urlscan.io logo urlscan.io
SecurityTrails logo

give.sawso.org Open in urlscan Pro
2606:4700::6812:7115  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://salarmy.us/ukrainecrisis
Effective URL: https://give.sawso.org/give/393706/
Submission: On March 03 via manual from GB — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 71 IPs in 2 countries across 54 domains to perform 249 HTTP transactions. The main IP is 2606:4700::6812:7115, located in United States and belongs to CLOUDFLARENET, US. The main domain is give.sawso.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 1st 2021. Valid for: a year.
This is the only time give.sawso.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.12 396982 (GOOGLE-PR...)
11 2606:4700::68... 13335 (CLOUDFLAR...)
15 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.143.247.24 8075 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 52.85.61.85 16509 (AMAZON-02)
13 151.101.192.176 54113 (FASTLY)
26 2607:f8b0:400... 15169 (GOOGLE)
1 52.85.61.81 16509 (AMAZON-02)
2 2600:1901:0:7... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 151.101.194.137 54113 (FASTLY)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 3.219.107.245 14618 (AMAZON-AES)
1 3 2606:2800:220... 15133 (EDGECAST)
2 2607:f8b0:400... 15169 (GOOGLE)
21 54.187.159.182 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 162.247.243.147 13335 (CLOUDFLAR...)
1 7 54.211.181.31 14618 (AMAZON-AES)
5 34.197.92.210 14618 (AMAZON-AES)
2 199.232.36.157 54113 (FASTLY)
3 23.64.96.61 16625 (AKAMAI-AS)
1 6 2620:1ec:c11:... 8068 (MICROSOFT...)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2600:9000:220... 16509 (AMAZON-02)
18 151.101.129.21 54113 (FASTLY)
1 104.244.42.8 13414 (TWITTER)
3 104.244.42.67 13414 (TWITTER)
3 104.244.42.5 13414 (TWITTER)
4 2607:f8b0:402... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
1 44.237.139.252 16509 (AMAZON-02)
2 54.212.155.93 16509 (AMAZON-02)
3 3 54.162.65.228 14618 (AMAZON-AES)
4 142.250.80.98 15169 (GOOGLE)
2 184.51.146.123 20940 (AKAMAI-ASN1)
1 5 2607:f8b0:400... 15169 (GOOGLE)
1 142.250.31.155 15169 (GOOGLE)
1 23.3.126.131 16625 (AKAMAI-AS)
1 2620:1ec:27::... 8075 (MICROSOFT...)
1 2 20.36.253.92 8075 (MICROSOFT...)
7 2607:f8b0:400... 15169 (GOOGLE)
1 3 2620:116:800b... 14618 (AMAZON-AES)
1 4 172.67.209.18 13335 (CLOUDFLAR...)
1 2a04:4e42:400... 54113 (FASTLY)
1 69.16.175.42 20446 (HIGHWINDS3)
9 10 151.101.2.49 54113 (FASTLY)
1 3 142.250.80.66 15169 (GOOGLE)
1 54.145.23.213 14618 (AMAZON-AES)
1 2 192.132.33.46 18568 (BIDTELLECT)
3 3 3.33.220.150 16509 (AMAZON-02)
1 1 23.209.184.224 16625 (AKAMAI-AS)
1 3.218.90.66 14618 (AMAZON-AES)
1 52.10.86.168 16509 (AMAZON-02)
5 2607:f8b0:400... 15169 (GOOGLE)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
1 3 54.236.94.205 14618 (AMAZON-AES)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
1 151.101.129.140 54113 (FASTLY)
1 2600:9000:220... 16509 (AMAZON-02)
3 20.75.32.255 8075 (MICROSOFT...)
12 151.101.193.35 54113 (FASTLY)
1 2 68.67.179.135 29990 (ASN-APPNEX)
2 2600:141b:13:... 20940 (AKAMAI-ASN1)
1 1 76.13.32.147 26101 (YAHOO-BF1)
2 4 34.106.92.18 396982 (GOOGLE-PR...)
1 8.43.72.97 26667 (RUBICONPR...)
1 2 23.52.162.21 16625 (AKAMAI-AS)
1 68.67.161.205 29990 (ASN-APPNEX)
1 2 34.98.64.218 15169 (GOOGLE)
1 8.28.7.83 62713 (AS-PUBMATIC)
1 2 192.35.249.120 11742 (SPOTX-IAD)
1 2a03:2880:f11... 32934 (FACEBOOK)
249 71
1    67.199.248.12 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: cname.bitly.com
salarmy.us
11    2606:4700::6812:7115 (United States)

ASN13335 (CLOUDFLARENET, US)
give.sawso.org
15    2606:4700::6812:843c (United States)

ASN13335 (CLOUDFLARENET, US)
prod-frs.content.classy.org
pay.classy.org
assets.classy.org
1    2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    52.143.247.24 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
htp.tokenex.com
1    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    52.85.61.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-85.ewr53.r.cloudfront.net
cdn.plaid.com
13    151.101.192.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
26    2607:f8b0:4006:81f::200e (Queens, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
play.google.com
1    52.85.61.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-81.ewr53.r.cloudfront.net
cdn.heapanalytics.com
2    2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
sessions.bugsnag.com
4    2607:f8b0:4006:80e::2008 (Queens, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
4    3.219.107.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-107-245.compute-1.amazonaws.com
heapanalytics.com
3    2606:2800:220:de:468:2285:c1:4a3 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    2607:f8b0:4006:822::200e (Queens, United States)

ASN15169 (GOOGLE, US)
www.youtube.com
21    54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com
q.stripe.com
r.stripe.com
1    2607:f8b0:4006:80d::200a (Queens, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
2    162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)
bam-cell.nr-data.net
7    54.211.181.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-181-31.compute-1.amazonaws.com
dpm.demdex.net
5    34.197.92.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-92-210.compute-1.amazonaws.com
bs.serving-sys.com
2    199.232.36.157 (New York, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
3    23.64.96.61 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-96-61.deploy.static.akamaitechnologies.com
www.everestjs.net
6    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
3    2607:f8b0:4004:c09::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2600:9000:2209:9200:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
18    151.101.129.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
1    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
3    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
3    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
4    2607:f8b0:4023:1407::5c (Columbus, United States)

ASN15169 (GOOGLE, US)
pay.google.com
6    2607:f8b0:4006:80a::2004 (Queens, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    44.237.139.252 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-139-252.us-west-2.compute.amazonaws.com
thesalvationarmy.demdex.net
2    54.212.155.93 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-212-155-93.us-west-2.compute.amazonaws.com
thesalvationarmy.sc.omtrdc.net
3    54.162.65.228 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-65-228.compute-1.amazonaws.com
cm.everesttech.net
4    142.250.80.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net
www.googleadservices.com
2    184.51.146.123 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-51-146-123.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
5    2607:f8b0:4006:80c::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.31.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net
bid.g.doubleclick.net
1    23.3.126.131 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-126-131.deploy.static.akamaitechnologies.com
t.paypal.com
1    2620:1ec:27::cafe:2008 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    20.36.253.92 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
7    2607:f8b0:4006:816::2003 (Queens, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2620:116:800b:21:f803:c51b:4d23:ce8c (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
4    172.67.209.18 (United States)

ASN13335 (CLOUDFLARENET, US)
getrockerbox.com
1    2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
1    69.16.175.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: tlb.hwcdn.net
cdn.bttrack.com
10    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
rtd-tm.everesttech.net
lasteventf-tm.everesttech.net
sync-tm.everesttech.net
3    142.250.80.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net
cm.g.doubleclick.net
1    54.145.23.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-23-213.compute-1.amazonaws.com
b.videoamp.com
2    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
3    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
1    23.209.184.224 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-184-224.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    3.218.90.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    52.10.86.168 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-86-168.us-west-2.compute.amazonaws.com
m.stripe.com
5    2607:f8b0:4006:80e::2003 (Queens, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
3    54.236.94.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-94-205.compute-1.amazonaws.com
pixel.everesttech.net
1    2600:141b:13::17d7:82ca (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
dap-dist.akamaized.net
1    151.101.129.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
1    2600:9000:2209:1800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
3    20.75.32.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
b.clarity.ms
12    151.101.193.35 (United States)

