Submitted URL: https://t.e2ma.net/click/ncvr9rb/rnmj3p9/nwmqion
Effective URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Submission: On June 05 via api from US — Scanned from DE

Summary

This website contacted 20 IPs in 2 countries across 14 domains to perform 71 HTTP transactions. The main IP is 44.216.29.73, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is give.cff.org.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 2nd 2024. Valid for: a year.
This is the only time give.cff.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
22 rallybound.com
cdn3.rallybound.com — Cisco Umbrella Rank: 620130
payments.rallybound.com
2 MB
16 cff.org
give.cff.org
325 KB
11 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 375
159 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
303 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2406
305 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
296 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1007
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
91 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 5
969 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 70
ajax.googleapis.com — Cisco Umbrella Rank: 461
53 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 631
306 B
1 facebook.com
graph.facebook.com — Cisco Umbrella Rank: 160
357 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 824
8 KB
1 e2ma.net
t.e2ma.net — Cisco Umbrella Rank: 31073
472 B
71 14
Domain Requested by
17 cdn3.rallybound.com give.cff.org
cdn3.rallybound.com
16 give.cff.org give.cff.org
cdn3.rallybound.com
11 cdn.cookielaw.org www.googletagmanager.com
cdn.cookielaw.org
give.cff.org
5 payments.rallybound.com cdn3.rallybound.com
4 fonts.gstatic.com fonts.googleapis.com
3 region1.google-analytics.com www.googletagmanager.com
3 www.googletagmanager.com give.cff.org
www.googletagmanager.com
2 unpkg.com 1 redirects give.cff.org
2 www.gstatic.com www.google.com
cdn3.rallybound.com
2 connect.facebook.net give.cff.org
connect.facebook.net
2 www.google.com give.cff.org
www.gstatic.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 graph.facebook.com cdn3.rallybound.com
1 ajax.googleapis.com give.cff.org
1 fonts.googleapis.com give.cff.org
1 code.jquery.com give.cff.org
1 t.e2ma.net 1 redirects
71 17

This site contains links to these domains. Also see Links.

Domain
www.cff.org
policies.google.com
neonone.com
cookiepedia.co.uk
www.onetrust.com
Subject Issuer Validity Valid
give.cff.org
Amazon RSA 2048 M02
2024-05-02 -
2025-05-31
a year crt.sh
*.google-analytics.com
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
upload.video.google.com
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
rallybound.com
Amazon RSA 2048 M02
2024-04-30 -
2025-05-29
a year crt.sh
*.google.com
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
*.gstatic.com
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
payments.rallybound.com
Amazon RSA 2048 M03
2024-03-19 -
2025-04-17
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-03-15 -
2024-06-13
3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2024-03-01 -
2024-12-31
10 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2023-11-13 -
2024-11-12
a year crt.sh

This page contains 7 frames:

Primary Page: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Frame ID: 5FAE54057B0987CB492D439E0F5F065D
Requests: 65 HTTP requests in this frame

Frame: https://payments.rallybound.com/iframe/Root?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm2001539560&rb-jsVersion=3
Frame ID: 70443B48B6A08F5FE0B86DF10AA3C8CD
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeyosgUAAAAAK6tAS0BOKqSTbWkAYwuL98JvcVE&co=aHR0cHM6Ly9naXZlLmNmZi5vcmc6NDQz&hl=de&v=DH3nyJMamEclyfe-nztbfV8S&size=invisible&cb=yb339ax2u237
Frame ID: E30522986804E9C99DC3251792B74F2A
Requests: 1 HTTP requests in this frame

Frame: https://payments.rallybound.com/iframe/CardNumber?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm2001539560&rb-jsVersion=3&rb-placeholder=Card%20Number&rb-class=newFormInput%20&rb-showissuer=1
Frame ID: 661699BFBC833B90243B52C25DC1F2A9
Requests: 1 HTTP requests in this frame

Frame: https://payments.rallybound.com/iframe/CardMonth?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm2001539560&rb-jsVersion=3&rb-placeholder=MM&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=12
Frame ID: 43D017C1E997BBA6401215E2B009DE80
Requests: 1 HTTP requests in this frame

Frame: https://payments.rallybound.com/iframe/CardYear?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm2001539560&rb-jsVersion=3&rb-placeholder=YYYY&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=10
Frame ID: 455EB1761F5F1CD2D6CC45F7AE4DE8FF
Requests: 1 HTTP requests in this frame

Frame: https://payments.rallybound.com/iframe/CardCvv?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm2001539560&rb-jsVersion=3&rb-placeholder=CVV&rb-class=newFormInput%20
Frame ID: 6CE5A3A6DB38DD1E25037A793C1F6BFA
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Donate - Cystic Fibrosis Foundation

Page URL History Show full URLs

  1. https://t.e2ma.net/click/ncvr9rb/rnmj3p9/nwmqion HTTP 302
    https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

71
Requests

99 %
HTTPS

57 %
IPv6

14
Domains

17
Subdomains

20
IPs

2
Countries

2787 kB
Transfer

4657 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.e2ma.net/click/ncvr9rb/rnmj3p9/nwmqion HTTP 302
    https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
  • https://unpkg.com/web-vitals@4.0.1/dist/web-vitals.iife.js

71 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request donate
give.cff.org/65rosesclub/
Redirect Chain
  • https://t.e2ma.net/click/ncvr9rb/rnmj3p9/nwmqion
  • https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
149 KB
149 KB
Document
General
Full URL
https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.216.29.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-216-29-73.compute-1.amazonaws.com
Software
/
Resource Hash
ae336e0d66d3595c7a27c878894ce724e9a0f808c2697b5e0b295650d0574676
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' admin.rallybound.com cff.org *.cff.org; report-uri https://rest.rallybound.com/api/cspreport;
Strict-Transport-Security max-age=15552000;

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store
content-length
152400
content-security-policy
frame-ancestors 'self' admin.rallybound.com cff.org *.cff.org; report-uri https://rest.rallybound.com/api/cspreport;
content-type
text/html; charset=utf-8
date
Wed, 05 Jun 2024 17:11:38 GMT
expires
-1
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
strict-transport-security
max-age=15552000;

Redirect headers

content-type
text/plain
date
Wed, 05 Jun 2024 17:11:37 GMT
location
https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
server
Apache
x-robots-tag
noindex, nofollow
js
www.googletagmanager.com/gtag/
262 KB
91 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KYX847QR49&l=analyticsDataLayer
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
793759e51016529a24b758ff40ef53c07ec77ef5e25d817ebe9d238499e3400a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:11:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92927
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 05 Jun 2024 17:11:38 GMT
jquery-ui.css
code.jquery.com/ui/1.11.2/themes/smoothness/
34 KB
8 KB
Stylesheet
General
Full URL
https://code.jquery.com/ui/1.11.2/themes/smoothness/jquery-ui.css
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
95d5b67a78f81f3c071b01f888c9a468c13c8288597b64c99ff829e35b51a012

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:11:38 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5252010
x-cache
HIT, HIT
content-length
8056
x-served-by
cache-lga21964-LGA, cache-fra-eddf8230144-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1717607498.404860,VS0,VE0
etag
W/"28feccc0-898c"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
4001, 5149
css2
fonts.googleapis.com/
3 KB
976 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d8fe5effa3de4e73408fd03c8fd4bbdfa973798ee2a8d2f68159c90bcbdb8db1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Jun 2024 17:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 05 Jun 2024 15:12:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Jun 2024 17:11:38 GMT
alldash-fonts.css
give.cff.org/Content/Global/css/
5 KB
1 KB
Stylesheet
General
Full URL
https://give.cff.org/Content/Global/css/alldash-fonts.css
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.216.29.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-216-29-73.compute-1.amazonaws.com
Software
/
Resource Hash
fc2e5798ba2f836daefe1fa3dbcabc1a80a7f918495b8cbbdd10fc5fb7f6b2d6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:11:38 GMT
content-encoding
gzip
last-modified
Wed, 17 Feb 2021 03:57:16 GMT
etag
"0f6f0fae04d71:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
1125
28397.standalone-override.ABB715E262442CDA70FF9066DEB87D73.min.css
cdn3.rallybound.com/Content/css/
417 KB
417 KB
Stylesheet
General
Full URL
https://cdn3.rallybound.com/Content/css/28397.standalone-override.ABB715E262442CDA70FF9066DEB87D73.min.css
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:b000:11:9f80:15c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5456827859e90c0f022fd41eef0a10532a93797fd6e80d7af2a53ec341af05cc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 13:33:12 GMT
via
1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
last-modified
Wed, 01 May 2024 18:00:33 GMT
x-amz-cf-pop
MUC50-P1
age
358706
etag
"d8573c76f19bda1:0"
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
426604
x-amz-cf-id
qmHnZPTAtgzM6qCnKzRGNeborG5zOHH4S6pVadF3X7_efaz0_a4cDQ==
jquery-1.7.1.1C74CFE599A12FDF6817158BE44B4A39.min.js
cdn3.rallybound.com/Content/js/
122 KB
122 KB
Script
General
Full URL
https://cdn3.rallybound.com/Content/js/jquery-1.7.1.1C74CFE599A12FDF6817158BE44B4A39.min.js
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:b000:11:9f80:15c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4122ec76cfe36f6e64359e81f16dc9902781dae082df0f497232692792485ad8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 18:57:14 GMT
via
1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
last-modified
Wed, 03 Apr 2024 19:20:06 GMT
x-amz-cf-pop
MUC50-P1
age
4832064
etag
"d68fe4effb85da1:0"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
124532
x-amz-cf-id
Box15wdxDu7wbsScnuMbZMzxApSj6ZM2rIBm1XH86HvXjKvTusS2Tw==
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/
197 KB
52 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/jquery-ui.min.js
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72d9830a52597d534ae8f47eabb35eef20d343180a2e06417b7aa9784fc8e40c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:11:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97185
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52222
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:11:53 GMT
terms.E5DBB1D66AD3B4BCE01710A87C6AC007.min.js
cdn3.rallybound.com/Content/js/
175 KB
176 KB
Script
General
Full URL
https://cdn3.rallybound.com/Content/js/terms.E5DBB1D66AD3B4BCE01710A87C6AC007.min.js
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:b000:11:9f80:15c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
dc816420871def2a073fc576b23e023032e07bb1b800e9246280cc73bd2e7908

