInPopup function| link_submit_redirect function| findContainingLink function| DlgMgr object| DialogManager function| openModelessDialog function| reloadWindow function| isNS function| isIE function| closeWin function| set_display function| disable_edit function| removeChildren function| getElementText function| setElementText function| set_visible function| show_block_element function| show_element function| hide_element function| parse_boolean function| disable_element function| reset_element function| get_input_default_value function| get_input_value function| get_option_value function| is_text_field function| set_input_value function| get_which_radio function| subclass function| getAncestor function| getAncestorByClass function| findAllOfClass function| isOfClass function| filterByClass function| cv_show_help function| cv_new_win_from_link function| cv_new_win function| cv_win_focus function| cv_should_handle function| cv_popup_from_link_handler function| cv_new_win_from_link_handler function| cv_new_win_handler function| cv_help_link_handler function| enable_help_links function| cv_show_preview function| cv_preview_link_handler function| cv_launch_window_on_load function| enable_preview_links function| URLEncode function| URLEncodeParamValue function| decToHex function| reversal function| isUrlOK function| SetChecked function| limitArea number| WCAGState function| keepAlive function| forceKeepAlive function| formatTime undefined| keepAliveDialog undefined| keepAliveTimer function| initKeepAliveDialog function| showTimingOutDialog function| showTimedOutDialog function| showKeepAliveDialog function| keepAlivePoll function| keepAlive2 function| forceKeepAlive2 boolean| _submitOnce function| submitOnce function| submitEnter function| copy_to_clip function| choiceSelected function| ds_merge_field function| ds_merge_direct_field function| ds_merge_date_field function| MergeCompositeObserver function| trim function| isArray function| showLightbox function| hideLightbox function| resizeBgDiv function| preEnhance function| postEnhance function| toTitleCase function| enhanceDomToPostLatin1EncodedData function| CList function| CCallWrapper function| CSimpleObservable object| oc_components function| ObservableComponent function| ObservableRadioComponent function| ObservableGridComponent function| get_observable_component function| fire_obs_comp_event function| observe_component function| filter_values_equal function| ComponentEnabler function| ComponentDisabler function| ComponentDisplayer function| ObservableComponentEvent string| FC_ROW_CLASS string| FC_INPUT_CLASS string| FC_EDIT_BUTTON_CLASS string| FC_MSG_ROW_CLASS string| FC_MESSAGE_ICON_CLASS string| FC_ERROR_TEXT_CLASS string| FC_INFO_TEXT_CLASS string| FC_WARN_TEXT_CLASS string| FC_REQUIRED_CLASS string| FC_LABEL_TEXT_CLASS object| fc_globalMessages undefined| fc_edit_component_fn function| FormComponent function| fc_setEditComponentFn function| FCGlobalMessages function| fc_setGlobalMessages function| fc_registerComponent function| fc_hideChildren function| fc_setMessageDisplay function| fc_editComponent function| fc_showInformational function| fc_handle_enter_key function| fc_button_purpose function| fc_showInfosRequired function| showCheckboxInfosRequired function| fc_showInfosNotRequired function| fc_getFormRow function| fc_getPeerByClass function| fc_getChildByClass function| fc_getElementText function| fc_getAbsolutePosition function| fc_getFieldLabel function| fc_getFieldInfoText function| fc_showIcon function| fc_makeInfoMsgImg function| fc_makeWarningMsgImg function| fc_makeSpacerImg function| fc_initMsgContainers function| fc_getOrMakeChildDiv function| fc_getInfoMsgContainer function| fc_getInfoImgContainer function| fc_getWarnMsgContainer function| fc_getWarnImgContainer function| fc_getErrorMsgContainer function| fc_getErrorImgContainer function| fc_getContainer function| fc_showWarningMessage function| fc_hideInitialMessage function| fc_hideWarningMessage function| fc_updateWarningDisplay function| fc_isEmptyField function| fc_hideInfoMsg function| fc_hideWarnMsg function| fc_hideErrorMsg function| fc_copyChildren function| fc_addTablePadding function| fc_isMacIE function| FCDynamicMessageInfo function| fc_setDimensions function| fc_showHTMLBlock function| fc_showOtherMessage function| fc_activateEditButtons function| fc_activateFormInputs function| fc_activateInputs function| fc_init object| dl_levelInfos undefined| dl_obs_comp undefined| dl_other_amt_obs_comp function| dl_observeLevelChange function| dl_observeOtherAmountChange function| dl_LevelInfo function| dl_addLevelInfo function| dl_OtherAmountLevelInfo function| dl_addOtherAmountLevelInfo function| dl_findLabel function| dl_setAccessibleMessages function| dl_showLevelMessage function| dl_levelFocused function| dl_levelSelected function| dl_levelBlur function| dl_checkInitialLevel function| dl_initLevelInfo function| dl_findLevelAsk function| dl_onload boolean| dl_init_begun function| dl_init_callback function| dl_init