ASN54113 (FASTLY, US)
c.paypal.com
c6.paypal.com
2    68.67.179.135 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
2    2600:141b:13::1732:35b9 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
salvationarmyusa.dap.akadns.net
1    76.13.32.147 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com
cms.analytics.yahoo.com
4    34.106.92.18 (Salt Lake City, United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 18.92.106.34.bc.googleusercontent.com
b.stats.paypal.com
slc.stats.paypal.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    23.52.162.21 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
1    68.67.161.205 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 799.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
1    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    192.35.249.120 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
1    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
35 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2527
t.paypal.com — Cisco Umbrella Rank: 3344
c.paypal.com — Cisco Umbrella Rank: 5653
b.stats.paypal.com — Cisco Umbrella Rank: 4438
slc.stats.paypal.com — Cisco Umbrella Rank: 8119
c6.paypal.com — Cisco Umbrella Rank: 6488
799 KB
35 stripe.com
js.stripe.com — Cisco Umbrella Rank: 894
q.stripe.com — Cisco Umbrella Rank: 5856
r.stripe.com — Cisco Umbrella Rank: 3909
m.stripe.com — Cisco Umbrella Rank: 854
318 KB
23 google.com
pay.google.com — Cisco Umbrella Rank: 2999
www.google.com — Cisco Umbrella Rank: 2
play.google.com — Cisco Umbrella Rank: 32
386 KB
16 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 878
rtd-tm.everesttech.net — Cisco Umbrella Rank: 1825
lasteventf-tm.everesttech.net — Cisco Umbrella Rank: 6213
pixel.everesttech.net — Cisco Umbrella Rank: 2828
sync-tm.everesttech.net — Cisco Umbrella Rank: 490
5 KB
15 classy.org
prod-frs.content.classy.org — Cisco Umbrella Rank: 123985
pay.classy.org — Cisco Umbrella Rank: 182491
assets.classy.org — Cisco Umbrella Rank: 128873
1 MB
13 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
60 KB
12 gstatic.com
fonts.gstatic.com
www.gstatic.com
296 KB
12 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 68
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
bid.g.doubleclick.net — Cisco Umbrella Rank: 468
cm.g.doubleclick.net — Cisco Umbrella Rank: 176
7 KB
11 sawso.org
give.sawso.org
44 KB
8 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 184
thesalvationarmy.demdex.net — Cisco Umbrella Rank: 313374
11 KB
7 serving-sys.com
bs.serving-sys.com — Cisco Umbrella Rank: 1182
secure-ds.serving-sys.com — Cisco Umbrella Rank: 1874
13 KB
7 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 525
syndication.twitter.com — Cisco Umbrella Rank: 769
analytics.twitter.com — Cisco Umbrella Rank: 464
134 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 916
c.clarity.ms — Cisco Umbrella Rank: 547
b.clarity.ms — Cisco Umbrella Rank: 2975
24 KB
6 bing.com
bat.bing.com — Cisco Umbrella Rank: 338
c.bing.com — Cisco Umbrella Rank: 193
14 KB
5 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 2997
heapanalytics.com — Cisco Umbrella Rank: 2623
45 KB
4 getrockerbox.com
getrockerbox.com — Cisco Umbrella Rank: 4031
12 KB
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 101
45 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54
275 KB
3 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 359
ib.adnxs.com — Cisco Umbrella Rank: 205
3 KB
3 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 567
match.adsrvr.org — Cisco Umbrella Rank: 293
2 KB
3 bttrack.com
cdn.bttrack.com — Cisco Umbrella Rank: 6174
bttrack.com — Cisco Umbrella Rank: 659
4 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 839
pixel.quantserve.com — Cisco Umbrella Rank: 381
11 KB
3 t.co
t.co — Cisco Umbrella Rank: 448
594 B
3 everestjs.net
www.everestjs.net — Cisco Umbrella Rank: 5752
32 KB
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 480
1 KB
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 323
382 B
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496
2 KB
2 akadns.net
salvationarmyusa.dap.akadns.net — Cisco Umbrella Rank: 635838
1 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 268
cms.analytics.yahoo.com — Cisco Umbrella Rank: 777
1 KB
2 omtrdc.net
thesalvationarmy.sc.omtrdc.net — Cisco Umbrella Rank: 289501
4 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 948
18 KB
2 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 531
11 KB
2 nr-data.net
bam-cell.nr-data.net — Cisco Umbrella Rank: 309
1 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 588
60 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 88
51 KB
2 bugsnag.com
sessions.bugsnag.com — Cisco Umbrella Rank: 743
140 B
2 plaid.com
cdn.plaid.com — Cisco Umbrella Rank: 15134
154 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
2 KB
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 774
548 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 289
753 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 792
2 KB
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1433
157 B
1 akamaized.net
dap-dist.akamaized.net — Cisco Umbrella Rank: 695321
9 KB
1 turn.com
d.turn.com — Cisco Umbrella Rank: 652
402 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 404
846 B
1 videoamp.com
b.videoamp.com — Cisco Umbrella Rank: 4655
312 B
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1376
8 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 727
257 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 306
18 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 821
3 KB
1 tokenex.com
htp.tokenex.com — Cisco Umbrella Rank: 33910
4 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1207
5 KB
1 salarmy.us
salarmy.us
295 B
249 54
Domain Requested by
18 www.paypal.com give.sawso.org
www.paypal.com
16 r.stripe.com js.stripe.com
13 play.google.com www.gstatic.com
13 www.google-analytics.com give.sawso.org
www.gstatic.com
13 js.stripe.com give.sawso.org
js.stripe.com
11 give.sawso.org give.sawso.org
10 c.paypal.com www.paypal.com
c.paypal.com
9 prod-frs.content.classy.org give.sawso.org
prod-frs.content.classy.org
8 sync-tm.everesttech.net 8 redirects
7 fonts.gstatic.com fonts.googleapis.com
7 dpm.demdex.net 1 redirects give.sawso.org
6 www.google.com
5 www.gstatic.com pay.google.com
www.gstatic.com
5 googleads.g.doubleclick.net 1 redirects give.sawso.org
5 bat.bing.com give.sawso.org
5 bs.serving-sys.com give.sawso.org
5 q.stripe.com give.sawso.org
4 getrockerbox.com 1 redirects give.sawso.org
4 www.googleadservices.com give.sawso.org
4 pay.google.com js.stripe.com
pay.google.com
give.sawso.org
www.gstatic.com
4 heapanalytics.com
4 www.googletagmanager.com give.sawso.org
3 b.clarity.ms give.sawso.org
3 pixel.everesttech.net 1 redirects
3 cm.g.doubleclick.net 1 redirects
3 cm.everesttech.net 3 redirects
3 t.co
3 analytics.twitter.com give.sawso.org
3 stats.g.doubleclick.net give.sawso.org
3 www.everestjs.net give.sawso.org
3 assets.classy.org
3 pay.classy.org give.sawso.org
3 platform.twitter.com 1 redirects give.sawso.org
2 sync.search.spotxchange.com 1 redirects
2 us-u.openx.net 1 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 c6.paypal.com
2 slc.stats.paypal.com
2 b.stats.paypal.com 2 redirects
2 salvationarmyusa.dap.akadns.net give.sawso.org
2 secure.adnxs.com 1 redirects
2 pixel.quantserve.com 1 redirects
2 match.adsrvr.org 2 redirects
2 bttrack.com 1 redirects
2 c.clarity.ms 1 redirects
2 secure-ds.serving-sys.com give.sawso.org
2 thesalvationarmy.sc.omtrdc.net give.sawso.org
2 m.stripe.network js.stripe.com
m.stripe.network
2 static.ads-twitter.com give.sawso.org
2 bam-cell.nr-data.net give.sawso.org
2 code.jquery.com give.sawso.org
2 www.youtube.com give.sawso.org
2 sessions.bugsnag.com give.sawso.org
2 cdn.plaid.com give.sawso.org
1 www.facebook.com
1 image2.pubmatic.com
1 ib.adnxs.com
1 pixel.rubiconproject.com
1 cms.analytics.yahoo.com 1 redirects
1 rules.quantcount.com give.sawso.org
1 alb.reddit.com
1 dap-dist.akamaized.net give.sawso.org
1 d.turn.com 1 redirects
1 lasteventf-tm.everesttech.net give.sawso.org
1 m.stripe.com m.stripe.network
1 ups.analytics.yahoo.com
1 tags.bluekai.com 1 redirects
1 insight.adsrvr.org 1 redirects
1 b.videoamp.com
1 rtd-tm.everesttech.net 1 redirects
1 cdn.bttrack.com give.sawso.org
1 www.redditstatic.com give.sawso.org
1 secure.quantserve.com give.sawso.org
1 c.bing.com 1 redirects
1 www.clarity.ms give.sawso.org
1 t.paypal.com
1 bid.g.doubleclick.net give.sawso.org
1 thesalvationarmy.demdex.net give.sawso.org
1 syndication.twitter.com platform.twitter.com
1 fonts.googleapis.com give.sawso.org
1 geolocation.onetrust.com give.sawso.org
1 js-agent.newrelic.com give.sawso.org
1 cdn.heapanalytics.com give.sawso.org
1 unpkg.com give.sawso.org
1 htp.tokenex.com give.sawso.org
1 static.cloudflareinsights.com give.sawso.org
1 salarmy.us 1 redirects
249 87

This site contains links to these domains. Also see Links.