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Origin
https://give.cff.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 18:57:14 GMT
via
1.1 8c1abfbb8460bed752668233d296dba8.cloudfront.net (CloudFront)
last-modified
Wed, 03 Apr 2024 19:19:53 GMT
x-amz-cf-pop
MUC50-P1
age
4832064
etag
"2071f8e7fb85da1:0"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
179357
x-amz-cf-id
t1B0c1YMcnb0EHPlbP0zEd82ecDg44gJzqbYAxnBSeMRuV7IlmO8tg==
mobile-detect.js
cdn3.rallybound.com/Content/Global/js/
73 KB
73 KB
Script
General
Full URL
https://cdn3.rallybound.com/Content/Global/js/mobile-detect.js
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:b000:11:9f80:15c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
85926acd66622d5a7ead093a3910facfe721a772b5f855b22c25e639e90ede05

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Origin
https://give.cff.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 18:57:14 GMT
via
1.1 8c1abfbb8460bed752668233d296dba8.cloudfront.net (CloudFront)
last-modified
Wed, 17 Feb 2021 03:57:17 GMT
x-amz-cf-pop
MUC50-P1
age
4832064
etag
"56d595fbe04d71:0"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
74643
x-amz-cf-id
Noy43Xt5alJPFeFhA6a2YFSKns8T9p0xhF-1QDVPQUdolq3mm2J2WQ==
v2-main-top-w-standalone.E6A7081106C94CBC4C6E2EA19FA7633D.min.js
cdn3.rallybound.com/Content/js/
276 KB
276 KB
Script
General
Full URL
https://cdn3.rallybound.com/Content/js/v2-main-top-w-standalone.E6A7081106C94CBC4C6E2EA19FA7633D.min.js
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:b000:11:9f80:15c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9db93d306ed7a1c0b7c1657f0c98a374501ef4d520e5bda71724bcdb952b17ea

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Origin
https://give.cff.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 12:15:32 GMT
via
1.1 8c1abfbb8460bed752668233d296dba8.cloudfront.net (CloudFront)
last-modified
Thu, 09 May 2024 22:50:48 GMT
x-amz-cf-pop
MUC50-P1
age
1659365
etag
"2cefb65563a2da1:0"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
282172
x-amz-cf-id
NzrqFJUiAZ07m6udo5wyNDLnckArz0BfczpE6mKQYHbrLr1sYy4Edw==
api.js
www.google.com/recaptcha/
1 KB
969 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=explicit&onload=renderAllCaptchas
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
8d465fdfc926404589be856f6d5b8e30cc2df939d3dc6fa72289d0faca09611e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 05 Jun 2024 17:11:38 GMT
donation-reminder.4F61306811B9494558F4A6F06C674EFC.min.js
cdn3.rallybound.com/Content/js/
48 KB
49 KB
Script
General
Full URL
https://cdn3.rallybound.com/Content/js/donation-reminder.4F61306811B9494558F4A6F06C674EFC.min.js
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:b000:11:9f80:15c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2e23f6829451919d75ef0635c64550cfa9bb5e13c82f25d7b1ea11090324f3ef

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 18:57:14 GMT
via
1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
last-modified
Thu, 04 Apr 2024 06:16:06 GMT
x-amz-cf-pop
MUC50-P1
age
4832064
etag
"dfcc4f945786da1:0"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
49504
x-amz-cf-id
_h8DYHWcc9yNxoAfZgPYn4oPzg4QdlDS3QfcLhpF6EG7Z4OpbXopTA==
CFF_LogoR_RGB_sm3.png
cdn3.rallybound.com/content/images/img/28397/1158337/w0-h90-keep-height/
12 KB
12 KB
Image
General
Full URL
https://cdn3.rallybound.com/content/images/img/28397/1158337/w0-h90-keep-height/CFF_LogoR_RGB_sm3.png
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:b000:11:9f80:15c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
406d038976a29a1e43a411b27c0445c66b7beea50b7ee50d13749d31af2a2149

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 15:49:53 GMT
via
1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
last-modified
Wed, 01 May 2024 18:00:33 GMT
x-amz-cf-pop
MUC50-P1
age
696105
etag
"c2a64b76f19bda1:0"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
12095
x-amz-cf-id
Nn0Vj1RpUdiGFlKG3bnZH-VUU0bBTZ355KdLHmx1uKRXqAhvuMCCvQ==
991df6e0-d6d3-4ed6-98ab-ced93676d2c8.png
cdn3.rallybound.com/content/images/img/28397/1162406/w618-h270/
29 KB
29 KB
Image
General
Full URL
https://cdn3.rallybound.com/content/images/img/28397/1162406/w618-h270/991df6e0-d6d3-4ed6-98ab-ced93676d2c8.png
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:b000:11:9f80:15c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8f9d219fb7392bd5e4b3ccca65d37dd1a24cea8e9a4e469429c00152f4812d8a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 16:26:33 GMT
via
1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
last-modified
Tue, 21 May 2024 19:52:40 GMT
x-amz-cf-pop
MUC50-P1
age
521105
etag
"e292570b8abda1:0"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
29316
x-amz-cf-id
8Weh7RHb7lfpuqrwi3-D04udxJGJMOgH_6iBDePOdUr8OvNNbnyN7g==
collect
region1.google-analytics.com/g/
0
243 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-KYX847QR49&gtm=45je4630v9119014892za200&_p=1717607498394&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=539417062.1717607499&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717607498&sct=1&seg=0&dl=https%3A%2F%2Fgive.cff.org%2F65rosesclub%2Fdonate%3Frbref%3D65RD2403ch%26donate%3D35%26unitid%3DWisconsin&dt=Donate%20-%20Cystic%20Fibrosis%20Foundation&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36&ep.etype=STANDALONE&tfd=1031
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KYX847QR49&l=analyticsDataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 17:11:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://give.cff.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
auto-complete-pixabay.CBB7EBB166D6AB2D8D54EFC61E70C4A4.min.js
cdn3.rallybound.com/Content/js/
4 KB
4 KB
Script
General
Full URL
https://cdn3.rallybound.com/Content/js/auto-complete-pixabay.CBB7EBB166D6AB2D8D54EFC61E70C4A4.min.js
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:b000:11:9f80:15c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
32b3a9ad347203cff125001296cd6277daa9ee0515f5e05bd28453187e420277

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 08:46:31 GMT
via
1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
last-modified
Thu, 23 May 2024 04:12:13 GMT
x-amz-cf-pop
MUC50-P1
age
894307
etag
"edc3e563c7acda1:0"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
3833
x-amz-cf-id
VjkUjCHFxa0jj-IdQhOTevB_1O2Zui3weueScfrF0rUALTe0n_Ks7Q==
donate-v3-new.45CEFD1CD5C1219E4BBF8D143EB7083A.min.js
cdn3.rallybound.com/Content/js/
322 KB
322 KB
Script
General
Full URL
https://cdn3.rallybound.com/Content/js/donate-v3-new.45CEFD1CD5C1219E4BBF8D143EB7083A.min.js
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:b000:11:9f80:15c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4db20b8ce7630476a890b083372e7d3cb1434cd40e3562946f62a09c7c253e67

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 19:05:00 GMT
via
1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
last-modified
Thu, 04 Apr 2024 06:16:11 GMT
x-amz-cf-pop
MUC50-P1
age
4831598
etag
"c7aee6965786da1:0"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
329225
x-amz-cf-id
JTMBH-IPJuF2JK9AHgAB8cRAlKIzvT8qehcNmt64E7AJyO3s95gluw==
Gmail-logo-big.jpg
give.cff.org/Content/Global/img/
33 KB
34 KB
Image
General
Full URL
https://give.cff.org/Content/Global/img/Gmail-logo-big.jpg
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.216.29.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-216-29-73.compute-1.amazonaws.com
Software
/
Resource Hash
d16798afce9f21e80df5f3ff8a10b4583f07f89ff40b0a7aa8ab84893830c192