string| DON_PS_PREM_SELECT_LIST_CLASS string| DON_PS_PREM_RADIO_BUTTON_CLASS string| DON_PS_PREM_NONE_AVAIL_ROW_ID string| DON_PS_PREM_AVAIL_FOR_USER_SPECIFIED_AMT_ROW_ID number| DON_PS_NO_SELECTION_PREM_PRODUCT_ID number| DON_PS_PREM_AVAIL_FOR_USER_SPECIFIED_AMT_PRODUCT_ID object| don_ps_premiumInfos object| don_ps_radio_buttons boolean| don_ps_searched_for_radios undefined| don_ps_select_list undefined| don_ps_select_list_clone boolean| don_ps_searched_for_select object| don_premium_map object| don_ps_value_map number| don_ps_level_id number| don_ps_user_specified_level_id number| don_ps_user_specified_value function| DonLevelPremiums function| don_ps_map_premium_to_level function| don_ps_getHighestDonLevelPremiums function| don_ps_set_selected_level_id function| don_ps_set_user_specified_level function| don_ps_set_user_specified_value function| don_ps_getRadioButtons function| don_ps_getSelectList function| don_ps_getOrigSelectList function| don_ps_reset_select_list function| don_ps_filter_by_level function| don_ps_filter_by_string_value function| don_ps_filter_by_value function| don_ps_filter_radios_by_level function| don_ps_hide_or_show_premium_radio function| don_ps_filter_select_by_level function| don_ps_hide_or_show_premium_option function| removeOptionElement function| don_ps_PremiumInfo function| don_ps_addPremiumInfo function| don_ps_findPremiumInfoDiv function| don_ps_findPremiumInfoDivs function| don_ps_get_premium_id function| don_ps_showPremiumMessage function| don_ps_configSelected function| don_ps_premiumSelected function| don_ps_initPremiumInfo function| don_ps_checkInitial function| don_ps_simulateSelection number| timerID function| don_ps_queue_filter_by_string_value function| don_ps_dequeue_filter_by_value function| don_ps_immediate_filter_by_value function| don_ps_LevelChangeObserver function| don_ps_OtherAmountChangeObserver function| don_ps_init function| Address function| AddressComponents function| DonAddressCopier function| Name function| NameComponents function| DonNameCopier function| Email function| EmailComponents function| DonEmailCopier function| Phone function| PhoneComponents function| DonPhoneCopier function| _dtm object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| __target_telemetry object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| _da_ string| DecibelInsight function| decibelInsight object| el object| it object| dataLayer object| siteAlerts object| siteAlertsData function| reloadPage function| testAjax function| updateDonorCoverAmount function| evalMatchingGift object| comp function| billing_title_listChanged function| billing_addr_country_listChanged function| billing_addr_state_listChanged object| comp1 object| comp2 function| PaymentObserver boolean| submitted function| checkDoubleClick object| consHowDidYouHear object| $jscomp function| hasAngular function| remove$FromGlobalScope function| $ function| jQuery function| reCaptchaLoaded object| is function| Cookies function| _ function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| moment function| Vue function| VueRouter object| Vuex function| numeral object| Stickyfill function| luminateExtend function| $dnlJq object| addthis_share object| shell object| __gcse function| env function| debounce function| isLanguage function| impressionAnalytics function| trackBillingPageViewAnalytics function| trackCartPageViewAnalytics function| trackPageViewAnalytics function| trackReviewPageViewAnalytics function| trackVirtualPageViewAnalytics function| videoAnalytics function| getUrlVars function| getUrlVar function| isBrowser function| submitPixelToCheetahMail function| trackSocialMediaAnalytics function| CookiebotCallback_OnDialogDisplay string| cookieDomain function| disableFormAbandonmentAnalytics function| formAbandonmentAnalytics function| getMarketingSourceCode function| setAnalyticsError function| setAnalyticsForm function| setDonationAnalytics function| setDonationPledge function| setFormAbandonment function| setFormAnalyticsData function| setFormError function| setFormLastField function| setFormSubmission function| setFormUploadSuccess function| submissionSuccessAnalytics function| validationErrorAnalytics function| creditCardMasking function| zipPhoneMasking function| disableFormValidation function| enableFormValidation function| isCreditCardNumberInput function| ensureArray function| formatNumberWithCommas function| moveFancyboxAttributes function| preloadImage function| waitMilliseconds function| addToCartFromProductViewAnalytics function| removeFromCartFromProductViewAnalytics function| setCartContents function| setProductToCartFromProductViewAnalytics function| setProductToCart function| setProductViewAnalytics function| setTransactionAnalytics function| trackProductView function| trackTransactionSuccessAnalytics function| updateProductViewAnalytics function| getUserDetails function| getUserInfoSetAnalytics function| getUserInteractions function| setSocialMediaLoginInfo function| setUserAnalytics string| memberStatus function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_ActivityMap