Domain
www.classy.org
classy.org
Subject Issuer Validity Valid
give.sawso.org
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
classy.org
Cloudflare Inc ECC CA-3		 2021-06-03 -
2022-06-02		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
api.tokenex.com
Go Daddy Secure Certificate Authority - G2		 2022-01-12 -
2023-02-13		 a year crt.sh
secure.plaid.com
DigiCert SHA2 Extended Validation Server CA		 2020-04-17 -
2022-04-22		 2 years crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2022-01-26 -
2022-05-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
cdn.heapanalytics.com
Amazon		 2021-08-28 -
2022-09-26		 a year crt.sh
*.bugsnag.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-05 -
2022-05-05		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-06 -
2022-11-07		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh
heapanalytics.com
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
pay.classy.org
Cloudflare Inc ECC CA-3		 2021-06-08 -
2022-06-07		 a year crt.sh
*.stripe.com
DigiCert SHA2 Secure Server CA		 2021-09-08 -
2022-09-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
bs.serving-sys.com
Amazon		 2021-05-20 -
2022-06-18		 a year crt.sh
www.everestjs.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-02 -
2022-09-02		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-02-11 -
2023-03-14		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.sc.omtrdc.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-17 -
2023-03-07		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
secure-ds.serving-sys.com
DigiCert SHA2 Secure Server CA		 2021-04-28 -
2022-05-03		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2021-09-17 -
2022-10-18		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-01 -
2022-06-01		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
getrockerbox.com
Cloudflare Inc ECC CA-3		 2022-02-13 -
2023-02-12		 a year crt.sh
www.redditstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-17 -
2022-08-16		 6 months crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
*.videoamp.com
Amazon		 2021-10-06 -
2022-11-04		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-11 -
2022-05-04		 4 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-17 -
2022-08-16		 6 months crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01		 2021-07-27 -
2022-07-27		 a year crt.sh
salvationarmyusa.dap.akadns.net
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
*.tmogul.com
Amazon		 2021-07-15 -
2022-08-13		 a year crt.sh

This page contains 19 frames:

Primary Page: https://give.sawso.org/give/393706/
Frame ID: 9F411383B2B9EC627BAF979D686D6388
Requests: 146 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-ce3cdfac755a319f13136d294df99983.html
Frame ID: 4A5AE5F11096531F7BC12D37BB7A03EB
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fgive.sawso.org
Frame ID: DD986977D38C6646AA8BBFCE0632D51D
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 118AD2F7156A4A0553AECC879CC061D7
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-11ddfb9d1b717b796454674767f13508.html
Frame ID: A74B3CF60E76BA89901D49055B4A2313
Requests: 20 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-f3c243e24e2fb9589c04af30fe70ed74.html
Frame ID: 40C747CCC3CC82DCF8A6ACBFA67C359F
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-b51919bd0f0a8c44e76dbe1b415ff066.html
Frame ID: 9EBB14A2615C92D4D2E02E08DF225BCC
Requests: 4 HTTP requests in this frame

Frame: https://thesalvationarmy.demdex.net/dest5.html?d_nsid=0
Frame ID: 9A2424F9DE6F4B1F6195D5DCAA09F1FA
Requests: 14 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 534BE35905824FCDED67BE208209D38F
Requests: 1 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 8BD773483952AC63367F1FC3E2E9F860
Requests: 16 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZlbmFibGUtZnVuZGluZz12ZW5tbyZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5Jm1lcmNoYW50LWlkPUJYSjVZU1RXSFNRWVEmY29tbWl0PWZhbHNlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfa2xka2drcWthbmZ2cmdnZnZja3d1bmJrcXN1cGZpIn19&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=a314411c7d694&storageID=uid_29732d8222_mte6ndg6ntc&sessionID=uid_922888e6dc_mte6ndg6ntc&buttonSessionID=uid_fc30b3d375_mte6ndg6ntg&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6dHJ1ZSwibWVyY2hhbnRDb25maWdIYXNoIjoiMmU3NjAyNDA5YWRhZWVlMWEzYWFlYzM1NWQyZWQ4YzRhZDAzNWU4OSIsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjoiZXhwZXJpbWVudGFibGUifSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhcmlhbnQiOiJleHBlcmltZW50YWJsZSJ9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOnRydWV9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6dHJ1ZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=true&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&merchantID.0=BXJ5YSTWHSQYQ&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Frame ID: C14472AD63E0E9497BD102ADE728A9DF
Requests: 6 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5JmludGVudD10b2tlbml6ZSZ2YXVsdD10cnVlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfdXRobmR6bHp0cWNtZ2pyam5jaWpyc29mdGpmdmx5In19&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=f312126797ac9&storageID=uid_1e6744abf7_mte6ndg6ntg&sessionID=uid_49a2e987d5_mte6ndg6ntg&buttonSessionID=uid_4ffb326479_mte6ndg6ntg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiMmU3NjAyNDA5YWRhZWVlMWEzYWFlYzM1NWQyZWQ4YzRhZDAzNWU4OSIsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjp0cnVlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Frame ID: C1A1C35A0C6684502873277EC30887C8
Requests: 6 HTTP requests in this frame

Frame: data://truncated
Frame ID: C7202C3B9AE57731B5A57A1AFC359607
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 5EFF9E29EB9868EFDAB4518172B6DC20
Requests: 1 HTTP requests in this frame

Frame: https://www.everestjs.net/static/pixel_details.html
Frame ID: 6F17C7E029A5A2B65365D1E4F7B3F7FE
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 9763640B96E1243CD83762722B3F9889
Requests: 5 HTTP requests in this frame

Frame: https://slc.stats.paypal.com/v2/counter2.cgi?p=uid_922888e6dc_mte6ndg6ntc&s=SMART_PAYMENT_BUTTONS
Frame ID: 2F870C4DC4C62FBA6282581A4036260F
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 195A848958CF6305E764BE2D7B91BCF9
Requests: 5 HTTP requests in this frame

Frame: https://slc.stats.paypal.com/v2/counter2.cgi?p=uid_49a2e987d5_mte6ndg6ntg&s=SMART_PAYMENT_BUTTONS
Frame ID: CCEE390B3180B60D8754B8E233B9C93F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Donate to Help in Ukraine

Page URL History Show full URLs

  1. https://salarmy.us/ukrainecrisis HTTP 302
    https://give.sawso.org/give/393706/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • heap-\d+\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