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 05 Jun 2024 17:11:38 GMT
last-modified
Wed, 17 Feb 2021 03:57:16 GMT
accept-ranges
bytes
etag
"b49c5cfbe04d71:0"
content-length
34151
content-type
image/jpeg
Yahoo-mail-big.jpg
give.cff.org/Content/Global/img/
43 KB
43 KB
Image
General
Full URL
https://give.cff.org/Content/Global/img/Yahoo-mail-big.jpg
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.216.29.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-216-29-73.compute-1.amazonaws.com
Software
/
Resource Hash
3abb062bf7d12bf56c5c136ea9c9d640ccc11f7a113e8c3091c18e9953493a7a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 05 Jun 2024 17:11:38 GMT
last-modified
Wed, 17 Feb 2021 03:57:16 GMT
accept-ranges
bytes
etag
"b49c5cfbe04d71:0"
content-length
43836
content-type
image/jpeg
AOL-logo-big.jpg
give.cff.org/Content/Global/img/
12 KB
13 KB
Image
General
Full URL
https://give.cff.org/Content/Global/img/AOL-logo-big.jpg
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.216.29.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-216-29-73.compute-1.amazonaws.com
Software
/
Resource Hash
6400897cd5da53a23bea537adad28096be10f73d24e8caf0b7d469555db4d525

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 05 Jun 2024 17:11:38 GMT
last-modified
Wed, 17 Feb 2021 03:57:16 GMT
accept-ranges
bytes
etag
"a17555fbe04d71:0"
content-length
12772
content-type
image/jpeg
siteseal_gd_3_h_l_m.gif
cdn3.rallybound.com/Content/Global/img/
17 KB
17 KB
Image
General
Full URL
https://cdn3.rallybound.com/Content/Global/img/siteseal_gd_3_h_l_m.gif
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:b000:11:9f80:15c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0201106038df301456922c2a5367249f9a0904ac57ff35f20641a2fe3ddc325c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 18:57:16 GMT
via
1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
last-modified
Wed, 17 Feb 2021 03:57:16 GMT
x-amz-cf-pop
MUC50-P1
age
4832062
etag
"418787fbe04d71:0"
x-cache
Hit from cloudfront
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
content-length
16946
x-amz-cf-id
iUGNZ08krZdyNXu8rPeR7weKwBE-pcFlz-10HF-0Xr4sIXaHRRjO0g==
on-dark.svg
cdn3.rallybound.com/content/fundraise/
21 KB
21 KB
Image
General
Full URL
https://cdn3.rallybound.com/content/fundraise/on-dark.svg
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:b000:11:9f80:15c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9db0d214e302091d8f91eeb2c8ce00c7e718941b3f9600a2b847104898f3c672

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 18:57:16 GMT
via
1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
last-modified
Wed, 17 Feb 2021 03:57:16 GMT
x-amz-cf-pop
MUC50-P1
age
4832062
etag
"f97717fbe04d71:0"
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
21339
x-amz-cf-id
W_L_cqcV1os1fO6fWvO-6QRw7LoUAQSmd_MBp1xdKZnhWboFq3_qBg==
main-btm-v2.B2AC4A51DC2B6170E7C9E987F1124B72.min.js
cdn3.rallybound.com/Content/js/
13 KB
13 KB
Script
General
Full URL
https://cdn3.rallybound.com/Content/js/main-btm-v2.B2AC4A51DC2B6170E7C9E987F1124B72.min.js
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:b000:11:9f80:15c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f697abfe44d3f76eafaad4c72104effb51d7d3e8108876f989bf4aeb973d1389

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Origin
https://give.cff.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 18:57:14 GMT
via
1.1 8c1abfbb8460bed752668233d296dba8.cloudfront.net (CloudFront)
last-modified
Wed, 03 Apr 2024 19:20:08 GMT
x-amz-cf-pop
MUC50-P1
age
4832064
etag
"145abef0fb85da1:0"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
13448
x-amz-cf-id
zrO_Qh3zqRswTmQkkMAT4YaxySPPVMD-WO2pjLprTIkoH-ry0uMEIQ==
spacer.png
give.cff.org/Content/Global/img/
184 B
343 B
Image
General
Full URL
https://give.cff.org/Content/Global/img/spacer.png
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.216.29.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-216-29-73.compute-1.amazonaws.com
Software
/
Resource Hash
767ede4ae50d636fb229ebc63fed6a93e12067c52434a37f55c3eb93caea4421

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 05 Jun 2024 17:11:38 GMT
last-modified
Wed, 17 Feb 2021 03:57:17 GMT
accept-ranges
bytes
etag
"7be989fbe04d71:0"
content-length
184
content-type
image/png
nav-bar-org.png
give.cff.org/Content/Global/img/
1 KB
2 KB
Image
General
Full URL
https://give.cff.org/Content/Global/img/nav-bar-org.png
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.216.29.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-216-29-73.compute-1.amazonaws.com
Software
/
Resource Hash
ad4269a4b821427897a9544eaa3a79d43ac5e29a26e3bffb26a403e160d9648c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 05 Jun 2024 17:11:38 GMT
last-modified
Wed, 17 Feb 2021 03:57:16 GMT
accept-ranges
bytes
etag
"bcfd7dfbe04d71:0"
content-length
1517
content-type
image/png
gtm.js
www.googletagmanager.com/
327 KB
107 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5LFK352
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5ffb6a75b9d0828021ac921c7e02c420e8dd3d26236ee2f439f4e3464c4496e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:11:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109192
x-xss-protection
0
last-modified
Wed, 05 Jun 2024 16:27:43 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 Jun 2024 17:11:38 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://give.cff.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 08:02:21 GMT
x-content-type-options
nosniff
age
119357
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 08:02:21 GMT
blackSelMod-w.png
cdn3.rallybound.com/Content/Global/img/
1023 B
1 KB
Image
General
Full URL
https://cdn3.rallybound.com/Content/Global/img/blackSelMod-w.png
Requested by
Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/css/28397.standalone-override.ABB715E262442CDA70FF9066DEB87D73.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:b000:11:9f80:15c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d645ed2e72da8bbed4824b0adc7214794f7c29fac2ede1728b56ae54eea61d3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cdn3.rallybound.com/Content/css/28397.standalone-override.ABB715E262442CDA70FF9066DEB87D73.min.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 19:13:02 GMT
via
1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
last-modified
Wed, 17 Feb 2021 03:57:16 GMT
x-amz-cf-pop
MUC50-P1
age
4831115
etag
"ccc363fbe04d71:0"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
1023
x-amz-cf-id
4gr5MNVgT5tkgbyMLL2doBlR5BxPZHktIW5IpQ5y76IIYJYeqFiHtg==
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://give.cff.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 08:26:26 GMT
x-content-type-options
nosniff
age
31512
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Jun 2025 08:26:26 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://give.cff.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:21:19 GMT
x-content-type-options
nosniff
age
96619
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:21:19 GMT
GetMatchedAmount
give.cff.org/65rosesclub/donate/
522 B
853 B
XHR
General
Full URL
https://give.cff.org/65rosesclub/donate/GetMatchedAmount
Requested by
Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/js/jquery-1.7.1.1C74CFE599A12FDF6817158BE44B4A39.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.216.29.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-216-29-73.compute-1.amazonaws.com
Software
/
Resource Hash
3fda0eb83eea5bc4287cf8a530724dfdd503a38906e0b35ad137910e3f868f49
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' admin.rallybound.com cff.org *.cff.org; report-uri https://rest.rallybound.com/api/cspreport;
Strict-Transport-Security max-age=15552000;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
*/*
Referer
https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 17:11:38 GMT
content-security-policy
frame-ancestors 'self' admin.rallybound.com cff.org *.cff.org; report-uri https://rest.rallybound.com/api/cspreport;
strict-transport-security
max-age=15552000;
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store
content-length
522
expires
-1
blue-cstm.png
cdn3.rallybound.com/Content/Global/vendor/icheck/skins/minimal/
2 KB
2 KB
Image
General
Full URL
https://cdn3.rallybound.com/Content/Global/vendor/icheck/skins/minimal/blue-cstm.png
Requested by
Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/css/28397.standalone-override.ABB715E262442CDA70FF9066DEB87D73.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:b000:11:9f80:15c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e98d83a980cf0254bc5414ba21000bc3f0ad82260054125cd887ad51b6a10489

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cdn3.rallybound.com/Content/css/28397.standalone-override.ABB715E262442CDA70FF9066DEB87D73.min.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 02:46:56 GMT
via
1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
last-modified
Wed, 17 Feb 2021 03:57:17 GMT
x-amz-cf-pop
MUC50-P1
age
1693482
etag
"34e8a8fbe04d71:0"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
2036
x-amz-cf-id
QhMr_Ul8ys3q2CxHia-zQcgmMY8jCI5psc4ogLogt6p2Ud197s18HQ==
Root
payments.rallybound.com/iframe/ Frame 7044
0
0
Document
General
Full URL
https://payments.rallybound.com/iframe/Root?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm2001539560&rb-jsVersion=3
Requested by
Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/js/v2-main-top-w-standalone.E6A7081106C94CBC4C6E2EA19FA7633D.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.225.54.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-54-204.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; report=https://rest.rallybound.com/api/cspreport