object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| google object| CookieControl function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| Cookiebot object| CookieConsent object| braintree object| stcBraintreePlugin string| donationFormId string| donationFormName string| donationMinimumMessage string| donationOneTimeMinimum string| donationPrivateFormName string| donationRecurringMinimum string| donationUrl string| donorEmployer string| donationReferral string| teamraiserEventName string| proxyType string| donationPaymentMethod string| showHonorFields string| thankYouDonationAmount string| thankYouGiftType object| Sentry object| __SENTRY__ object| digitalData object| _dtmv object| $menuBasketItem object| fancyboxSettings object| tealFancyboxSettings object| plumFancyboxSettings object| _di_max_id object| _da_crcTable object| TrustedSite number| TrustedSite_done object| TrustedSiteInline object| CookiebotDialog object| CookieConsentDialog object| google_tag_manager function| postscribe object| google_tag_manager_external object| __sentry_instrumentation_handlers__ function| fbq function| _fbq object| a9PixelQue object| _lab string| _wds_im object| uetq object| _omapp function| OptinMonsterApp boolean| om_loaded object| om80223_71376 function| omq object| s_i_stcf.prod.us undefined| _smtrErr object| shqChromeOnsiteResponse object| _shqdbl object| _shqDebug object| SmtrRmkr object| _smtr object| google_tag_data function| ttd_dom_ready function| TTDUniversalPixelApi object| criteo_q string| GoogleAnalyticsObject function| ga object| omjkuwt0truaogbim6gjze object| omghn2azjp0qlg2ag8ujdj object| WebFont object| gaplugins object| gaGlobal object| gaData object| EF function| UET function| UET_init function| UET_push object| ueto_5550968c98 object| A9PIXEL object| cvLogger function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO boolean| foundNonStandardJQuery string| nonStandardJQueryVersion undefined| e9Manager undefined| e9 object| expoDisplayAd object| PAYPAL object| WDSMemberConfig object| WDSConfig number| timeout boolean| tpc_present function| _lrx_storageAvailable undefined| _lrx_success_delay undefined| _lrx_successTrig_delay undefined| _lrx_successLeads undefined| _lrx_successTrigs number| _lrx_conversionTimer object| _lrx_docCookies function| _lrx_buildCookie function| _lrx_isJSON function| _lrx_setup function| _lrx_hs_get_visitorid function| _lrx_sendEvent function| isSuccessMessage function| isSuccessMessageTrig function| ninjaForm function| _lrx_checkConversion function| _lrx_mkto_submit undefined| _lrx_mktoTimer number| _lrx_visitorID number| _lrx_maxChecks object| _lrx_mkto number| _lrx_delay function| _lrx_getUrlParameter undefined| lrx_newCSS undefined| lrx_styles string| dcm_cid undefined| dcm_tid undefined| dcm_gid function| clarity function| DP_jQuery_1660035468655 object| irongate object| optimizely function| twq function| obApi object| _airpr object| _svq string| ssaUrl object| _airpr_ns boolean| decibelInsight_initiated boolean| di_adobe_event_bound object| di_cloneId number| di_sheet_count object| ensBootstraps object| Bootstrapper object| regeneratorRuntime object| twttr boolean| sv_DNT object| _svt

131 Cookies

Domain/Path Name / Value
support.savethechildren.org/site/AnonymousLogin Name: JSESSIONID
Value: A6061F7F7950064628D4A2CC6BD17DA3.app30125b
support.savethechildren.org/site/CRDonationAPI Name: JSESSIONID
Value: A6061F7F7950064628D4A2CC6BD17DA3.app30125b
support.savethechildren.org/site/CRConsAPI Name: JSESSIONID
Value: A6061F7F7950064628D4A2CC6BD17DA3.app30125b
support.savethechildren.org/site/CrmRest Name: JSESSIONID
Value: A6061F7F7950064628D4A2CC6BD17DA3.app30125b
.decibelinsight.net/i/13874/ Name: da_lid
Value: -FEE5BF7F9A72EA1F1075BB99F4D5E10F1F|0|0|0
.decibelinsight.net/i/13874/ Name: da_sid
Value: CDD68C4C8E32AE848524AA13B6D7AB04AC|3|0|3
support.savethechildren.org/site/ Name: JSESSIONID
Value: A6061F7F7950064628D4A2CC6BD17DA3.app30125b
i.liadm.com/s Name: _li_ss
Value: MgkI_____wcQ-xI
.savethechildren.org/ Name: cm.Bi8Z--B8yKeXB962GbAAysnJBshimg
Value: 1660035465
support.savethechildren.org/ Name: JSESSIONID
Value: A6061F7F7950064628D4A2CC6BD17DA3.app30125b
.savethechildren.org/ Name: at_check
Value: true
.google.com/ Name: NID
Value: 511=RHcvX7QVRMJ6gg_ldwNB_3xhDVm5pZdlLvOTGcZG-NII-8gO553KYRVKrwWu8z6ejAFhPE-C0t9JrrnWICtCb0P9FXkK7gi1kBjuzCkeOZxBHmGwCSQbfq0r62clnuRJfFDBnFxTlDWrNDNSYkmegrr0NdunyRMzwVxShzfk1jY
.demdex.net/ Name: demdex
Value: 28138524691330017423359110358507971215
.savethechildren.org/ Name: stc-analytics-source
Value: Email|Email||Emer_Kentucky_Flood|New_Leads|08/08/2022
.savethechildren.org/ Name: stc-session-count
Value: 0
.savethechildren.org/ Name: AMCVS_6B0E659F56A9E70D7F000101%40AdobeOrg
Value: 1
.savethechildren.org/ Name: s_ecid
Value: MCMID%7C28479789434087277423321183972064477247
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YvIhiwAAAG2kWQOJ
.savethechildren.org/ Name: mbox
Value: session#f8fee0e4ba194cde9dc97ac804ef1a38#1660037328|PC#f8fee0e4ba194cde9dc97ac804ef1a38.37_0#1723280268