249
Requests

91 %
HTTPS

37 %
IPv6

54
Domains

87
Subdomains

71
IPs

2
Countries

4031 kB
Transfer

12609 kB
Size

96
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://salarmy.us/ukrainecrisis HTTP 302
    https://give.sawso.org/give/393706/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54
  • https://platform.twitter.com/oct.js HTTP 301
  • https://static.ads-twitter.com/oct.js
Request Chain 85
  • https://cm.everesttech.net/cm/dd?d_uuid=83338073149347130610678269272526832418 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiCrKQAAAFOPYARA
Request Chain 121
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=13BB353D1BA54C57A356225B4277C644&RedC=c.clarity.ms&MXFR=39489AE697CF68A402158BBA93CF662E HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=13BB353D1BA54C57A356225B4277C644&MUID=34E063E27C196CD5316A72BE7D7B6D5A
Request Chain 147
  • https://rtd-tm.everesttech.net/upi/?sid=BI5HN7C1EL5Auw2BCnPp&cs=1&gtmcb=636270098 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWlDcktRQUFBRk9QWUFSQQ
Request Chain 150
  • https://insight.adsrvr.org/track/pxl/?adv=9vus3v7&ct=0:95naoge&fmt=3 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=14592955-fd9d-4a52-95dd-654fd0ed5b4b&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
  • https://tags.bluekai.com/site/5386?id=14592955-fd9d-4a52-95dd-654fd0ed5b4b&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbluekai HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=14592955-fd9d-4a52-95dd-654fd0ed5b4b&_origin=1&gdpr=0&gdpr_consent=
Request Chain 167
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=4020377871843843627
Request Chain 168
  • https://pixel.everesttech.net/8196/gr?ev_gb=0&url=https%3A%2F%2Fwww.everestjs.net%2Fstatic%2Fpixel_details.html%23google%3D__EFGCK__%26gsurfer%3D__EFGSURFER__%26imsId%3D__EFIMSORGID__%26optout%3D__EFOPTOUT__%26throttleCookie%3D__EFSYNC__%26time%3D__EFTIME__ HTTP 302
  • https://www.everestjs.net/static/pixel_details.html
Request Chain 183
  • https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=0zb214Rm9obIZ_GE0DTphIc2_IPINqbT3Tca7JGr
Request Chain 185
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/980170053/?random=865230684&cv=9&fst=1646308138603&num=1&value=0&label=x8c1CMjokmsQxeqw0wM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F&tiba=Donate%20to%20Help%20in%20Ukraine&auid=617112300.1646308137&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=KqsgYtayJ9iOoPMPh46kyAQ&sscte=1&crd=CNPgGw&eitems=ChEIgOuBkQYQ2ffk1omxo5XbARIdAHMG3stDKen-CBgDrmwyLsueyTKlWsTn9X7ksc0 HTTP 302
  • https://www.google.com/pagead/1p-conversion/980170053/?random=865230684&cv=9&fst=1646308138603&num=1&value=0&label=x8c1CMjokmsQxeqw0wM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F&tiba=Donate%20to%20Help%20in%20Ukraine&auid=617112300.1646308137&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=KqsgYtayJ9iOoPMPh46kyAQ&cid=CAQSKQCNIrLMzClan8rxMrhAe_vft5kFJyzSnm3LEU1CsGlKiz4b_0yHDZW7&eitems=ChEIgOuBkQYQ2ffk1omxo5XbARIdAHMG3ssoIEDGJt1B_J1UcG-TqCENOJD28LzEvBo&random=77396955&resp=GooglemKTybQhCsO
Request Chain 189
  • https://getrockerbox.com/rb?url=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F%23!%2Fdonation%2Fcheckout%3Fc_src%3DURLShortener%26c_src2%3Dukrainecrisis&action=view&source=salvation_army&rb_source=salvation_army&script_version=xyz.js&sessionId=50ad75a2-2a59-4a5f-88b8-fd89de26da48&an_seg=9705236&type=imp&customer_id=undefined&uid=rbos-c1cbf3a5-7dbb-4cbd-9ea9-cb437376e1df HTTP 302
  • https://secure.adnxs.com/seg?add=9705236 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9705236
Request Chain 197
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=83338073149347130610678269272526832418&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-FztSn_BE2pGN0lTBY.9rWqxe_HijLjrojsc-~A
Request Chain 202
  • https://cm.everesttech.net/cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&url=/1x1&google_hm=WWlDcktRQUFBRk9QWUFSQQ HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_gid=CAESEAjNpRn2bpfUGBk79qumkEQ&google_cver=1 HTTP 302
  • https://pixel.everesttech.net/1x1
Request Chain 204
  • https://b.stats.paypal.com/v2/counter.cgi?p=uid_922888e6dc_mte6ndg6ntc&s=SMART_PAYMENT_BUTTONS HTTP 302
  • https://slc.stats.paypal.com/v2/counter2.cgi?p=uid_922888e6dc_mte6ndg6ntc&s=SMART_PAYMENT_BUTTONS
Request Chain 206
  • https://b.stats.paypal.com/v2/counter.cgi?p=uid_49a2e987d5_mte6ndg6ntg&s=SMART_PAYMENT_BUTTONS HTTP 302
  • https://slc.stats.paypal.com/v2/counter2.cgi?p=uid_49a2e987d5_mte6ndg6ntg&s=SMART_PAYMENT_BUTTONS
Request Chain 207
  • https://bttrack.com/dmp/adobe/user?dd_uuid=83338073149347130610678269272526832418 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=49276&dpuuid=448581c5-b9ef-4097-802d-a87d6154c35e
Request Chain 227
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWlDcktRQUFBRk9QWUFSQQ==
Request Chain 242
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YiCrKQAAAFOPYARA&expires=90
Request Chain 243
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YiCrKQAAAFOPYARA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YiCrKQAAAFOPYARA&C=1
Request Chain 244
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=YiCrKQAAAFOPYARA
Request Chain 245
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YiCrKQAAAFOPYARA HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YiCrKQAAAFOPYARA
Request Chain 246
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YiCrKQAAAFOPYARA
Request Chain 247
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YiCrKQAAAFOPYARA&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YiCrKQAAAFOPYARA&img=1&__user_check__=1&sync_id=ea389318-9ae7-11ec-99db-1fd605430203
Request Chain 248
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YiCrKQAAAFOPYARA&t=2592000&o=0

249 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
give.sawso.org/give/393706/
Redirect Chain
  • https://salarmy.us/ukrainecrisis
  • https://give.sawso.org/give/393706/
79 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
172f760a1ca6ec0db87f090a6a566466bb901d8a570c6bffe2a1c2351e3eafe9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Thu, 03 Mar 2022 11:48:56 GMT
content-type
text/html; charset=utf-8
cf-ray
6e6225598ca71849-EWR
cache-control
private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
content-security-policy
frame-ancestors 'self';
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options
nosniff
x-xss-protection
1; mode=block
vary
Accept-Encoding
server
cloudflare
content-encoding
br