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://give.cff.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
content-type
text/html; charset=utf-8
date
Wed, 05 Jun 2024 17:11:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
1; report=https://rest.rallybound.com/api/cspreport
/
graph.facebook.com/v3.2/
283 B
357 B
Script
General
Full URL
https://graph.facebook.com/v3.2/?id=https://give.cff.org/65rosesclub&fields=engagement&access_token=231770446863414%7C5So8vlk56QRtuBJ0M9YI-_i7qWQ&callback=jQuery17108397697816389145_1717607498553&_=1717607498642
Requested by
Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/js/jquery-1.7.1.1C74CFE599A12FDF6817158BE44B4A39.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.10 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-shv-01-fra3.facebook.com
Software
/
Resource Hash
af52aedd1263ca9ef44dacdbe45a8863ad3b724a7f98d159b3e60fb1aaa98d0c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
zstd
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#613) Calls to graph_url_engagement_count have exceeded the rate of 10 calls per 3600 seconds."
date
Wed, 05 Jun 2024 17:11:38 GMT
x-app-usage
{"call_count":0,"total_cputime":0,"total_time":0}
x-ad-api-version-warning
The call has been auto-upgraded to v14.0 as v3.2 has been deprecated.
cross-origin-resource-policy
cross-origin
x-fb-rev
1013991265
alt-svc
h3=":443"; ma=86400
content-length
233
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4361, tp=10, tpl=0, uplat=121, ullat=0
pragma
no-cache
x-fb-debug
5P2BOHt0jhvx+JWQfMA/Reht5IfBh7f78MoUSt6vKuFh3eElm91HdPE5szFCpzKMHfqJ40i8D+grT56wWhR3iw==
x-fb-trace-id
CY/qrUgoaV4
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
AvLZNUjN_2AgfJF2MHO4l4p
cache-control
no-store
facebook-api-version
v14.0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
recent-donations-CMSLHglt.js
give.cff.org/Content/Global/js/modules/assets/
13 KB
4 KB
Script
General
Full URL
https://give.cff.org/Content/Global/js/modules/assets/recent-donations-CMSLHglt.js
Requested by
Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/js/v2-main-top-w-standalone.E6A7081106C94CBC4C6E2EA19FA7633D.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.216.29.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-216-29-73.compute-1.amazonaws.com
Software
/
Resource Hash
5aeaf166e90f4e0fe14db1e92734ed11e967c31c0479b7cab938dad0143288d2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Origin
https://give.cff.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:11:38 GMT
content-encoding
gzip
last-modified
Thu, 23 May 2024 03:59:01 GMT
etag
"80f0828bc5acda1:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
4353
sdk.js
connect.facebook.net/en_US/
3 KB
4 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3fd0694714932a51647d32cf08eb8444ac45f30b7385b6bf527f03f016ad2911
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 05 Jun 2024 17:11:38 GMT
content-md5
HfrUg1qhw9ByEs22kxkkwA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1297, tbw=2810, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
/wUKmdDyuSYJZQ7vDb7758QDx1FCEqtAWTEE/83vQZEZGRKSwVsf1Y27u+HuMRwKkHb6KPiq4xCpcGVYZmmRzw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
b3e9caa940850795b2c08155e10e2b90
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"6272c688a51ca2a2a1db5df310f9f0a9"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Wed, 05 Jun 2024 17:20:09 GMT
icomoon-alldash.ttf
give.cff.org/Content/Global/fonts/
15 KB
15 KB
Font
General
Full URL
https://give.cff.org/Content/Global/fonts/icomoon-alldash.ttf?-uvcgatt
Requested by
Host: give.cff.org
URL: https://give.cff.org/Content/Global/css/alldash-fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.216.29.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-216-29-73.compute-1.amazonaws.com
Software
/
Resource Hash
80f33eedf939e9024713705b0cb1ca111157591373faa0ef2ff5e8b6cd775277

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/Content/Global/css/alldash-fonts.css
Origin
https://give.cff.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 05 Jun 2024 17:11:38 GMT
last-modified
Wed, 17 Feb 2021 03:57:16 GMT
accept-ranges
bytes
etag
"6d4e4efbe04d71:0"
content-length
15644
content-type
application/octet-stream
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/
22 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://give.cff.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:22:37 GMT
x-content-type-options
nosniff
age
96541
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22504
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:12:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:22:37 GMT
RallyBound-IconFont.woff2
cdn3.rallybound.com/Content/Global/fonts/
9 KB
10 KB
Font
General
Full URL
https://cdn3.rallybound.com/Content/Global/fonts/RallyBound-IconFont.woff2?jh5u39
Requested by
Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/css/28397.standalone-override.ABB715E262442CDA70FF9066DEB87D73.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:b000:11:9f80:15c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8e78975558e2e47f28e6633039141c6c1295fa0fceb4e709fc3c68de875e0bd4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cdn3.rallybound.com/Content/css/28397.standalone-override.ABB715E262442CDA70FF9066DEB87D73.min.css
Origin
https://give.cff.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 18:57:15 GMT
via
1.1 8c1abfbb8460bed752668233d296dba8.cloudfront.net (CloudFront)
last-modified
Wed, 17 Feb 2021 03:57:16 GMT
x-amz-cf-pop
MUC50-P1
age
4832063
etag
"e4eb4bfbe04d71:0"
x-cache
Hit from cloudfront
content-type
application/font-woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
9716
x-amz-cf-id
NyaKgOX9pDid4lrGKkVtVcqrnp-I4CjreaCsQR2UoQE4b7Y3M1wUkw==
recaptcha__de.js
www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/
528 KB
210 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&onload=renderAllCaptchas
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
772ba4e7c02a03b95bd8fef71e44798097c7c37dc97d513843dceee897354738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Origin
https://give.cff.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 07:26:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35117
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
214205
x-xss-protection
0
last-modified
Mon, 27 May 2024 02:00:43 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 05 Jun 2025 07:26:21 GMT
mobile-detect.js
give.cff.org/Content/Global/js/
73 KB
22 KB
Script
General
Full URL
https://give.cff.org/Content/Global/js/mobile-detect.js
Requested by
Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/js/v2-main-top-w-standalone.E6A7081106C94CBC4C6E2EA19FA7633D.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.216.29.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-216-29-73.compute-1.amazonaws.com
Software
/
Resource Hash
85926acd66622d5a7ead093a3910facfe721a772b5f855b22c25e639e90ede05

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:11:38 GMT
content-encoding
gzip
last-modified
Wed, 17 Feb 2021 03:57:17 GMT
etag
"808c89fbe04d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
22767
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LFK352
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdfea52427fb822bebdd32b325768e73b40637bd203c100827d4dece88e431c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 17:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
YmFgVUTeB0lXZXM9YgX19A==
age
73900
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6882
x-ms-lease-status
unlocked
last-modified
Tue, 04 Jun 2024 16:08:05 GMT
server
cloudflare
etag
0x8DC84B084AB1D41
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f596fbec-e01e-004e-3c99-b6848c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88f1c8732fc59a15-FRA
expires
Wed, 05 Jun 2024 20:39:58 GMT
sdk.js
connect.facebook.net/en_US/
305 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=cd018dc786bbc36a2a8c26ba39e8744d
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
c579257ee6d41e9d647185b2115c362600704d9d2fbe56f8b5e781a594a038ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Origin
https://give.cff.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 05 Jun 2024 17:11:38 GMT
content-md5
V0kgTCDNG6/RyRuUrENsCQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
89055
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=23, mss=1232, tbw=4299, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug
IpN04/dsvnD1EXT6qo/EJ1OKiYqFo/91PUVnmQ7oHMUJHNux/k7ve1E9Go84aT4m1YtxGvzOPgjfE20yMgBg9Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
447dc135392ff5f884dceadf026961ef
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"7899039917421a41b927d7c15b6438c5"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Thu, 05 Jun 2025 16:48:34 GMT
anchor
www.google.com/recaptcha/api2/ Frame E305
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeyosgUAAAAAK6tAS0BOKqSTbWkAYwuL98JvcVE&co=aHR0cHM6Ly9naXZlLmNmZi5vcmc6NDQz&hl=de&v=DH3nyJMamEclyfe-nztbfV8S&size=invisible&cb=yb339ax2u237
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bpylRpW-Fpd53K0wKYRBwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://give.cff.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-bpylRpW-Fpd53K0wKYRBwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 05 Jun 2024 17:11:38 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
prototypes-DcS77jim.js
give.cff.org/Content/Global/js/modules/assets/
80 KB
32 KB
Script
General
Full URL
https://give.cff.org/Content/Global/js/modules/assets/prototypes-DcS77jim.js
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.216.29.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-216-29-73.compute-1.amazonaws.com
Software
/
Resource Hash
f68b749484c48ebbcab5a2f31424b2b32ad59b4a847aa25de0e0cab79bc693ec