.savethechildren.org/ Name: s_ips
Value: 1200
.savethechildren.org/ Name: s_tp
Value: 3347
.savethechildren.org/ Name: s_ppv
Value: 2022%2520Eastern%2520Kentucky%2520Flood%2520Crisis%2520Fund%2C36%2C36%2C1200%2C1%2C2
.dpm.demdex.net/ Name: dpm
Value: 28138524691330017423359110358507971215
support.savethechildren.org/ Name: _omappvp
Value: 32vDRdrW5pImlbTppWLIdO7pl0qeypOMB5eP1Ppu4rVW0zjPPcmhvPw7Lip5dEjVXZ6BeaAbqNo5mOkX6guMtyMQxbvfNMrk
support.savethechildren.org/ Name: _omappvs
Value: 1660035467627
.savethechildren.org/ Name: s_cc
Value: true
.savethechildren.org/ Name: s_nr30
Value: 1660035467637-New
.savethechildren.org/ Name: AMCV_6B0E659F56A9E70D7F000101%40AdobeOrg
Value: 1176715910%7CMCIDTS%7C19214%7CMCMID%7C28479789434087277423321183972064477247%7CMCAAMLH-1660640267%7C6%7CMCAAMB-1660640267%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1660042667s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19221%7CMCCIDH%7C1142891280%7CvVersion%7C5.4.0
.savethechildren.org/ Name: _gcl_au
Value: 1.1.1674618438.1660035468
.savethechildren.org/ Name: stc-analytics-sub_source
Value: 28479789434087277423321183972064477247|||||
files.savethechildren.org/ Name: PHPSESSID
Value: e750837392cb1806897d8a2d9cff448d
.ispot.tv/ Name: pt
Value: v2:83a5b91f25b6495542f390ebac79a4f6b7d32c9c8900ccaf1a2935776e7c6240|207e9c6e598e5b0991a7d1b9d0209cf167b15cf69e70905bb96ddffa7317a103
.savethechildren.org/ Name: _fbp
Value: fb.1.1660035467855.798039617
.bing.com/ Name: MUID
Value: 3E1F272316B66C92228B36D817646D93
.savethechildren.org/ Name: _ga
Value: GA1.2.851053701.1660035468
.savethechildren.org/ Name: _gid
Value: GA1.2.1048913252.1660035468
.savethechildren.org/ Name: _gat_gtag_UA_85748307_2
Value: 1
.criteo.com/ Name: uid
Value: 6b8343af-5b73-4f5e-920a-2a864e0acfdb
.savethechildren.org/ Name: _uetsid
Value: 57481b8017c111ed88e2db9885a1c238
.savethechildren.org/ Name: _uetvid
Value: 574852d017c111eda845e56ef4d77821
.wdsvc.net/ Name: _wdTest
Value: accept
.wdsvc.net/ Name: wds_random
Value: 2022-08-09T08:57:47.963Z~2022-08-09T08:57:47.963Z|8978151555096203|21|
.doubleclick.net/ Name: IDE
Value: AHWqTUl9Kvw0TrXj8Rd4lypNFAsSK1uSm1vv8UNANbHPMEKAxZT5DvGTLpN80he4
.amazon-adsystem.com/ Name: ad-id
Value: Azbz_cz8GEd3p-qKQks0Ido
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
support.savethechildren.org/ Name: trustedsite_visit
Value: 1
support.savethechildren.org/ Name: trustedsite_tm_float_seen
Value: 1
.savethechildren.org/ Name: cto_bundle
Value: 4tnr7V9ldXJTMGxTQ2p3VlFBQVB1V3p0aVR1USUyRlJkWkJjS2hJWVMlMkYxeW1tcGo3Q2lwUW9oVGpXb2hSSUNGQWJaZUJMcDNHdEdNb29HRVF0YzlRQzFydUl3R3F3JTJCcFVmT0hMNlZXTTRCU3Juc0t4a1oxSmplQ3ZSZXlmRTRIVlMlMkI2R3RwdWFIQ1BIOFVNZ0xrenE1R20xRjhFQTcyTUIyUW1xM0tjOXl1blIlMkJIZWJvJTNE
.adnxs.com/ Name: uuid2
Value: 5470547094483791091
.agkn.com/ Name: ab
Value: 0001%3AeGI%2FA0Ck9MO%2FFa7PRmrW42Opndw46daS
.yahoo.com/ Name: A3
Value: d=AQABBIwh8mICECB9EaiZfmQhuMzjE88gpCMFEgEBAQFz82L8YgAAAAAA_eMAAA&S=AQAAAiBnovg1Gq7I0G15qCYLhIA
.tribalfusion.com/ Name: ANON_ID
Value: aBnsmAqZbaO46iPq6fHjc8CmS3Sm1NMFeeyicxwYNDFr1exMY2WOwNJna753HFZbV9aLsGTIdZaQ94m
.casalemedia.com/ Name: CMID
Value: YvIhjLW6wNIABgaKk2SFzAAA
.casalemedia.com/ Name: CMPS
Value: 5146
.casalemedia.com/ Name: CMPRO
Value: 5146
.zeotap.com/ Name: zc
Value: 476c0da4-1247-44e3-41af-ce065ea2dcaa
.bidswitch.net/ Name: tuuid
Value: 02ee8e9e-e5dd-4310-80d4-97af76bd2dd7
.bidswitch.net/ Name: c
Value: 1660035468
.bidswitch.net/ Name: tuuid_lu
Value: 1660035468
.myvisualiq.net/ Name: tuuid
Value: f56879c0-729a-4d51-aed0-34df95ef65e6
.myvisualiq.net/ Name: c
Value: 1660035468
.myvisualiq.net/ Name: tuuid_lu
Value: 1660035468
www.clarity.ms/ Name: CLID
Value: ec713e7c67d24651b31fa71d2023b052.20220809.20230809
ads.stickyadstv.com/ Name: UID
Value: 1b67cd627e43202bb832c2b83b1e31
ads.stickyadstv.com/ Name: uid-bp-30833
Value: 1
ads.stickyadstv.com/ Name: sessionId
Value: 69a327ef3080c8b433ecd4ff7f29de
.adnxs.com/ Name: anj
Value: dTM7k!M40]CxrEQF']wIg2C%3H?tod!@wnfH8KHJO4W`i=Cag3fNY@7gwi:+`ptgZioM14dtswdXbgl%q#lyD@v:8pANZg(#F:dGnc<C*OEt'#nf+QU@JC1<*f=kW*g0D(ryw/d
.savethechildren.org/ Name: _clck
Value: 153rgpy|1|f3v|0
.c.paypal.com/ Name: sc_f
Value: 0UR-EHlJqz6aeChYF1SJMKgfv8e7bAsEzrDqtl5nz41FkZTUw5VGPKMBnBsnq9MprKQeF4X8b_bEAW8giLeo15EZuaPX6e_atoCjxm
.paypal.com/ Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK
Value: XYvZjdEU_NAen_mYJbWML1h7ehTHhYw4NZ5zSFk7ZHMDq1Ey83oW1X-JJNnLz014rp6PyWi0eab6at5q
www.trustedsite.com/ Name: AWSALBCORS
Value: oxq9afnRaxdEw3/yV+xczITKxG3hIfByyEYRXdbGmYYt0X+ZHLGsltCK3PtVelywfOUU3tdRPm8w9MMRL+93Mw0+txVVmuWlgxoeyYGOnA8bEd2sA/troulmAzo6
.krxd.net/ Name: _kuid_
Value: PAel90Ia
.mookie1.com/ Name: id
Value: 10818279625122487936
.mookie1.com/ Name: mdata
Value: 1|10818279625122487936|1660035468923
.mookie1.com/ Name: ov
Value: f426204512010783dad71054526d7be7
.spotxchange.com/ Name: audience
Value: 57f51bae-17c1-11ed-9323-1d66682b0306
.adform.net/ Name: C
Value: 1
bs.serving-sys.com/ Name: r1
Value: 1660035469_1
.serving-sys.com/ Name: u2