Redirect headers

cache-control
private, max-age=90
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Thu, 03 Mar 2022 11:48:55 GMT
location
https://give.sawso.org/give/393706/#!/donation/checkout?c_src=URLShortener&c_src2=ukrainecrisis
referrer-policy
unsafe-url
server
nginx
strict-transport-security
max-age=1209600
content-length
186
main.css
prod-frs.content.classy.org/prod/15992/static/frs/ 		1 MB
136 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prod-frs.content.classy.org/prod/15992/static/frs/main.css
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8de32eaddf6935168f5339f41de7c43dbfd1d0d33baedff4178331beba61d83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:56 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
40601
cf-polished
origSize=1082629
x-amz-request-id
E6FFJF7ECGSHFHKE
x-amz-id-2
JOsUKO5yS0DoJu6xtu/aWySm1lnd0l4Z9Wj7GxJeLc+gkLXMGjehrJZuH5g8WJLEyo+vTP3qF6Q=
last-modified
Mon, 28 Feb 2022 18:48:28 GMT
server
cloudflare
etag
W/"8a8a1165ab59910d65f8b5b707de03d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
max-age=86400
cf-ray
6e62255b9bad19df-EWR
cf-bgj
minify
rocket-loader.min.js
give.sawso.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://give.sawso.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/give/393706/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 28 Feb 2022 17:09:01 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"621d01ad-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=172800, public
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
6e62255b7f491849-EWR
expires
Sat, 05 Mar 2022 11:48:56 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://give.sawso.org/
Origin
https://give.sawso.org
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:56 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6e62255b9c873350-EWR
onetrustConsent-1539020710655.js
prod-frs.content.classy.org/prod/15992/static/onetrust/ 		50 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod-frs.content.classy.org/prod/15992/static/onetrust/onetrustConsent-1539020710655.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
987371454c1ad11929a412bd48f8ca28d2a951425e60023e9b1031575980ac9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:56 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
40601
cf-polished
origSize=54583
x-amz-request-id
E6F3NFJJ73SE9D9P
x-amz-id-2
riybrviYHblO8pF6Q4eAT0rylG6xlRr4ttr8KBjyqT5zrZIgTKZHC9d4VEa6QZrlr2d6l/3xbyA=
last-modified
Mon, 28 Feb 2022 18:48:28 GMT
server
cloudflare
etag
W/"64c3a4446a1c238c4df7f2db78163772"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=86400
cf-ray
6e62255b9bb119df-EWR
cf-bgj
minify
iframe-v3.min.js
htp.tokenex.com/iframe/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://htp.tokenex.com/iframe/iframe-v3.min.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
53f02d29d8d4147a41c50b3ca5b7d3d1bd88b73df595a1f638634c464362c1c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 08 Feb 2022 19:59:33 GMT
etag
"800ef63261dd81:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
date
Thu, 03 Mar 2022 11:48:55 GMT
accept-ranges
bytes
content-length
3968
x-xss-protection
1; mode=block
paypal-js.legacy.min.js
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:56 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
6142478
fly-request-id
01FQGQVJW0EFAETZ60C6EPCWDP
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6e62255bbeab1977-EWR
module.min.js
prod-frs.content.classy.org/prod/15992/static/frs/donation/ 		178 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod-frs.content.classy.org/prod/15992/static/frs/donation/module.min.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8e79771e48c91e1475afbd1122c2970abc652c4b540ad300b7d87aae1f75ba3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Feb 2022 18:48:28 GMT
server
cloudflare
age
40587
etag
W/"9329792c4e30cbabc93c06df7bb93b01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
6e62255b9bb219df-EWR
x-amz-request-id
E6F1A5N5G6KFG00C
x-amz-id-2
yqRR5juQYHnKZcAzNdyeP0sPNzasZA0+I5ERDgXKx06tWKry3eFuuOlY/RLt92QLjF/lfQ10gQk=
module.min.js
prod-frs.content.classy.org/prod/15992/static/global/ 		2 MB
340 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod-frs.content.classy.org/prod/15992/static/global/module.min.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92799d9c60109152632b91f40fc8d24b3979a4f0c588e73d0849e267404c558d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Feb 2022 18:48:28 GMT
server
cloudflare
age
40601
etag
W/"4ede5902d60b36e4dd0bb894cc6125eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
6e62255b9bb319df-EWR
x-amz-request-id
E6F45MM2BWT8CA2C
x-amz-id-2
IiaqNHStMEK16N3fc0S4jPyFnKCB87G/mBv6MpJnFKgQ4+BNCSBO90Nq8G1n8LXCKh3G35dZrKk=
libs.min.js
prod-frs.content.classy.org/prod/15992/static/global/ 		1 MB
430 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod-frs.content.classy.org/prod/15992/static/global/libs.min.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Feb 2022 18:48:28 GMT
server
cloudflare
age
40601
etag
W/"772e1301b871cc2545926cb86ee5965f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
6e62255b9bb419df-EWR
x-amz-request-id
E6FC0AFTMFZGSDB9
x-amz-id-2
PjVhzdqPQRmiZ+YJVAKAxXN1SvM/330uHO1dsWncKiFGNPPIaMhvt+23MiJmnsLeiWRKaq2x7xg=
link-initialize.js
cdn.plaid.com/link/v2/stable/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-85.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
25f6abc92aeb0c0f58e8a4c0a1f3d7565237b11319b2cb1313aeabc5d239429d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
v78fEcwTrwXx2eLrIcPwmry4YkubEEf2
content-encoding
gzip
etag
W/"d265c47d5e03b054a14458f255b1d98d"
age
16743
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-request-id
PCRQPBAB4DJCH8PH
x-amz-id-2
n7WvmHjpqW3xEdyvm06MYwdnVYBOETEfdTvw4k5KLmZDfy6Ai2uWrG8b+yjKy5KvvffwTdeKFlw=
last-modified
Fri, 25 Feb 2022 16:32:20 GMT
server
AmazonS3
date
Thu, 03 Mar 2022 07:09:54 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 3c5c6d0ac004d7cc9b79e2835fc1f6a4.cloudfront.net (CloudFront)
cache-control
no-cache,must-revalidate,max-age=0
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
QZBEmQTQp45oK4CLstlFQtdGW0PygKOkWY3WFbG9SNC57y_6UZUK7A==
/
js.stripe.com/v3/ 		279 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
3eebe8ba77272ac8421d69c02592ba09b471a7c1c71a584de3810ec174785a39
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
52
x-cache
HIT
content-length
68188
etag
"7d43e00bd8a5199755edf15e127352ec"
x-request-id
ba9c365b-32ee-4597-90f5-54603d4bed5b
x-served-by
cache-lga21920-LGA
access-control-allow-origin
*
last-modified
Wed, 02 Mar 2022 22:42:42 GMT
server
Fastly
date
Thu, 03 Mar 2022 11:48:56 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
10
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3900
date
Thu, 03 Mar 2022 10:43:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 03 Mar 2022 12:43:56 GMT
heap-1566116007.js
cdn.heapanalytics.com/js/ 		113 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-1566116007.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-81.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
2e8438105103d9fa45ea35fa84ebbd53e0d425bb507f810cc8b316c91935419d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:49 GMT
content-encoding
gzip
server
nginx
age
7
etag
W/"1c2f9-gR9cq/vn91i+oof5BPtq/g"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 c22d4946ef5faea12b8d3942ceb9259a.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-pop
EWR53-P1
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
RKfEajln204LIqvfKdDr-ykDLi8YuI3kn_HTJIya4NYric_6JHC0RQ==
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin
https://give.sawso.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
date
Thu, 03 Mar 2022 11:48:56 GMT
content-length
0
via
1.1 google
alt-svc
clear
/
sessions.bugsnag.com/ 		21 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1.0
Referer
https://give.sawso.org/
Bugsnag-Sent-At
2022-03-03T11:48:56.798Z
Accept-Language
en-US,en;q=0.9
Bugsnag-Api-Key
ed2f4223afa43ef4870a151ab82d1ac6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 03 Mar 2022 11:48:56 GMT
via
1.1 google
bugsnag-session-uuid
f85fec85-c226-41ad-b8e8-1356de587a21
alt-svc
clear
content-length
21
content-type
application/json
gtm.js
www.googletagmanager.com/ 		567 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PMXWH57
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5d876b6000c53e5342005918c9ffe3538e64ba0467bcb6191a697c9589590438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
144346
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 03 Mar 2022 11:48:56 GMT
sdk.js
give.sawso.org/sso/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://give.sawso.org/sso/sdk.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
f70b05c50d20b6044717b1a0f732d9f20958482d5391450af6a1cbce1eb2e514
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/give/393706/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:56 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
717
x-powered-by
PHP/5.6.40
cf-bgj
minify
last-modified
Thu, 03 Mar 2022 11:36:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=utf-8
cache-control
max-age=1200
cf-polished
origSize=21336
cf-ray
6e62255f5c851849-EWR
expires
Thu, 03 Mar 2022 11:56:59 GMT
link-dynamic-loader.js
cdn.plaid.com/link/2.0.1276/ 		0
124 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.plaid.com/link/2.0.1276/link-dynamic-loader.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-85.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
hlRx_vEoYUhgAOU8XpkAMzFGYDGtm2hE
via
1.1 3c5c6d0ac004d7cc9b79e2835fc1f6a4.cloudfront.net (CloudFront)
etag
"7974e7417ed71d86c130904f1f6b0957"
age
32215
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
126381
last-modified
Fri, 25 Feb 2022 16:32:20 GMT
server
AmazonS3
date
Thu, 03 Mar 2022 02:52:02 GMT
content-type
application/javascript
cache-control
max-age=10800
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
x-amz-cf-id
NpQRO22-Uxwst1DZDrMKcdO5X7JZeFFFMt6klEnORMOiZKIi8ibpFg==
m-outer-ce3cdfac755a319f13136d294df99983.html
js.stripe.com/v3/ Frame 4A5A 		240 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-ce3cdfac755a319f13136d294df99983.html
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
39274d16fe03d66d8a425007eeb00f2d51496db71e847a0940a1b3ae12c42fed
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/

Response headers

last-modified
Mon, 28 Feb 2022 20:02:46 GMT
etag
"ce3cdfac755a319f13136d294df99983"
cache-control
max-age=31536000
content-type
text/html; charset=utf-8
content-security-policy
default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
server
Fastly
content-encoding
br
accept-ranges
bytes
date
Thu, 03 Mar 2022 11:48:56 GMT
via
1.1 varnish
age
229423
x-request-id
4e2a25ba-40b9-450d-b611-17ac5955652e
x-served-by
cache-lga21920-LGA
x-cache
HIT
x-cache-hits
53045
vary
Accept-Encoding
timing-allow-origin
*
content-length
142
nr-spa-1215.min.js
js-agent.newrelic.com/ 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1215.min.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
zcmP9QP8YWQtiPZETZozJGQXbXQvWuWT
content-encoding
gzip
etag
"7e1862f7a390ed9fc02c299216395547"
x-amz-request-id
R600VP37ZME39AXZ
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
17465
x-amz-id-2
PR6zqWHQZkdLfe9aX2UBLt9vGawtTVBmWgQ/Jy3u5u6nnJXI7zzIc7tm9zjRng7+QyHF51DDh3M=
x-served-by
cache-lga21949-LGA
last-modified
Mon, 24 Jan 2022 22:13:54 GMT
server
AmazonS3
x-timer
S1646308137.912674,VS0,VE0
date
Thu, 03 Mar 2022 11:48:56 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1029
optanon.css
prod-frs.content.classy.org/prod/15992/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/ 		22 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prod-frs.content.classy.org/prod/15992/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/optanon.css
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adf4afee15d307888f52c5c1b8649ba2ef593e9a04e1400b63f80774c0d20176
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:56 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
40600
cf-polished
origSize=22581
x-amz-request-id
YZG5CHVYHW96CGGQ
x-amz-id-2
rI46cVcBuhkuzLpB3v20MBYNu3g5zAhcXXuPQpA0aj6ueImC00xaHgg5gye/9yvmTz/IMrS4rOQ=
last-modified
Mon, 28 Feb 2022 18:48:28 GMT
server
cloudflare
etag
W/"5ec3a032a0370bd8e3f63adf430b4617"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
max-age=86400
cf-ray
6e62255fa87619df-EWR
cf-bgj
minify
EU
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/ 		33 B
257 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery32109648043187125417_1646308136676&_=1646308136677
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74a177fc1af5246cc572eefeace79f1466d87bf27daf0f35aa2a601f15aac156
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6e62255fcb058ca8-EWR
content-length
33
h
heapanalytics.com/ 		37 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=1566116007&u=1841682043291337&v=2665113827604000&s=5223150494018539&b=web&tv=4.0&z=0&g=%23!%2Fdonation%2Fcheckout%3Fc_src%3DURLShortener%26c_src2%3Dukrainecrisis&h=%2Fgive%2F393706%2F&d=give.sawso.org&t=Help%20in%20Ukraine&ts=1646308136897&st=1646308136906
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.107.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-107-245.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:56 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D1F) /
Resource Hash
c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 11:48:57 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
478
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
29178
x-tw-cdn
VZ
Last-Modified
Wed, 16 Feb 2022 18:46:17 GMT
Server
ECS (nyb/1D1F)
Etag
"f7f936f48944db7f829585c4368f33ae+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
iframe_api
www.youtube.com/ 		980 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2277fa90bcd2ea9e62a33e16a974903c84360b09a21060739cecb6627e2dd796
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
expires
Thu, 03 Mar 2022 11:48:57 GMT
tax-entities
give.sawso.org/frs-api/organizations/49501/ 		397 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://give.sawso.org/frs-api/organizations/49501/tax-entities
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b52824ec68c3e1c0d9e14d8489e53230b7b3d96388a511559157479d05efd0cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN
BmQJTgdp-OIls1CWh0gpxOHgUF2rNQ1xqm_c
tracestate
423787@nr=0-1-423787-363751183-64e34484d46c986b----1646308137161
traceparent
00-190dae1bb1ec7f342292c6debbeec3c0-64e34484d46c986b-01
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI2NGUzNDQ4NGQ0NmM5ODZiIiwidHIiOiIxOTBkYWUxYmIxZWM3ZjM0MjI5MmM2ZGViYmVlYzNjMCIsInRpIjoxNjQ2MzA4MTM3MTYxfX0=
Accept
application/json, text/plain, */*
csrf-token
BmQJTgdp-OIls1CWh0gpxOHgUF2rNQ1xqm_c
Referer
https://give.sawso.org/give/393706/