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/Content/Global/js/modules/assets/recent-donations-CMSLHglt.js
Origin
https://give.cff.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:11:38 GMT
content-encoding
gzip
last-modified
Thu, 23 May 2024 03:59:01 GMT
etag
"80f0828bc5acda1:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
32354
vue-transitions-BWKkW7Py.js
give.cff.org/Content/Global/js/modules/assets/
8 KB
2 KB
Script
General
Full URL
https://give.cff.org/Content/Global/js/modules/assets/vue-transitions-BWKkW7Py.js
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.216.29.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-216-29-73.compute-1.amazonaws.com
Software
/
Resource Hash
998419c802568654e2ab5ab7246d370b72edfa5472d1e67e837276501a14243f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/Content/Global/js/modules/assets/recent-donations-CMSLHglt.js
Origin
https://give.cff.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:11:38 GMT
content-encoding
gzip
last-modified
Thu, 23 May 2024 03:59:01 GMT
etag
"80f0828bc5acda1:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
2274
filters-C6MSK0wS.js
give.cff.org/Content/Global/js/modules/assets/
840 B
1009 B
Script
General
Full URL
https://give.cff.org/Content/Global/js/modules/assets/filters-C6MSK0wS.js
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.216.29.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-216-29-73.compute-1.amazonaws.com
Software
/
Resource Hash
b90c8100617a4d62409227dc1075dfca29c35bca62fda557a4761a53e4d5f8dd

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/Content/Global/js/modules/assets/recent-donations-CMSLHglt.js
Origin
https://give.cff.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 05 Jun 2024 17:11:38 GMT
last-modified
Wed, 14 Feb 2024 14:27:01 GMT
accept-ranges
bytes
etag
"7cce31e0515fda1:0"
content-length
840
content-type
application/javascript
f5e201f5-f45a-4b6c-ba10-3dcaf4370f5b.json
cdn.cookielaw.org/consent/f5e201f5-f45a-4b6c-ba10-3dcaf4370f5b/
4 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/f5e201f5-f45a-4b6c-ba10-3dcaf4370f5b/f5e201f5-f45a-4b6c-ba10-3dcaf4370f5b.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
924164d62c29b38ead58d696b8b64479d5b565b5457c299da564bcaa355493d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 17:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
22212
content-md5
xSb2I47736iMkmLpqgAgeA==
content-length
1497
x-ms-lease-status
unlocked
last-modified
Wed, 24 Jan 2024 22:11:33 GMT
server
cloudflare
etag
0x8DC1D296CA4C3D0
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a453e9e8-e01e-007a-2c44-7c24c3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88f1c8738f15973e-FRA
expires
Thu, 06 Jun 2024 17:11:38 GMT
recurring.svg
cdn3.rallybound.com/Content/Global/img/
1 KB
2 KB
Image
General
Full URL
https://cdn3.rallybound.com/Content/Global/img/recurring.svg
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:b000:11:9f80:15c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b24cf0a7149a7ec7f9042aa9754b12bb25f3af5b6fe919c534cc41b76d9bcdd0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 12:36:03 GMT
via
1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
last-modified
Sun, 19 Jun 2022 05:13:43 GMT
x-amz-cf-pop
MUC50-P1
age
16535
etag
"30ffb1589b83d81:0"
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
1267
x-amz-cf-id
uNg3lt45mZwrqmot9Mjl4w4rvBjEIwGSiU-wiyzXuLeHFHlt24NfuA==
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
68 B
306 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
accept
application/json
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:11:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
88f1c87419206ae9-FRA
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202401.1.0/
429 KB
104 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
830965de01c4d254283a843311adcc3301522d2d60f6289c05b2dee015d3dacb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 17:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
g8NxcYp0IaoBIOhpMNVD1w==
age
81503
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
106568
x-ms-lease-status
unlocked
last-modified
Thu, 07 Mar 2024 09:27:22 GMT
server
cloudflare
etag
0x8DC3E88CB118B87
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1933329b-701e-0025-1157-7990ff000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88f1c87459609a15-FRA
en.json
cdn.cookielaw.org/consent/f5e201f5-f45a-4b6c-ba10-3dcaf4370f5b/0e75aa2b-2689-4753-8062-83cdcaa146f8/
68 KB
18 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/f5e201f5-f45a-4b6c-ba10-3dcaf4370f5b/0e75aa2b-2689-4753-8062-83cdcaa146f8/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f282944a8ceb6951f538aef2365f6a85b9e793c3e04b47e12b0f2abf2196aca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 17:11:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
22213
content-md5
KI1aCJfpiXLN7M3ifnhvQw==
content-length
17873
x-ms-lease-status
unlocked
last-modified
Wed, 24 Jan 2024 22:11:39 GMT
server
cloudflare
etag
0x8DC1D29704A381A
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
18c1cdf3-d01e-0085-442c-61145e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88f1c874b928973e-FRA
expires
Thu, 06 Jun 2024 17:11:39 GMT
js
www.googletagmanager.com/gtag/
284 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-E51GG2CTD7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LFK352
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d5dcf75938d0384052cdd42d332a47a7e3916000b6bb648db07d596223bec137
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:11:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100329
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 05 Jun 2024 17:11:39 GMT
web-vitals.iife.js
unpkg.com/web-vitals@4.0.1/dist/
Redirect Chain
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js
  • https://unpkg.com/web-vitals@4.0.1/dist/web-vitals.iife.js
7 KB
3 KB
Script
General
Full URL
https://unpkg.com/web-vitals@4.0.1/dist/web-vitals.iife.js
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Server
2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ca9f20823ffa1266144cc2c6af10f9fe097305ace8fb845dd48ee045e81b235
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://give.cff.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Wed, 05 Jun 2024 17:11:39 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1258598
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HYF5VPDKPYRHZPPXH9ETFVX2-fra
server
cloudflare
etag
"1be8-Asejo4oSGPcpOI3xecqzNKSnPdQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
88f1c8761b40a03d-FRA

Redirect headers

date
Wed, 05 Jun 2024 17:11:39 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
fly-request-id
01HZMNTX1GGDRMX8X0SEQ9825N-fra
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
332
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/web-vitals@4.0.1/dist/web-vitals.iife.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
88f1c875ba82a03d-FRA
otFlat.json
cdn.cookielaw.org/scripttemplates/202401.1.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202401.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 17:11:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
cY5y5oOgkrkmN13/L7bZ7g==
age
22212
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3017
x-ms-lease-status
unlocked
last-modified
Thu, 07 Mar 2024 09:27:16 GMT
server
cloudflare
etag
0x8DC3E88C74EAA0F
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
e36c273d-f01e-0082-0958-79783d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88f1c8759ac5973e-FRA
otPcTab.json
cdn.cookielaw.org/scripttemplates/202401.1.0/assets/v2/
63 KB
13 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202401.1.0/assets/v2/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d18f313f2489ed91cd15cf94a1e5668b8b0da8318f593d980228000a1757702f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 17:11:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
YtaXBixFyq2CwF1kGBMxUw==
age
22212
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
13587
x-ms-lease-status
unlocked
last-modified
Thu, 07 Mar 2024 09:27:18 GMT
server
cloudflare
etag
0x8DC3E88C8D22A3A
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
62bb6ebc-b01e-0083-266a-7927e1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88f1c8759acf973e-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202401.1.0/assets/
21 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202401.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 17:11:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
age
22212
x-ms-lease-status
unlocked
last-modified
Thu, 07 Mar 2024 09:27:27 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
45c20f1c-f01e-001e-5dda-9b9b84000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
88f1c8759ad5973e-FRA
ot_close.svg
cdn.cookielaw.org/logos/static/
651 B
622 B
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_close.svg
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 17:11:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
pcXWFGpuVeSg/jVnYCseRg==
age
5842
x-ms-lease-status
unlocked
last-modified
Wed, 05 Jun 2024 01:37:09 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
3d1dba75-a01e-006b-18f7-b61c3f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
88f1c875db639a15-FRA
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/
497 B
489 B
Fetch
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 17:11:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
22212
x-ms-lease-status
unlocked
last-modified
Tue, 04 Jun 2024 02:37:09 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
9c305795-101e-0050-6c7d-b65e61000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
88f1c875eb68973e-FRA
ot_company_logo.png
cdn.cookielaw.org/logos/static/
4 KB
4 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_company_logo.png
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 17:11:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
E8+sk/ECzKgTUVtDLikiIA==
age
5842
content-length
4036
x-ms-lease-status
unlocked
last-modified
Tue, 04 Jun 2024 16:08:07 GMT
server
cloudflare
etag
0x8DC84B085DDF0C2
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
d82fec10-501e-007e-14d2-b6dea6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88f1c8761b979a15-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/
5 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: give.cff.org
URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Jun 2024 17:11:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
60803
x-ms-lease-status
unlocked
last-modified
Tue, 04 Jun 2024 16:08:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
60e484fb-501e-0075-31b2-b6c6d2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
88f1c8761b999a15-FRA
logo_48.png
www.gstatic.com/recaptcha/api2/
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/css/28397.standalone-override.ABB715E262442CDA70FF9066DEB87D73.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s11-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cdn3.rallybound.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:25:00 GMT
x-content-type-options
nosniff
age
96399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 11 Jun 2024 14:25:00 GMT
collect
region1.google-analytics.com/g/
0
45 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-E51GG2CTD7&gtm=45je4630v9104076530z89103836119za200zb9103836119&_p=1717607498571&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=539417062.1717607499&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717607499&sct=1&seg=0&dl=https%3A%2F%2Fgive.cff.org%2F65rosesclub%2Fdonate%3Frbref%3D65RD2403ch%26donate%3D35%26unitid%3DWisconsin&dt=Donate%20-%20Cystic%20Fibrosis%20Foundation&en=page_view&_fv=1&_ss=1&tfd=1761
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E51GG2CTD7&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 17:11:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://give.cff.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
CardNumber
payments.rallybound.com/iframe/ Frame 6616
0
0
Document
General
Full URL
https://payments.rallybound.com/iframe/CardNumber?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm2001539560&rb-jsVersion=3&rb-placeholder=Card%20Number&rb-class=newFormInput%20&rb-showissuer=1
Requested by
Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/js/jquery-1.7.1.1C74CFE599A12FDF6817158BE44B4A39.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.225.54.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-54-204.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; report=https://rest.rallybound.com/api/cspreport