Value: 40c8bcd0-6082-4bb2-8032-5d30125adb7d4Id060
.adform.net/ Name: uid
Value: 5089366412164480040
ads.samba.tv/ Name: sambapxid
Value: fcdae62ce4128cf8
.savethechildren.org/ Name: _clsk
Value: wfabqf|1660035469180|1|1|n.clarity.ms/collect
.mountain.com/ Name: guid
Value: 582351e9-17c1-11ed-b412-a742ebe07e1d
.semasio.net/ Name: SEUNCY
Value: D694E8BFB2733D14
.ninthdecimal.com/ Name: ndat
Value: aO2WYGLyIY0V9xJgZex+Ag==
.leadsrx.com/ Name: _lab
Value: 112246423
.leadsrx.com/ Name: _lab_lastTouch
Value: direct
.savethechildren.org/ Name: _lab
Value: 112246423
.savethechildren.org/ Name: wds_random
Value: 2022-08-09T08:57:47.963Z~2022-08-09T08:57:47.963Z|8978151555096203|21|
.savethechildren.org/ Name: __WDS1
Value: %7B%22da_100229%22%3A%7B%22hu%22%3A%222022-08-09T08%3A57%3A50.289Z%22%7D%7D
.px.mountain.com/ Name: tt
Value: H4sIAAAAAAAAAKtWKlOyMtJRMjYysjSON7IwtlCyMjQzMzAwNjUxNzA3tNBR8guKh8qaWxorWRkgi4DVG9QCAFI1Dq9GAAAA
.mountain.com/ Name: rt
Value: "MzIyOTM6MTY2MDAzNTQ3MA=="
.analytics.yahoo.com/ Name: IDSYNC
Value: "195g~26hk:18zh~26hk"
.adscale.de/ Name: uu
Value: f8bd1908336e45c998f90ae65b43ca92
.adscale.de/ Name: cct
Value: 1660035470990
.savethechildren.org/ Name: da_sid
Value: CDD68C4C8E32AE848524AA13B6D7AB04AC|3|0|3
.savethechildren.org/ Name: da_lid
Value: FEE5BF7F9A72EA1F1075BB99F4D5E10F1F|0|0|0
.savethechildren.org/ Name: da_intState
Value:
.savethechildren.org/ Name: s_vi
Value: [CS]v1|317910C7AD7CD665-4000144305625942[CE]
.ih.adscale.de/ Name: tu
Value: 4#1047570014#40~k-hX-M0NSp4Ls6bMlLBs3nOT6l-1455JZid86BBQ~461120~0~0
.casalemedia.com/ Name: CMTS
Value: 1181
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%225931db40-17c1-11ed-8e29-b7dd7f8ce0b1%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%225931db40-17c1-11ed-8e29-b7dd7f8ce0b1%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-Q-6XKNSp4Ls6bMlLBs3nOT6l-15D1PLK8MfuKA%22%2C%22version%22%3A%22criteo%22%7D
.media.net/ Name: visitor-id
Value: 3030370718280857000V10
.media.net/ Name: data-c-ts
Value: 1660035471
.media.net/ Name: data-c
Value: k-8k32rtSp4Ls6bMlLBs3nOT6l-16yFi1vXheF-Q~~3
.c.bing.com/ Name: SRM_B
Value: 3E1F272316B66C92228B36D817646D93
.360yield.com/ Name: tuuid
Value: 815e476d-4f24-41b9-85cf-6c8b21368734
.360yield.com/ Name: tuuid_lu
Value: 1660035471
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 3E1F272316B66C92228B36D817646D93
.c.clarity.ms/ Name: ANONCHK
Value: 0
.360yield.com/ Name: um
Value: !38,8vJ21MylUTL8c-6YoB0CPzuO3hkGu5DRzSLfZyIe4xDP9SN3l9yhPkyqiF68Yuc.4EkPzGPH,1667811471
.360yield.com/ Name: umeh
Value: !38,0,1722243471,-1
.yieldlab.net/ Name: id
Value: 480def0f-585c-46fd-a31f-1b863b7e59d4
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.sxp.smartclip.net/ Name: uuid
Value: 598609f4-8f21-f262-1370-c0c4c555c3fd
.sxp.smartclip.net/ Name: dspuuid
Value: 69.k-pDIk-dSp4Ls6bMlLBs3nOT6l-160o0axF8Glpg
.sxp.smartclip.net/ Name: psyn
Value: 19213.69
dpx.airpr.com/ Name: an_airpr_recent_visit
Value: 1
.outbrain.com/ Name: obuid
Value: 2569b4df-834e-4cfb-a6a2-445a99633fa9
.t.co/ Name: muc_ads
Value: 92f193a9-997b-40d3-a803-9b5baecd27cf
.twitter.com/ Name: personalization_id
Value: "v1_+SuXDgxVUjzingYO8LAFuA=="
.liadm.com/ Name: lidid
Value: 95a2cd15-f744-46ac-a93f-3501a18b5810
support.savethechildren.org/ Name: outbrain_cid_fetch
Value: true

6 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://idsync.rlcdn.com/397596.gif?partner_uid=7ScRUjRdwag_-DxO5l9hfvy63PaplX6t
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com; report-uri https://support.savethechildren.org/site/XFrameViolation
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10657097.fls.doubleclick.net
4853738.fls.doubleclick.net
a.omappapi.com
a.opmnstr.com
a.tribalfusion.com
a.twiago.com
a4.tribalfusion.com
aa.agkn.com
ad.360yield.com
ad.sxp.smartclip.net
ad.yieldlab.net
ads.samba.tv
ads.stickyadstv.com
adservice.google.com
adservice.google.de
amazon.partners.tremorhub.com
amplify.outbrain.com
analytics.twitter.com
api.omappapi.com
app.leadsrx.com
assets.adobedtm.com
b.stats.paypal.com
bat.bing.com
beacon.krxd.net
browser.sentry-cdn.com
bs.serving-sys.com
c.bing.com
c.clarity.ms
c.paypal.com
c1.adform.net
c6.paypal.com
cdn.decibelinsight.net
cdn.ywxi.net
cdnjs.cloudflare.com
client-analytics.braintreegateway.com
cm.adform.net
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
contextual.media.net
cotads.adscale.de
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d1eoo1tco6rr5e.cloudfront.net
d1n00d49gkbray.cloudfront.net
dis.criteo.com
dpm.demdex.net
dpx.airpr.com
dsum-sec.casalemedia.com
dub.stats.paypal.com
dx.mountain.com
dx2eq2oh924g4.cloudfront.net
e.savethechildren.org
eb2.3lift.com
exchange.mediavine.com
files.savethechildren.org
fonts.gstatic.com
googleads.g.doubleclick.net
gs.mountain.com
gum.criteo.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
image2.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
js.adsrvr.org
js.braintreegateway.com
lciapi.ninthdecimal.com
lm.serving-sys.com
loadus.exelator.com
match.adsrvr.org
match.sharethrough.com
mug.criteo.com
mwzeom.zeotap.com