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"18d-PP2tDy6T+LZI1rmul8axOQOt4Zg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
cache-control
private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
6e6225617efb1849-EWR
vary
Accept-Encoding
ach-account-routing
give.sawso.org/frs-api/organizations/49501/ 		33 B
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://give.sawso.org/frs-api/organizations/49501/ach-account-routing
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN
BmQJTgdp-OIls1CWh0gpxOHgUF2rNQ1xqm_c
tracestate
423787@nr=0-1-423787-363751183-24551dc5909b14d0----1646308137195
traceparent
00-a4694380165687eb49e948cb871ec1b0-24551dc5909b14d0-01
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIyNDU1MWRjNTkwOWIxNGQwIiwidHIiOiJhNDY5NDM4MDE2NTY4N2ViNDllOTQ4Y2I4NzFlYzFiMCIsInRpIjoxNjQ2MzA4MTM3MTk1fX0=
Accept
application/json, text/plain, */*
csrf-token
BmQJTgdp-OIls1CWh0gpxOHgUF2rNQ1xqm_c
Referer
https://give.sawso.org/give/393706/

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"21-x2mDQC0vzbrt0ZWFDFk/7jYh9jg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
cache-control
private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
6e622561af3c1849-EWR
vary
Accept-Encoding
content-length
33
paypal
pay.classy.org/token/ 		124 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.classy.org/token/paypal?applicationId=8570&currency=USD
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b32d8805bfd4482dc3edc40e4090b436cf1e52f3cb497bc09b6edf22a49f75df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://give.sawso.org/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
via
1.1 e6d15137ec23376f4c8a22e6edb289bc.cloudfront.net (CloudFront)
x-classypay-version
1
cf-cache-status
DYNAMIC
x-amz-cf-pop
EWR52-C1
x-cache
Miss from cloudfront
x-classypay-requestid
8e6b7bfe-0778-4d2a-be57-d6758e186f58
content-encoding
br
vary
Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
6e6225636b868ce0-EWR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id
RIuckpzGi775A4-FSScQ7UNUa6fmHqQav4_BgYgwQcR4Y06jQ7HffA==
plaid
pay.classy.org/token/ 		88 B
1021 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.classy.org/token/plaid?applicationId=8570&currency=USD
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://give.sawso.org/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
via
1.1 6e24e95f882f20707346a032d1fa2948.cloudfront.net (CloudFront)
x-classypay-version
1
cf-cache-status
DYNAMIC
x-amz-cf-pop
EWR52-C1
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=5tmlrHDRdHjfINv4U4p3dERX5BoLmyh.LjpR09G2qxQ-1646308137-0-AYzPi4QCCIIeiBA4lpdETWTpdna-xdbXBDNTbm3mRNwQq8prJgHvpCInj4EuAPewZBzUs98eQRCDN7rJxK_EcXM
x-cache
Miss from cloudfront
x-classypay-requestid
2db22bfe-9794-44e4-b6fd-9b0a6b5d0d5d
content-encoding
br
vary
Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
6e6225636b878ce0-EWR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id
ox3-rk_Lin33EZ0aFdwBDjUV5aeBWBIkJ04WrBYqEKlV7DJGf1S7WQ==
estimate
give.sawso.org/frs-api/transaction/ 		1 KB
609 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://give.sawso.org/frs-api/transaction/estimate
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6e8d344ff0a1adc7c83bdf0736a744fb5db794bd3b07cc3ddd2f4b2924b5518
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN
BmQJTgdp-OIls1CWh0gpxOHgUF2rNQ1xqm_c
tracestate
423787@nr=0-1-423787-363751183-1aea35ae9364667c----1646308137285
traceparent
00-ccec2d52115d31bb8cb008207a788570-1aea35ae9364667c-01
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIxYWVhMzVhZTkzNjQ2NjdjIiwidHIiOiJjY2VjMmQ1MjExNWQzMWJiOGNiMDA4MjA3YTc4ODU3MCIsInRpIjoxNjQ2MzA4MTM3Mjg1fX0=
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
csrf-token
BmQJTgdp-OIls1CWh0gpxOHgUF2rNQ1xqm_c
Referer
https://give.sawso.org/give/393706/