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://give.cff.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
content-type
text/html; charset=utf-8
date
Wed, 05 Jun 2024 17:11:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
1; report=https://rest.rallybound.com/api/cspreport
CardMonth
payments.rallybound.com/iframe/ Frame 43D0
0
0
Document
General
Full URL
https://payments.rallybound.com/iframe/CardMonth?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm2001539560&rb-jsVersion=3&rb-placeholder=MM&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=12
Requested by
Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/js/jquery-1.7.1.1C74CFE599A12FDF6817158BE44B4A39.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.225.54.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-54-204.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; report=https://rest.rallybound.com/api/cspreport

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://give.cff.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
content-type
text/html; charset=utf-8
date
Wed, 05 Jun 2024 17:11:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
1; report=https://rest.rallybound.com/api/cspreport
CardYear
payments.rallybound.com/iframe/ Frame 455E
0
0
Document
General
Full URL
https://payments.rallybound.com/iframe/CardYear?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm2001539560&rb-jsVersion=3&rb-placeholder=YYYY&rb-class=newFormInput%20fancyArrow%20&rb-dropdown=10
Requested by
Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/js/jquery-1.7.1.1C74CFE599A12FDF6817158BE44B4A39.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.225.54.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-54-204.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; report=https://rest.rallybound.com/api/cspreport

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://give.cff.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
content-type
text/html; charset=utf-8
date
Wed, 05 Jun 2024 17:11:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
1; report=https://rest.rallybound.com/api/cspreport
CardCvv
payments.rallybound.com/iframe/ Frame 6CE5
0
0
Document
General
Full URL
https://payments.rallybound.com/iframe/CardCvv?rb-url=https%3A%2F%2Fgive.cff.org&rb-pageSource=newForm2001539560&rb-jsVersion=3&rb-placeholder=CVV&rb-class=newFormInput%20
Requested by
Host: cdn3.rallybound.com
URL: https://cdn3.rallybound.com/Content/js/jquery-1.7.1.1C74CFE599A12FDF6817158BE44B4A39.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.225.54.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-54-204.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; report=https://rest.rallybound.com/api/cspreport

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://give.cff.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
report-uri https://rest.rallybound.com/api/cspreport; frame-ancestors https:;
content-type
text/html; charset=utf-8
date
Wed, 05 Jun 2024 17:11:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
1; report=https://rest.rallybound.com/api/cspreport
favicon.ico
give.cff.org/Content/Events/CFF/AnnualFundAndTribute/img/
5 KB
5 KB
Other
General
Full URL
https://give.cff.org/Content/Events/CFF/AnnualFundAndTribute/img/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.216.29.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-216-29-73.compute-1.amazonaws.com
Software
/
Resource Hash
bf5f91c0a6ed32adaeca3c3268723e9ad79fd688c26e129fe7bc52488b98b5d1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:11:39 GMT
last-modified
Tue, 05 Jan 2021 06:54:33 GMT
accept-ranges
bytes
etag
"465d39f2fe3d61:0"
content-length
4822
content-type
image/x-icon
favicon.ico
give.cff.org/Content/Events/CFF/AnnualFundAndTribute/img/
5 KB
0
Other
General
Full URL
https://give.cff.org/Content/Events/CFF/AnnualFundAndTribute/img/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.216.29.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-216-29-73.compute-1.amazonaws.com
Software
/
Resource Hash
bf5f91c0a6ed32adaeca3c3268723e9ad79fd688c26e129fe7bc52488b98b5d1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:11:39 GMT
last-modified
Tue, 05 Jan 2021 06:54:33 GMT
accept-ranges
bytes
etag
"465d39f2fe3d61:0"
content-length
4822
content-type
image/x-icon
collect
region1.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-KYX847QR49&gtm=45je4630v9119014892za200&_p=1717607498394&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=539417062.1717607499&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1717607498&sct=1&seg=0&dl=https%3A%2F%2Fgive.cff.org%2F65rosesclub%2Fdonate%3Frbref%3D65RD2403ch%26donate%3D35%26unitid%3DWisconsin&dt=Donate%20-%20Cystic%20Fibrosis%20Foundation&en=donation_page_loaded&_ee=1&ep.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36&ep.etype=STANDALONE&ep.donation_page_type=Flat%20Standalone%20Donation&_et=79&tfd=6112
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KYX847QR49&l=analyticsDataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.36 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://give.cff.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 17:11:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://give.cff.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