n.clarity.ms
nexus.ensighten.com
o69911.ingest.sentry.io
odr.mookie1.com
pay.google.com
payments.braintree-api.com
pi.ispot.tv
pixel.rubiconproject.com
pixel.sitescout.com
play.google.com
pt.ispot.tv
public-prod-dspcookiematching.dmxleo.com
px.airpr.com
px.mountain.com
px.surveywall-api.survata.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.thebrighttag.com
s.tribalfusion.com
s3-us-west-2.amazonaws.com
savethechildrenfeder.tt.omtrdc.net
sb.scorecardresearch.com
secure.adnxs.com
simage2.pubmatic.com
smetrics.savethechildren.org
sslwidget.criteo.com
ssum-sec.casalemedia.com
static.ads-twitter.com
static.criteo.net
stc.demdex.net
support.savethechildren.org
sync-t1.taboola.com
sync.outbrain.com
sync.search.spotxchange.com
sync.taboola.com
t.co
t.myvisualiq.net
tags.bluekai.com
tags.wdsvc.net
token.rubiconproject.com
tr.outbrain.com
track.securedvisit.com
uipglob.semasio.net
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.samplicio.us
visitor.omnitagjs.com
widget.us.criteo.com
www.clarity.ms
www.dgtrx.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.imdb.com
www.savethechildren.org
www.trustedsite.com
x.bidswitch.net
px.surveywall-api.survata.com
100.20.4.138
104.103.102.147
104.111.215.191
104.18.18.126
104.18.19.126
104.18.32.107
104.237.150.96
104.244.42.195
104.244.42.5
104.96.128.226
108.138.15.119
108.138.17.116
108.138.7.19
13.32.121.37
13.32.99.116
13.36.218.177
141.226.228.48
141.95.98.65
142.250.184.194
142.250.185.194
142.250.186.70
15.197.193.217
151.101.130.132
178.250.0.163
178.250.2.146
178.250.2.151
18.156.0.31
18.157.110.213
18.158.183.134
18.185.150.140
18.185.197.79
18.193.255.74
18.194.248.163
18.196.249.194
18.66.112.59
18.66.139.91
18.66.22.149
185.255.84.153
185.64.189.110
185.64.190.80
185.86.139.106
185.94.180.125
188.65.124.66
192.229.221.25
198.47.127.19
199.232.136.157
2.16.186.10
2.21.185.80
20.234.93.27
208.113.174.133
212.82.100.182
2400:52e0:1e01::883:1
2600:1f18:612b:4216:68f0:5178:951f:deb4
2600:1f18:ed:550a:be9:db47:5744:e7ff
2600:9000:223d:9c00:1b:832b:ac00:93a1
2600:9000:223d:dc00:9:7c30:be80:21
2600:9000:225e:ca00:14:6bfc:5740:93a1
2600:9000:2491:ba00:12:b144:100:21
2606:4700:10::6816:1957
2606:4700:4400::6812:230b
2606:4700::6811:180e
2620:1ec:27::cafe:2277
2620:1ec:c11::200
2a00:1450:4001:801::2008
2a00:1450:4001:809::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:813::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2002
2a00:1450:400c:c0c::5c
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:1700:11::b856:6785
2a02:26f0:3500:591::1e80
2a02:26f0:3500:886::f09
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:200::291
2a04:4e42:400::729
3.127.113.46
3.128.220.23
3.209.91.249
3.64.108.197
3.74.200.12
34.120.195.249
34.212.4.35
34.225.35.161
34.248.32.199
34.98.67.61
34.98.72.238
35.156.167.229
35.186.194.101
35.244.159.8
35.244.174.68
35.81.173.170
37.157.4.25
37.157.4.39
37.252.172.123
37.252.173.22
52.184.204.244
52.214.253.121
52.218.241.88
52.222.236.47
52.222.237.72
52.41.199.196
52.46.128.147
52.51.11.49
52.55.204.85
52.55.9.32
54.154.150.117
54.166.21.101
54.225.217.42
54.229.84.199
54.69.255.140
54.76.86.227
54.78.254.47
64.4.245.84
66.155.71.25
67.134.222.124
69.173.144.139
69.173.144.165
70.42.32.223
74.119.119.150
74.123.154.123
76.223.111.18
77.243.60.138
85.215.5.31
92.123.38.97
0110d344f5e1d7a9a55ade4a01c6da8bd4070596d4c8ade3d89d48f4ab1cf21d
0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0436a20374fdff49c82c70f65ef3663336c6f3405cc02e16e7a0252b4e2dbb07
04a798f1de48c8e912b858a70fde58dbd12a9c1181d695709c2b27f25bb09a7f
059528a26553e67b582045dac00b9e76675170cbb703d847c4be185545648e73
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
09923331599e977cd792a40c5d7366d449ac78d7e68e70b99c9226fa07c1dac0
099a89edb65f4cd9501d6c1a11ef5f6b26ec28713c76a01629a42612f7c4908d
0b49e7b48486b30c382a49fc34a7385230a87130314260f19cb1899388bca34e
0c8fba41f9e22f09c18be06b7269e43763908093cd19c25c0a015605935b2105
0cb55bfdaefc1c61db83febcd4f03faa2a6e4b859bad56142ef8996b11a31f52
0d17243f4d997014fe0d8e4be3bb2037b1e1266f1608a2269ae146dc8d7ffa7c
0e2fdac237b412bab43090b2f5f5d42f543a9e0d63becbcfba32ae790a2fdbb4
0e937847c7e07ed15db23b99d02385f8a76a534837159ec603319dab64a5a9ba
0f2dd730bc56ea9d8d0ee9c7ec142ec0e5ccb384da3fb24f94414aa7ccd9b48b
104a57ba8de66a8ad8437e014f6984c52c5d0a3aceafa9b681496cd72b87673e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12dd3e968ced8f01649560da4cf975edff617d25ba4585dda428377529220da0
135ae3e7f5e9b6c501a48f208ab55f701c066f5543fc4d7d64ef766cc722fae9
172204f6057752a2dedb4e0358a3e3b1b22646aa449f2eb8c8eba420d4845a86
17423a3fc16f9d010a773780b8f21b45ab58580afc0118bb8bcd6a96b1cd5f8a
19fad0a6f2ebf74c760ea5b61802a785b98f2b72d1b6babe7f57dab88ba04fba
1a0989896f2933670321396aa9d0581db5ec8bdf3327691ca35f9c4bfa98c8fd
1c321de5065295ed763d5a8cc53ca6894a860faa6bde5a5fb18a50dbca55b180
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1e22ddbf693707a0400596edaa835b46f10a9e0003e728205735af5d8ae881fc
1f6d77e663b8b758cb24403ab8280ac7b8b3aa2aca0a7942caa12e054ddf123f