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"43a-fGKMHC5quJm/yxJygOfMhobYsMs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
cache-control
private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
6e6225624ff31849-EWR
vary
Accept-Encoding
user-icon.png
give.sawso.org/static/global/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://give.sawso.org/static/global/images/user-icon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/give/393706/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
vary
Accept, Accept-Encoding
cf-cache-status
HIT
age
498137
cf-polished
origFmt=png, origSize=4588
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=BNxowbWz5hvV0m0ob0li8F3700T9xa3UMT8O9Nb3rEg-1646308137-0-AU9lSHq78pSBiHnmta4fNTF2eEsIghZ-YRYltK8f0KarY07kt_D0PA6eN45sl_7gXk9klcdbWErl2Vw_tSu-Z3w
content-disposition
inline; filename="user-icon.webp"
cf-bgj
imgq:85,h2pri
content-length
2024
last-modified
Wed, 26 Jan 2022 18:28:22 GMT
server
cloudflare
etag
"61f192c6-11ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6e6225625ff71849-EWR
expires
Sat, 25 Feb 2023 17:26:40 GMT
dea5da98-c58a-11e8-80f8-06dfe0fe5fcc.jpg
assets.classy.org/6538476/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.classy.org/6538476/dea5da98-c58a-11e8-80f8-06dfe0fe5fcc.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
277def1230f5f7940f224b2b93adb04b1c116cf906adf030a74d64082eab4428
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
via
1.1 44c3684463dfb1f60dc276fec7fe9d92.cloudfront.net (CloudFront)
vary
Accept, Accept-Encoding
cf-cache-status
HIT
age
42592
cf-polished
qual=85, origFmt=jpeg, origSize=165159
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="dea5da98-c58a-11e8-80f8-06dfe0fe5fcc.webp"
content-length
27644
last-modified
Mon, 01 Oct 2018 15:01:28 GMT
server
cloudflare
etag
"e020d0e2575cc66dbea26a4cf5b27df2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/webp
cache-control
public,max-age=31536000
x-amz-version-id
S6oSdGC77aO_BDWAk3iEbBE4z7utH89e
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
cf-ray
6e6225626b4819df-EWR
x-amz-cf-id
jj2erRfJjqhsdlPEeGSfbv4ok-XQJH90IzzAE1rt6VtUd61uuYSE1w==
cf-bgj
imgq:85,h2pri
88f2bdec-feca-11eb-a2a9-0a002c4a0333.png
assets.classy.org/6194986/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.classy.org/6194986/88f2bdec-feca-11eb-a2a9-0a002c4a0333.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
236a55d1369138eb71057e01381c1713a8f2e87887635e6c52c606507ade754a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
via
1.1 fba70d1e4c74a3621a7d03b3d021b4dc.cloudfront.net (CloudFront)
vary
Accept, Accept-Encoding
cf-cache-status
HIT
age
42592
cf-polished
origFmt=png, origSize=150008
x-cache
Miss from cloudfront
x-amz-replication-status
FAILED
content-disposition
inline; filename="88f2bdec-feca-11eb-a2a9-0a002c4a0333.webp"
content-length
47476
x-amz-server-side-encryption
AES256
last-modified
Mon, 16 Aug 2021 19:45:42 GMT
server
cloudflare
etag
"60853cfaf13aa774b05a0eaffe3a4f21"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/webp
cache-control
public,max-age=31536000
x-amz-version-id
IA5nsaJwUyGGHMZAKefmcRTYRkm7uh5m
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
cf-ray
6e6225626b4919df-EWR
x-amz-cf-id
oCgOftyR5aC2EXeBwJhgkKG-uXZgeoOW_lwPYFKd-bgb-rIJT6tV7w==
cf-bgj
imgq:85,h2pri
5e5a6e9c-9658-11ec-b6e9-0a7d6c5ad0cd.jpg
assets.classy.org/6194986/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.classy.org/6194986/5e5a6e9c-9658-11ec-b6e9-0a7d6c5ad0cd.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7d05d135b2376ea2d1570a3315652955c5ea3484422b4be31bbf2b61281d76d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
via
1.1 3f65d34f6010e326e59d2f311de6e202.cloudfront.net (CloudFront)
vary
Accept, Accept-Encoding
cf-cache-status
HIT
age
44318
cf-polished
qual=85, origFmt=jpeg, origSize=6239
x-cache
Miss from cloudfront
x-amz-replication-status
FAILED
content-disposition
inline; filename="5e5a6e9c-9658-11ec-b6e9-0a7d6c5ad0cd.webp"
content-length
1712
x-amz-server-side-encryption
AES256
last-modified
Fri, 25 Feb 2022 16:31:24 GMT
server
cloudflare
etag
"42cf5b796aeead4d4bc2e837ba05fe69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/webp
cache-control
public,max-age=31536000
x-amz-version-id
CJGNnxBa0ffCNsj2am9Z_r7ccFIBQo57
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
cf-ray
6e6225626b4a19df-EWR
x-amz-cf-id
LwqaWP8lsjJzHaZQnXVGRhwQyvznDdaaeeAu5Sw-0vw1rlDOefzLCg==
cf-bgj
imgq:85,h2pri
dropdown-caret.png
prod-frs.content.classy.org/prod/15992/static/global/images/ 		394 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-frs.content.classy.org/prod/15992/static/global/images/dropdown-caret.png
Requested by
Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/15992/static/frs/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://prod-frs.content.classy.org/prod/15992/static/frs/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
vary
Accept
cf-cache-status
HIT
age
46101
cf-polished
origFmt=png, origSize=547
cf-ray
6e6225625b3a19df-EWR
content-disposition
inline; filename="dropdown-caret.webp"
content-length
394
x-amz-id-2
G3/IqoLcY+cjlh0fdnURmisR88Tm8XcK/61Bfrvfg3WhdTL6F5B6ciPnM4vjd+AIElJnuTsjqzg=
last-modified
Mon, 28 Feb 2022 18:48:28 GMT
server
cloudflare
etag
"43da60879cfe0801ed7fc830a628885c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-request-id
EHZPGZD9NZ7TFECS
cache-control
max-age=86400
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri
ClassyIcons.woff
prod-frs.content.classy.org/prod/15992/static/global/fonts/ 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prod-frs.content.classy.org/prod/15992/static/global/fonts/ClassyIcons.woff
Requested by
Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/15992/static/frs/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efc40ac03f23ad6424550a577d9cb70e7e425a4366357ae228053dbbc632fd37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://prod-frs.content.classy.org/prod/15992/static/frs/main.css
Origin
https://give.sawso.org
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
35462
cf-ray
6e6225639e021780-EWR
strict-transport-security
max-age=31536000; includeSubDomains
content-length
43184
x-amz-id-2
vAAuGzIqN6pYsJHsGzbpw56vdOQhanCVL8Yp3JITQ9BNJZdhp/VZJtvyKPFOBKCo+xo8o27nFzM=
last-modified
Mon, 28 Feb 2022 18:48:28 GMT
server
cloudflare
etag
"89940b32064fbee01870f8a3f8e4c74d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
0
access-control-allow-methods
GET, HEAD
x-amz-request-id
QP59J7X20D8F5WHM
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-type
application/x-font-woff
fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/15992/static/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prod-frs.content.classy.org/prod/15992/static/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/15992/static/frs/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://prod-frs.content.classy.org/prod/15992/static/frs/main.css
Origin
https://give.sawso.org
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
35462
cf-ray
6e6225639e031780-EWR
strict-transport-security
max-age=31536000; includeSubDomains
content-length
66624
x-amz-id-2
OajRvL6bQVmM0NH7JTBNp6ZsjKu9gfyT/4LkruNaPbPaAXRmgVzlw10vLGKlhwvFrmQYYHZpQbM=
last-modified
Mon, 28 Feb 2022 18:48:28 GMT
server
cloudflare
etag
"db812d8a70a4e88e888744c1c9a27e89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
0
access-control-allow-methods
GET, HEAD
x-amz-request-id
QP5B6V97Z4FB3SED
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-type
binary/octet-stream
rum
give.sawso.org/cdn-cgi/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://give.sawso.org/cdn-cgi/rum?
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
tracestate
423787@nr=0-1-423787-363751183-299a10bca7e797db----1646308137349
traceparent
00-b750342e8710ff9ce1de8fa4e82674d0-299a10bca7e797db-01
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIyOTlhMTBiY2E3ZTc5N2RiIiwidHIiOiJiNzUwMzQyZTg3MTBmZjljZTFkZThmYTRlODI2NzRkMCIsInRpIjoxNjQ2MzA4MTM3MzQ5fX0=
content-type
application/json
Referer
https://give.sawso.org/give/393706/