502 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 function| gtag_rb object| parameters string| gaqA object| analyticsDataLayer object| dataLayer object| google_tag_manager object| google_tag_data object| gaGlobal function| $ function| jQuery function| DP_jQuery_1717607498556 object| jsTerms function| MobileDetect boolean| isUsingTouch string| eventFolder string| templateFolder string| eventPath string| memberAdjTitle string| memberAdj string| teamAdj string| teamAdjTitle string| captainNoun string| captainNounTitle string| currentUserAccountEmail undefined| pageMemberId string| urlSwitchAccount string| urlSendVerifyFundraiserEmail string| urlSendVerifyAccountEmail string| cookieLocationDomain string| cookieLocationPath string| rbSiteLang string| currentLanguage string| urlGetInclude boolean| adminAsUser boolean| isUatPreview string| pageMemberUserName string| iframeSrc string| paymentIframeJsVersion string| iframeStripeKey object| stripeProcessors boolean| isHomePage string| facebookLocale object| rbProtocols object| myCurrencyInfo function| rbLoadScript object| onFbLoadCallbacks boolean| rbFbLoaded function| rbEnsureFbLoaded function| runOnFbLoadCallbacks function| getAnalyticsData string| googleApiKey undefined| newValue boolean| captchaV3On function| rewritePaymentErrors function| isScriptLoaded function| getJsonOrString function| ajaxError function| trackJsError function| ajaxLoadError function| getCkeditorDataLocal function| jsTranslate function| htmlAttributeSafe object| rbLoadedScriptTypes function| isReadOnlyMode function| reEnableActionInReadOnlyMode function| showErrors function| setErrorsDiv function| showErrors2 function| rbSetCookieGlobalOnLocation function| rbSetCookieGlobal function| createAndRetrunGuid function| numberWithCommas function| isTextSelected function| ensureDateIsNumberAndAddSlashes function| globalScrollTo function| ensureFirstErrorInViewport function| switchAccount function| setLanguage function| getNamesFromSingleName function| arrayToDelimitedString function| debounce function| IsNumeric function| updateUsername function| onBeforePopClose function| clearBeforePopClose function| onPopClose function| clearPopClose function| closePop function| showPop function| sizePop function| createPop function| createPopAndShow function| setupGenericPopResizeObserver function| resizeGenericPop function| overlayOnPopOn function| overlayOnPopOff function| openPageInLightbox function| vGoRound function| vRotateRound function| vRotateRoundDo function| intiVerticalSlides function| removeDefault function| showDefault function| faqAttachClick function| faqShowHide function| rbParseQueryStrAndApplyToObj function| doGodaddyCstmVerify function| doMeterAnimate function| formatNumberForMeter function| doMeterTextPlacement function| doMeterLeftTextPlacement function| doMeterRightTextPlacement function| getProgressTextContainerFutureWidth function| resendVerifyEmail function| sendVerifyAccountEmail function| sendVerifyEmailDo function| iAmUsingTouch function| multiCurrencyChangedMain function| multiCurrencyChangedDonate function| multiCurrencySetFlagPos function| rbCreateBtnLoader function| rbCreateLoader function| rbRemoveLoader function| getPixelLengthFromstring function| getTextFromHtmlString function| getTextNodesIn function| loadIncludeFile function| ApplePayCheck function| EmbedIframeHandler function| PaymentIframeController function| iframeLoadCheck function| iframeNotLoaded function| displayUnsupportedBrowserMessage function| PostMessageResponder function| setupTabs function| setupPaneToggle function| scrollToBottom function| animateToNumber function| providerSupportsChat function| getLivestreamPreview function| signInWithFbWhitelisted function| tryParseFbResponseAndLogin function| getFbInfo function| verifyRequiredScopes function| makeIframesResponsive object| genericPopResizeObserver undefined| vInterval number| vRotateRoundDoNumFromEndToRestart object| vSlidesLsts object| qsParm string| query function| multiCurrencyChanged string| refreshThisTop object| rbIframeController object| slctLsts object| radioLsts object| setTabbingForElms object| socialIntegrationManager object| Processors object| ProcessorIds object| processorIdToName object| tokenChargeTypes object| defaultIframeAttributes string| iframeController object| messageTypes function| renderAllCaptchas function| RbCaptcha object| RecaptchaTypes object| windowCaptchas boolean| captchaLoaded function| MSDList object| theseFunctions string| refreshThisMd5 function| rbLoadScriptIfNotLoaded object| rbGoogleMapJsCallbacks boolean| rbGoogleMapJsInitialized boolean| rbGoogleMapJsCompleted function| rbGoogleMapJsCallbacksDo function| rbLoadGoogleMapJs object| PFR object| emailValidationRegex object| jQuery17108397697816389145 boolean| hasPopupToResize function| Autolinker boolean| suggestmeyes_loaded function| Dropzone object| cropit boolean| isStandaloneFullTemplate function| setCffChapter function| DonationReminderLocal function| DonationReminderDonationPage function| donationReminderDonated boolean| isDonationPage boolean| hasDonationsOnTicketsEnabled boolean| isOmniDonation object| ticketsCoupon string| ticketCouponUrl string| defaultCurrency boolean| hasMultiCurrencyFlag boolean| presentSingleCurrency boolean| dontChangeDonationButtonAmounts object| donateCustomTerms boolean| dontUseLoggedInUser boolean| userIsLoggedIn object| existingAddresses boolean| storedPaymentMethodSelected object| pageEventActivePaymentMethods object| activePaymentMethods object| formLocation1FieldValidators string| cardInformationTitle string| bankInformationTitle string| cardNamePlaceholder string| bankNamePlaceholder boolean| hasNewProccesingFeeCalc string| processorHash number| processorTypeId boolean| processorRequires3ds string| pageType boolean| isNewform boolean| hasTributeEnabled boolean| hasNotifyMail boolean| hasNotifyEMail boolean| alwaysShowAddress object| storedPaymentMethods string| amountString string| amountStringForNonMatchers string| amountStringForMatchers number| matchersFactor string| currencyKey string| donateAddCardOption string| donateBtnText string| inputEffective string| pluginEffectiveText object| taxReceiptSettings object| DonationType number| donateToType number| pageEventId number| customFieldAjaxCount number| donateToEventId number| donateToTeamEventId number| donateToMemberEventId number| donateToMemberId string| donateToMemberName number| donateToMemberGoalId number| donateToTeamId string| donateToTeamName number| donateToTeamGoalId number| donateToGoalId number| donationMinAmount undefined| donationMaxAmount number| donationAchMaxAmount boolean| dontAddDonateBillingValidators string| getMatchedAmountUrl boolean| fundraisingSurgeFunctional function| positionErrors function| undoSlctBtn function| updateCustomDonationFields function| omniSwitchPaymentDetails function| omniAndPlatformChangesDo function| getMatchedAmount undefined| currentMatcherInfoGoalId string| currentMatcherInfoAmount object| currentGetMatchedAmountRequest function| getMatcherInfo function| hideShowMatcherBasedOnGoal function| hideShowPaymentButton object| recurringPeriods object| formLocation1Fields object| formLocation200FieldValidators object| formLocation200Fields boolean| expandTributeByDefault boolean| expandNotificationByDefault boolean| expandEmailByDefault boolean| expandMailByDefault function| showNotificationSection function| hideNotificationSection function| showEmailSection function| hideEmailSection function| showMailSection function| hideMailSection function| prepEcardForSend number| amplyOrgId object| amplyChoices undefined| amplyXhr function| amplyArrayColumn function| bankAccountToggle function| cardOrAccountNameErrorMessage function| getExtraDonationFormFields function| countyChange function| resizeDonateBtns boolean| noCcEnabled boolean| addressFeildsExist function| isNewAddress function| isNewPhone boolean| validateGoalHasError function| validateDonateToMember function| validateDonateToTeam string| donateSubmitUrl string| donateThanksUrl boolean| isStandalone boolean| isEmbed boolean| isTicketsPage boolean| phoneOnBillingRequired string| donateUpdateMainCurrency string| uploadImageSimple string| donationMinAmountValidationMsg boolean| isPlugin boolean| isExternalPlugin boolean| isFixedHeightEmbed boolean| isNarrow function| getHtmlEncoded function| setAdditionalDonateData function| addRecurringData function| doSubmitDonationForm function| doSubmitDonationFormFailFunc function| processRetoken function| getSendDonationBtnIfSendDonationHidden function| submitDonateForm function| selectProcessor function| getProcessorInfoAndSubmit function| donationFailed function| checkTryGoToErrorSlide function| collectDataForPayPal function| getNames function| donationFormSubmitted function| donationFormInvalid function| paymentComplete function| paymentCompleteThanks function| addCosts function| getIncludedFees function| updatePDFConditionals function| togglePDFConditionals function| checkDonaitonAmountUpdated function| validatersPreCondition function| validatersBillingPreCondition function| isNewAddressUS function| updateMainCurrencyAmount function| multiCurrencyChangedDonateAdditional function| recurringSplitCalc function| getTicketsSortedById function| calculateAndGetDiscountedAmountAndLineTotal function| updateOnTotalChange function| addDonationToTotal function| updateFeesAmount function| updateLineTotal function| toggleShowActivePaymentMethods function| removeTicketsCoupon function| applyTicketsCoupon function| getFirstDigitFromCardType function| setApplePayData function| addMultiSelectToRenderedForm function| initMultiSelectListeners function| validateTickets function| ValidateSingleTicket function| formLocation1Validate function| formLocation200Validate function| getDonationAmountOnTicketPage function| sumAndValidateTickets function| collectDataForTickets function| rbOnApplePayInitialize function| rbApplePayManager function| getApplePayTotal function| submitMobilePayWithCaptcha boolean| finalDoSubmitDone undefined| currencyKeyHash boolean| isFreeWithAddress undefined| paypalID undefined| paypalGuid string| lastDonationAmountNumber object| $multiCurrencySelect number| willRunCurrencyUpdate object| $donationAmountNumberEl function| donationMinAmountValidationMsgLocal object| donateFormValidators object| payPalValidators function| setSavedPaymetMethod function| setNewPaymentMethodOnPlugin function| getDonationButtonText function| toggleAdditionalItemsForMatchers function| doUpdateAmountsText function| toggleActivePaymentMethods function| setVisiblePaymentButtons function| updateRecurringOptions function| getRecurringInfo function| getDonationRecur function| validateTributeAddressPreCondition function| isTributeNewAddressUS function| previousStep function| nextStep function| afterAnimateFunc function| Step function| goToPluginStep function| goToErroredSlide function| hideOrShowIconInDonateButton function| setTabbingLocal function| autoTab function| updatedAmount function| collectTributeInformation function| togglePaymentButton function| handleFrameFormChanges function| setDonationIframe function| toggleActiveState function| requestReEnterPaymentMethod object| $amountOnButtonCon object| pagesIframes undefined| neededHeight boolean| animatingStep object| $allInpts object| donateStep1Validators object| donateStep2Validators object| donateStep3Validators object| pluginValidationMap object| billingValidationIds number| pluginCurrentStep function| moment boolean| formSubmitted function| postDonationFunc number| matchedAmount function| initPayPal boolean| donationIframeHasLoaded function| loadDonationIframes function| initDonationIframe string| donationCaptchaPopupUrl object| donationCaptchaSettings object| donationCaptcha function| openEmailOrPop function| getEmailClient function| getFinalURlToShare function| getFinalURlToShareFb function| openTwit function| openfb function| openLi boolean| runRbEnsureFbLoaded string| lastSocialShareId undefined| jQuery17108397697816389145_1717607498553 object| recentDonationsJsModule object| generalCaptchaSettings function| rbDoShowPop function| setTabbing function| scrollDownToFancyElm function| bindKeyPress4Fancy function| slideDownFancy function| slideUpFancy function| goToNextFancy function| fancyLiClick function| makeFancySlcts function| makeFancyRadios function| initTooltips function| hideTooltip function| sortAsc function| sortDesc function| sortExist function| doTableSort function| doTableInit function| getDictLength function| setStandaloneFooterToBottom object| generalCaptcha undefined| qsParmPop object| ajaxTable string| refreshThisBtn boolean| tooltipDead object| $toolTipCont object| $toolTipInner function| fbAsyncInit object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| exitUatPreviewMode string| timeZone object| $openPop function| onRecurringUpsellNoticeConverted boolean| isValid function| postscribe object| google_tag_manager_external object| FB object| recaptcha object| closure_lm_540673 object| __buffer object| OneTrustStub function| OptanonWrapper object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ function| RecentDonationsVue boolean| __VUE__ string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| Optanon object| OneTrust function| onYouTubeIframeAPIReady object| webVitals object| wrapper object| frame