1f98f081ddb399e374057d25fba8f7e9c272bf58b6d62c6d4c0e069af88be2a3
1fbf42d1b22606f9fae41a9532aea2294de767da24ecb2e9db3de3a2427e082b
21b2d1f982899583a1cf29dad48ce276cbe44838051e4bb373a6813d15fde88d
2344bf11d8936ea401e4024d5e8f2060095264d179d34ee2388c6832c603ea27
29ebdbb570753623b8ed9a6d19f4c79fb42b2481c21cb4141eb055b7d177e79a
2c308d399f0572b3e2c80622604dcf2e4417308049a1667fc27c1d4a18b0e769
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
34b6561b0dc821aebf895b623ba64d09d00a153c22610f0f71f67ecc3d9e6769
34c767311f85c3a8a9fa6e98f8f443233cf20ce4f952134e72d0cf2b0701e1cf
36b5697cea3adce6b7d19284a8fc074ab18f9ca01273ba853ee0f057415c9387
37b5bcadb5d884158218785c2647fb6945d73906315d5abe754232158748259e
3b6f87e7eb7e27cb769f7552282850747393fd7d3d374ab20f28a3326d7280d0
3f65c3dcc1c537bf31a736d0d32b468580d8a3f3ee96f93e3befcb0a871a9a28
40e392722e30aedecabeb46084f9dca410da4fa533b0c8b8d872cf99a729b8a5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
481cc82a8339459184525d58ddc6f98e6fd4c57da6861e89b5f59440a94502c4
49ef92b367500b4ee119940a1b56ae67829a83f519e8af995e5d5b180f1731b9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b99a75a42582fd22e780855dfb50880df624ce43988616f4b19dc7ba90f1250
4bb29fc16bdac8b50ea87d923f8df87d7459e533afe6871dcc33c039787e5271
4cc71a038b77c6edee0568cc4d0d99e867b5fb334b34784a4df3add33756043d
4cf635e0a393b85f4efd07b3a00b8c092329ffb42dcef45b0d99dca88efb7ac5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4edb816a596f9a4a768c41f9f21b5b2bcfb74f80f913a7f40b899c2d05ec1719
4ef0b374e788cf021877ea0158526a25b035fb112a5404a55768cb563ad05d45
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
507add04d1c6597d1eaca7599452be07bd58c4fca04d195808df2909d610d9e3
50bb9c8f4af577f3289f597f2441f177967721b438fd1737b937ef69f4a58062
529b9c583e6cf8da02c9cadf8c38b5714198f0fde2dcde01da2d5ee681228738
529e2c135c9479f5ccddc5e644f4d6f1b1a693b02c5945b71aa62d25576858a2
53380404709f3d3e845a1e33be4d4e0bac1a77845e10f68111ffb474a4bf0961
546c75b744febdb538ada85219ae6764193b442ce1bbaa4a3594182e85f7911c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
5653386a8725820e2a79eac4ea2fe4a1689bd997e943211069e96fd6e58b94ba
5681a903ffd5c9b73aabf9ea138fadaa23e6a4d912ae6b56c6afdc90871bae57
56fb1bf075613aa1e61d6cf81fe7ae08d45fe7a16689d118bfa06e17600ac4cc
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5a9e1d4af47ee8ba35c573e2f3525fd114bd1d512f3b191e807c583b9a0e60c3
5b9c72f61918d403ff3b4847600ecf00a4d01eef3f0e0f85ccf357920514e533
5befd2a54e625956c71b77a339666c25fea1a34c017fd6e711b8bf1e3d7d4ece
5f6b21d3884b4496c158b1defe06fb0ccc4b637890a2bb47089b7dc01213a32c
60cbe4e17fb6a2a02d3db7fa5126fb6a9adb26e054117a79d16aca4a2036610a
62d972edd9b193edb16366d40a35923d8a7d4bf7a114b02ab124607824321514
63e22009e53a6fb18693088f8ac6bd2a8975cf92c534132f9132acc27f179c25
67869f72a4e69347a58428a26deacf581ff95e6e4266e3a2916d0e4449e787b4
678743e83d255d34a3476fa3eed80d55d212874f0fe98285a54fbf293f8b73ee
6804249c39aae7d80cd20c9d78213ce15c35d47b5c21821641c6182c16eed1b5
68b4a874738c080b32168620bdf50403c5992de0ec152d99362dea144d4dad71
69bffd1a8ad326cbe635c1aa4501526b180044052ff34fe3c407763bc90e0930
6a0928ab6815e155bd7dfd1e3bcba9033ef3022f40b877b4f508a2f340a76f04
6a5ed4bb4bb22800c5f3d7057a35cbdd8bb49686d8df119a8452122aa7b40b80
6b5116bd2cb4809c6634b99a9b1ea0a0aeda596a94817682a0e4811e35eccc58
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d7284f85995d2144555ccc6263959b12ad5471df7cddfa7af37cb96e03a52f7
70bda825b76097196639c3e99fb6eb6f85a15779cb2c78f50a3c858eccb75983
72d7e0722e1c2197a307be6b15a4d53baddaa07d63dce5f6225a9de527507862
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
792879d4c65903d7897bf78d2a59764ac8de25cf3839eecd46fcf2683e63fb2e
7954b167764abb203ff46da6559927a733c6d6c115ab6b55355b853d5a9c9013
7bc1689cd0e0fc1cf506164c42791fdc58189241cfa918ec2d8b69afd8fad1a6
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e9f48e17e45119d7ac6f2414847ceedc5d37a9d4b4fac2b60aed8bada09fe58
7fad060874c6d715e53ae10e92ebca22aebe769bc8efcf8454c9f9802be8de78
80c38be616343203da0b9f4a74f73b63c08602650ecdb8bcc618cfce6d6795dc
82d252b0331bf97dded0f4bf4948272698618523d184b1cc476f3f1807f15b74
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0
86d95dcf819cd9f7ae82162e2c393d939f12fafaba93129517a5e8f42e62fba8
873058adc8972c0463b4f9c3403eaaafe75e76a70e14c97423bd16f5ba3b8d35
896312e222613bf6e4f12824e6d088838a10fa107a8124f38f419dcdf7a44e3d
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ba6e14ffb975812ae9f1c3c10f192a9fdb8c0a91f6580120e6bbafadde2ad13
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91ccf2606796c7906790d2db7fac7984a84882a6d05c8ef0b6914aa5e8391cf8
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
929202b357da34f1988ff49fd76e1615f5ed381a2ecb6d4d0ae76eeef527a830
931bf6ce88f5237d3795bca1fcfb831181a75de7add4b03e6e7b17b3c79a8ca4
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
93237d914c1b6b30af773ec1a9abb50d3d13da2c963c40a7d808ac184e2a0df8
9449ccf781bff1869fad09bc28ea4214e40fa767895eebc6fb37cf66cb4d27bd
957f312f39ed8ba93485141af5af501f1d2b7b372433d8ac77b0923a5c584204
95e67a043338e5fe448dc282f41915dfe871dd491269b6f2d892a46fc7e661b5
9831a5c4f65805f968ee933a01864d965eb16c84f57f68156d122b654bfed8a4
98a0c74b6560ea8895c06d21857ecf1d8de31ee9d091cf94b8373a34ab68a4df
9949830afb880a5b2473a3638a93f29952c71695d3190e35af43e8b75c989607
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a6db81127dceb32c40c1d5a1a328bef9e126a6bbe573a0ced1648ab6cdc578c
9b5a044bcf28975c9d1b32059d3da9bcfbe235b7f6c4f72e13b43f425cbfc55f
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9cdd1eae85ce614b8b8ae27bd5d03dc82f0fe2e9ed1f39bd48975c9e9e52993b
9e8ba124b0c73a351df657b54d58db545fe810e16c0d9b07824a64864792a20d
9f1452b78e9dda47be12aca96738dea2114ade0fd9fe474ee3af364c0fcf766e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e2f66644877655cd362b939852cb71181baecf71fd3dc2a1df419030809a3c
a18e784fb3201a4ce31830f8ca4918b2de835115e7ca09f676dc93b761acb0a3
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b9fd485c1f1c97169a1738e8b111c407b9270bbe3ce67958059684a7e2eb65
a438afb23db5e904944da9621089e8314f86ae094f9a6f03b45caa66dbb120d7
a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1
a7140d8f813e8c56dd2b65c4991933ecf0c74bea78c2f3b37830c04179093376
a899d637d49e28f84b577793f5c111c57fc2e631ddeacb567261b7bc6f96b58b
aa095c1b39b9a80b9847de7118da49affeeed83f3ef5d154759d0ee9471392a1
aa432c05daee8749817b34c7d407845c3132dbb52fe62bb15f8d745cdb869134
abc78c6fbb3027dfe1f1c2973e6c9e7e145fa3acd6670b25495a864351b878ff
ac5715344c53f972acf9f9786a383da5fd78b0a8f12e695522d399716203eab2
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ace295496b301814db400fa3ab2ee42f6403bc12b4f57f6a09a467edc07462d6
adae8181e3273af1702575e59e9c29b34eedf74943cdde9758a4ccf8e39c5641
ae02ca926d1ecbadd3e4d5f89e7dd6d9ba25b553b894721b6916f90132e9d0ba
ae57d5e97bf1a0db8777b7531cd32cb09ee6f07bed183bb880469cc20f355086
b0e70b299ab9c122ad93531fa8e5309833baecd53dd55c992c538f8b33bfa22d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d71a40f6794578a24e2c5c049734e609b43044b97adf3d8701780c26c9f083
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
b79c0b6d5fabf21da5599b0daf8ba491014004cdfe7dcb8df6ee43a26b836694
b986d774c858e94ecb4cd87d7a43e08cbdde1b0896e047f52c0ad07ffa6be4ac
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb365468028d285187c7eebd9d9f5f55d2f27b0f3512c21601decb7d47e9cf31
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2db1040f8bd8f01e730405e5e71407930a4f95b3823e0ef1b2fedaa033fb2bc
c3f40399edac98ec178e2da047452af5b129faf52831cf46bba1275c23130923
c435781231782d13145522b494623de0b6b8037ccfcc5f6f605b85ace8223f15
c6692607384f0b261f38edee88dc75ee817827d26aecc4ae765ada9aa92dd36b
c7b6bd7db7079b3108c37481b6bf1b01c05ab099723d7058d570c51288d7ef5f
c8edc026a9aba67c65ca1faf10b38e66398f8bde92f7f60cd1a72d2c3625635b
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb737321042ff30c7aa056706e0cb18360cfebf8246b9ecbf876e5389f32f087
ccc4874859206649591607f32661c7969b0b33f17c7f5070c2bbd0de80b8db2d
cd2a5c365b2eef6af0acbc9b56ae6a767913dbdfeebfec9b4e4231f895818a8e
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
ced71e74eb97964171b44922ce51a1614c36a8aebc19a36617c47765e50cd2d3
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d2af1b7194afb442a397879fc5f023b267adc41d9c639bd620c9d5b660526503
d6e3b5e7ca053ee43ae72808728156e5e8629de1049cf3e92794439f2bfd052f
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d92cb06b44cef6b07ba00f221cd8de90566b1779164e113d4f5a43bef4c64077
d9479c1288cf240cf605993ef0fcda98d749b6b7fb8e4ee584be29ed1856aca3
db303c3d5b39371bb91fbc688df6e18f93a067713146f617ef27157b7ee38f74
db4bb1e314a04c52d8ad52c3a66ce793a012910e88d90295767ec52d75a4d72f
dd674f0b8199125dfd7034a04f0ce6c54340f94ed822090b118e15a93dfb9986
dda558a93891b2c9f4da39839ae644f25ddaed59e93807a342eea812441e46e5
ddaf05992cd382691c8644163c876c5ace24a4900478efdbe1ba7354af4f60cf
dddb90184d87f59b1a025fa9b460ef0b25fbaa3ea192a83d31535dbb20ec10ad
df02d55d020c8804a1ecff3c85906ce4d599185870883d064381f165911ef52f
e1273a5e5ca6d6af7d88f9b231577008ca093f7950b46b601e1a2a9d203ea759
e12aaa2a4b986fa17c07ce4c0cd32b980694871255337c90e1738aa29e9095fa
e2a8a1ea72672dbf4bffbdb52c167dc5041297d7349a69782d767094aaad3e82
e2fd55a8f4de5b2168adabe37df04032a92d8e182bb0a3136c0ebd301b76ca1a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e75555ca161f289d4830a84a1856b37a9cb0077f78af600fb47c67c135baa8fd
e9f3a360c72a78979068996976210eef43a7e3b565fd19fc22cd2821ca08cd2c
ee01d40bfdd77aba5652b3ff93095712b618a6a2cc2637828bd875979cfe9cb8
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16f5e7a39830113f7119db6ee715eec682e3c879cc0ae5aeab6d2204153a9a8
f3bb97c786c64e84e11aa7326b0823ffb0504a870afbee1ed76d5e66cc0b2aae
f462ed01cdd9b02dcbda81b4cd1ac332b715a4048d554517ef6c17d81c43ad1a
f4b2b05a03ddf0db5b732abb146fbf59882c47b4c7c4b4696efadf6a176db653
f845e4b8f5eebbe74c9b3c8cb4665d14067e530550e61ae72ebf4340296e1733
f9df1da2e337cc44e3d87a5dc93f8271933b5ee914c7046ef02e281014b6cda0
fbfc0cc592809f83bfde605255dafd78f525d1cee0f807973122895fe49e1c06
fcb102140b7ffbe92fdb9dc9180565cc20e2f248d79fe439463c0159ef5317e0
fd1c1a2397b23ce32007294e78aeac9d9299c5fb39596bf6b0b5a2077c318e14
fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9