11 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AI2IaOWLzAJ0NiTo1KQodJ2ZbxJBYbx1LamVQuQuh0dK4-4SI8lAGXA-ojNTsZtuzQS3LnSuqRaTDdM9MeiyHjE
t.e2ma.net/ Name: AWSALB
Value: DAVVwa4dMNoJBB4VKnKt25ciB1eDKpYC8FJH2stQvo7pVl1G5RfCjnxh9IqAeR8yah+ncLWcnVi0ZPHyN8/0RJZGsmftQIDYeZND2porViyzCrdAIUqV9DJKRTvM
t.e2ma.net/ Name: AWSALBCORS
Value: DAVVwa4dMNoJBB4VKnKt25ciB1eDKpYC8FJH2stQvo7pVl1G5RfCjnxh9IqAeR8yah+ncLWcnVi0ZPHyN8/0RJZGsmftQIDYeZND2porViyzCrdAIUqV9DJKRTvM
.give.cff.org/ Name: .rbsession4
Value: mjtihoi201f50kygneny0es0
.give.cff.org/ Name: _ga
Value: GA1.3.539417062.1717607499
.give.cff.org/ Name: _ga_KYX847QR49
Value: GS1.3.1717607498.1.0.1717607498.0.0.0
give.cff.org/ Name: donation-reminder-session
Value: 0.656439488775997
.cff.org/ Name: _gcl_au
Value: 1.1.1080332032.1717607499
.cff.org/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Wed+Jun+05+2024+19%3A11%3A39+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202401.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=6fccce6a-0568-49ef-bc45-ab082538016e&interactionCount=0&landingPath=https%3A%2F%2Fgive.cff.org%2F65rosesclub%2Fdonate%3Frbref%3D65RD2403ch%26donate%3D35%26unitid%3DWisconsin&groups=C0001%3A1%2CC0003%3A1%2CC0002%3A1%2CC0004%3A1
.cff.org/ Name: _ga
Value: GA1.1.539417062.1717607499
.cff.org/ Name: _ga_E51GG2CTD7
Value: GS1.1.1717607499.1.0.1717607499.0.0.0

3 Console Messages

Source Level URL
Text
other warning URL: https://cdn3.rallybound.com/Content/js/v2-main-top-w-standalone.E6A7081106C94CBC4C6E2EA19FA7633D.min.js(Line 5)
Message:
Allow attribute will take precedence over 'allowpaymentrequest'.
other warning URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.cff.org/65rosesclub/donate?rbref=65RD2403ch&donate=35&unitid=Wisconsin
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' admin.rallybound.com cff.org *.cff.org; report-uri https://rest.rallybound.com/api/cspreport;
Strict-Transport-Security max-age=15552000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.cookielaw.org
cdn3.rallybound.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
give.cff.org
graph.facebook.com
payments.rallybound.com
region1.google-analytics.com
t.e2ma.net
unpkg.com
www.google.com
www.googletagmanager.com
www.gstatic.com
142.250.181.232
142.250.186.68
157.240.252.10
157.240.252.13
18.233.135.139
2001:4860:4802:32::36
216.239.34.36
216.58.206.67
2600:9000:225b:b000:11:9f80:15c0:93a1
2606:4700:4400::ac40:9b77
2606:4700::6811:f8cb
2606:4700::6813:b134
2a00:1450:4001:812::200a
2a00:1450:4001:81d::2003
2a00:1450:4001:827::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2008
2a03:2880:f084:105:face:b00c:0:3
2a04:4e42:600::649
3.225.54.204
44.216.29.73
0201106038df301456922c2a5367249f9a0904ac57ff35f20641a2fe3ddc325c
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2ca9f20823ffa1266144cc2c6af10f9fe097305ace8fb845dd48ee045e81b235
2e23f6829451919d75ef0635c64550cfa9bb5e13c82f25d7b1ea11090324f3ef
32b3a9ad347203cff125001296cd6277daa9ee0515f5e05bd28453187e420277
3abb062bf7d12bf56c5c136ea9c9d640ccc11f7a113e8c3091c18e9953493a7a
3fd0694714932a51647d32cf08eb8444ac45f30b7385b6bf527f03f016ad2911
3fda0eb83eea5bc4287cf8a530724dfdd503a38906e0b35ad137910e3f868f49
406d038976a29a1e43a411b27c0445c66b7beea50b7ee50d13749d31af2a2149
4122ec76cfe36f6e64359e81f16dc9902781dae082df0f497232692792485ad8
4db20b8ce7630476a890b083372e7d3cb1434cd40e3562946f62a09c7c253e67
5456827859e90c0f022fd41eef0a10532a93797fd6e80d7af2a53ec341af05cc
5aeaf166e90f4e0fe14db1e92734ed11e967c31c0479b7cab938dad0143288d2
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5ffb6a75b9d0828021ac921c7e02c420e8dd3d26236ee2f439f4e3464c4496e1
6400897cd5da53a23bea537adad28096be10f73d24e8caf0b7d469555db4d525
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
72d9830a52597d534ae8f47eabb35eef20d343180a2e06417b7aa9784fc8e40c
767ede4ae50d636fb229ebc63fed6a93e12067c52434a37f55c3eb93caea4421
772ba4e7c02a03b95bd8fef71e44798097c7c37dc97d513843dceee897354738
793759e51016529a24b758ff40ef53c07ec77ef5e25d817ebe9d238499e3400a
80f33eedf939e9024713705b0cb1ca111157591373faa0ef2ff5e8b6cd775277
830965de01c4d254283a843311adcc3301522d2d60f6289c05b2dee015d3dacb
85926acd66622d5a7ead093a3910facfe721a772b5f855b22c25e639e90ede05
8d465fdfc926404589be856f6d5b8e30cc2df939d3dc6fa72289d0faca09611e
8d645ed2e72da8bbed4824b0adc7214794f7c29fac2ede1728b56ae54eea61d3
8e78975558e2e47f28e6633039141c6c1295fa0fceb4e709fc3c68de875e0bd4
8f282944a8ceb6951f538aef2365f6a85b9e793c3e04b47e12b0f2abf2196aca
8f9d219fb7392bd5e4b3ccca65d37dd1a24cea8e9a4e469429c00152f4812d8a
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
924164d62c29b38ead58d696b8b64479d5b565b5457c299da564bcaa355493d8
95d5b67a78f81f3c071b01f888c9a468c13c8288597b64c99ff829e35b51a012
998419c802568654e2ab5ab7246d370b72edfa5472d1e67e837276501a14243f
9db0d214e302091d8f91eeb2c8ce00c7e718941b3f9600a2b847104898f3c672
9db93d306ed7a1c0b7c1657f0c98a374501ef4d520e5bda71724bcdb952b17ea
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
ad4269a4b821427897a9544eaa3a79d43ac5e29a26e3bffb26a403e160d9648c
ae336e0d66d3595c7a27c878894ce724e9a0f808c2697b5e0b295650d0574676
af52aedd1263ca9ef44dacdbe45a8863ad3b724a7f98d159b3e60fb1aaa98d0c
b24cf0a7149a7ec7f9042aa9754b12bb25f3af5b6fe919c534cc41b76d9bcdd0
b90c8100617a4d62409227dc1075dfca29c35bca62fda557a4761a53e4d5f8dd
bf5f91c0a6ed32adaeca3c3268723e9ad79fd688c26e129fe7bc52488b98b5d1
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c579257ee6d41e9d647185b2115c362600704d9d2fbe56f8b5e781a594a038ac
d16798afce9f21e80df5f3ff8a10b4583f07f89ff40b0a7aa8ab84893830c192
d18f313f2489ed91cd15cf94a1e5668b8b0da8318f593d980228000a1757702f
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d5dcf75938d0384052cdd42d332a47a7e3916000b6bb648db07d596223bec137
d8fe5effa3de4e73408fd03c8fd4bbdfa973798ee2a8d2f68159c90bcbdb8db1
dc816420871def2a073fc576b23e023032e07bb1b800e9246280cc73bd2e7908
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96
e98d83a980cf0254bc5414ba21000bc3f0ad82260054125cd887ad51b6a10489
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
f68b749484c48ebbcab5a2f31424b2b32ad59b4a847aa25de0e0cab79bc693ec
f697abfe44d3f76eafaad4c72104effb51d7d3e8108876f989bf4aeb973d1389
fc2e5798ba2f836daefe1fa3dbcabc1a80a7f918495b8cbbdd10fc5fb7f6b2d6
fdfea52427fb822bebdd32b325768e73b40637bd203c100827d4dece88e431c3