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://give.sawso.org
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6e622562b8721849-EWR
vary
Origin
csp-report
q.stripe.com/ Frame 4A5A 		0
357 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://js.stripe.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
server
nginx
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
x-envoy-upstream-service-time
1
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length
0
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5fa553b3ca22c21a48fb04341944ed72eff3fc14e3bee039d4f92dccfb270bda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 11:31:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 03 Mar 2022 11:48:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Mar 2022 11:48:57 GMT
stripe
pay.classy.org/token/ 		99 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.classy.org/token/stripe?applicationId=8570&currency=USD
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f5b45b810b836ed0af927382cb374ab7e23d58312e17b44560bdd419309810e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://give.sawso.org/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
via
1.1 e6d15137ec23376f4c8a22e6edb289bc.cloudfront.net (CloudFront)
x-classypay-version
1
cf-cache-status
DYNAMIC
x-amz-cf-pop
EWR52-C1
x-cache
Miss from cloudfront
x-classypay-requestid
4b3cfe40-97f9-410d-bf35-f78be4ef986a
content-encoding
br
vary
Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
6e6225636b888ce0-EWR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id
eGbmw4lm9QVbG93rXl2lMFkNt21KuI6FrIoVJimfeUskGn5LoHKPyw==
collect
www.google-analytics.com/j/ 		4 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2009905384&t=timing&_s=1&dl=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Help%20in%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20latency&utv=fresh&utl=1646308136970&utt=387&_u=aGDACEABBAAAAC~&jid=1752813970&gjid=147470524&cid=641797413.1646308137&tid=UA-3837893-1&_gid=623306121.1646308137&_r=1&_slc=1&cd1=49501&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=393706&cd6=campaign&cd11=recurring%20optimization&z=1497135940
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://give.sawso.org/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://give.sawso.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=2009905384&t=timing&_s=2&dl=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Help%20in%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20first%20byte&utv=fresh&utl=1646308136970&utt=714&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=641797413.1646308137&tid=UA-3837893-1&_gid=623306121.1646308137&cd1=49501&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=393706&cd6=campaign&cd11=recurring%20optimization&z=779442698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 20:04:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
56691
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=2009905384&t=timing&_s=3&dl=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Help%20in%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20last%20byte&utv=fresh&utl=1646308136970&utt=722&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=641797413.1646308137&tid=UA-3837893-1&_gid=623306121.1646308137&cd1=49501&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=393706&cd6=campaign&cd11=recurring%20optimization&z=1812024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 20:04:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
56691
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=2009905384&t=timing&_s=4&dl=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Help%20in%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20document%20ready&utv=fresh&utl=1646308136970&utt=883&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=641797413.1646308137&tid=UA-3837893-1&_gid=623306121.1646308137&cd1=49501&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=393706&cd6=campaign&cd11=recurring%20optimization&z=928814198
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 20:04:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
56691
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=2009905384&t=timing&_s=5&dl=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Help%20in%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20view%20rendered&utv=fresh&utl=1646308136970&utt=1890&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=641797413.1646308137&tid=UA-3837893-1&_gid=623306121.1646308137&cd1=49501&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=393706&cd6=campaign&cd11=recurring%20optimization&z=779596222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 20:04:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
56691
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
telemetry
heapanalytics.com/api/ 		37 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/api/telemetry?a=1566116007&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=8&st=1646308137411&hv=4.17.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.107.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-107-245.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:57 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
jquery-3.3.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
https://give.sawso.org/
Origin
https://give.sawso.org
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-1538f"
vary
Accept-Encoding
x-hw
1646308137.dop147.ny3.t,1646308137.cds208.ny3.hn,1646308137.cds029.ny3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30288
m-outer-67740208de0918bdf73920776d3deaed.js
js.stripe.com/v3/fingerprinted/js/ Frame 4A5A 		1 KB
795 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-67740208de0918bdf73920776d3deaed.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-ce3cdfac755a319f13136d294df99983.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/m-outer-ce3cdfac755a319f13136d294df99983.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
39
x-cache
HIT
content-length
645
etag
"d0c7e21ec457b6a134a496f107c3ca93"
x-request-id
0a36e921-f2ed-492e-a785-a0cf12a22eff
x-served-by
cache-lga21920-LGA
access-control-allow-origin
*
last-modified
Mon, 28 Feb 2022 20:03:13 GMT
server
Fastly
date
Thu, 03 Mar 2022 11:48:57 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
19
67fe2a1b26
bam-cell.nr-data.net/1/ 		49 B
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/67fe2a1b26?a=363721230&v=1215.1253ab8&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaV1wQUEoKUwMJQlkMUl58Ah8%3D&rst=1944&ck=1&ref=https://give.sawso.org/give/393706/&ap=172.284703&be=875&fe=1406&dc=1403&tt=11b3007e3d4f9b0&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1646308135487,%22n%22:0,%22f%22:159,%22dn%22:160,%22dne%22:215,%22c%22:215,%22s%22:296,%22ce%22:387,%22rq%22:387,%22rp%22:714,%22rpe%22:722,%22dl%22:717,%22di%22:738,%22ds%22:818,%22de%22:818,%22dc%22:873,%22l%22:873,%22le%22:883%7D,%22navigation%22:%7B%7D%7D&fp=1870&fcp=1870&jsonp=NREUM.setToken
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 11:48:57 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
6e62256419e58c9b-EWR
id
dpm.demdex.net/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=20A0289659302A7E0A495D28%40AdobeOrg&d_nsid=0&ts=1646308137476
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.181.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-181-31.compute-1.amazonaws.com
Software
/
Resource Hash
3764bbc6c69437d04ecea588610e41505c16f8c10d642be08542ec46f8f82c58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://give.sawso.org/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-va6-1-v028-0ecd26dfe.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
I60JqDTnRYo=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://give.sawso.org
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1192
Expires
Thu, 01 Jan 1970 00:00:00 UTC
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2009905384&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Help%20in%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=gtm.js&ea=gtm.js&el=give.sawso.org&ev=0&_u=aGDACEABBAAAAC~&jid=736309967&gjid=1690759639&cid=641797413.1646308137&tid=UA-51388709-1&_gid=623306121.1646308137&_r=1&gtm=2wg2s0PMXWH57&z=804055350
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://give.sawso.org/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://give.sawso.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3901
date
Thu, 03 Mar 2022 10:43:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 03 Mar 2022 12:43:56 GMT
ActivityServer.bs
bs.serving-sys.com/Serving/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving/ActivityServer.bs?cn=as&ActivityID=550371&rnd=641548.5041763908&UniqueDonorID=undefined&ZipCode=undefined&NewDonor=[NewDonor]&Revenue=undefined&Territory=[Territory]
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.92.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-92-210.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
33aa0827f30e39a9b5ce0378184af79906a3e31f283386c25615163e7f2d1c53

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:57 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin
*
cache-control
no-cache, no-store
content-type
text/html; charset=UTF-8
content-length
646
expires
Sun, 05-Jun-2005 22:00:00 GMT
oct.js
static.ads-twitter.com/
Redirect Chain
  • https://platform.twitter.com/oct.js
  • https://static.ads-twitter.com/oct.js
14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/oct.js
Protocol
H2
Server
199.232.36.157 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
content-encoding
gzip
last-modified
Sat, 05 Feb 2022 01:07:27 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kiad7000149-IAD, cache-lga21925-LGA

Redirect headers

x-tw-cdn
VZ
Date
Thu, 03 Mar 2022 11:48:57 GMT
Server
ECS (nyb/1D1F)
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Location
https://static.ads-twitter.com/oct.js
Server-Timing
"x-cache;desc= ,x-tw-cdn;desc=",edge;dur=1
Content-Length
0
js
www.googletagmanager.com/gtag/ 		146 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-827406829
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a9e45b5a1fb5928520e632bbb26c60eac0f713ae9c1aa510c7caf2b952893817
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55482
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 03 Mar 2022 11:48:57 GMT
last-event-tag-latest.min.js
www.everestjs.net/static/le/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.everestjs.net/static/le/last-event-tag-latest.min.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.96.61 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-96-61.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
abb45ae4b3a896ae99132c1786a9676218c119ea552d3fbb5ab6d40d9e05e43c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
Last-Modified
Wed, 16 Jun 2021 15:18:41 GMT
Server
AmazonS3
x-amz-request-id
DZRMBZFB7KK281DH
ETag
"d5991c18a0042eb33f92c6b5b44ffe8d"
Vary
Accept-Encoding
Content-Type
application/javascript
Date
Thu, 03 Mar 2022 11:48:58 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2663
x-amz-id-2
j+sL90zVapZ12m/6amKSS4cZ2LoMWX9T2aSEkFPohCqFLebI45j0kldq+/DJ5nEyXKEhRkKf+ks=
uwt.js
static.ads-twitter.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.36.157 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
content-encoding
gzip
last-modified
Sat, 05 Feb 2022 01:07:27 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kjyo7100093-IAD, cache-lga21925-LGA
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:56 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 23:54:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 26801B0F08D54E39A9FAA1336F641288 Ref B: EWR30EDGE1117 Ref C: 2022-03-03T11:48:57Z
etag
"806a236c101ed81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11333
www-widgetapi.js
www.youtube.com/s/player/3bd7a7ee/www-widgetapi.vflset/ 		152 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/3bd7a7ee/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6654cdce4772c6e6d896c5ff548af91be2430caa8b1a8f6d60345fc15738bdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 01:38:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
36645
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50321
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 00:19:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 03 Mar 2023 01:38:12 GMT
widget_iframe.a58e82e150afc25eb5372dd55a98b778.html
platform.twitter.com/widgets/ Frame DD98 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fgive.sawso.org
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D20) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
733957
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Thu, 03 Mar 2022 11:48:57 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Wed, 16 Feb 2022 18:36:30 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (nyb/1D20)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
collect
stats.g.doubleclick.net/j/ 		1 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3837893-1&cid=641797413.1646308137&jid=1752813970&gjid=147470524&_gid=623306121.1646308137&_u=aGDACEAABAAAAC~&z=62718918
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.sawso.org/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 03 Mar 2022 11:48:57 GMT
content-type
text/plain
access-control-allow-origin
https://give.sawso.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
inner.html
m.stripe.network/ Frame 118A 		932 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-67740208de0918bdf73920776d3deaed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:9200:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw=' 'report-sample'; style-src https://m.stripe.network 'report-sample'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://js.stripe.com/

Response headers

content-type
text/html; charset=utf-8
content-length
932
last-modified
Fri, 28 Jan 2022 20:07:53 GMT
accept-ranges
bytes
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
x-content-type-options
nosniff
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw=' 'report-sample'; style-src https://m.stripe.network 'report-sample'; report-uri https://q.stripe.com/csp-report
date
Thu, 03 Mar 2022 11:46:06 GMT
cache-control
max-age=300, public
etag
"f6254e6dd0cb06228801a1c8baf0939f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 3f65d34f6010e326e59d2f311de6e202.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
XHO7qQD85sqMeu2TPXDgw0VtArkI6fcRrCDop6gq1JpccggF1-tjTg==
age
172
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=2009905384&t=timing&_s=6&dl=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Help%20in%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20fully%20loaded&utv=fresh&utl=1646308136970&utt=2083&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=641797413.1646308137&tid=UA-3837893-1&_gid=623306121.1646308137&cd1=49501&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=393706&cd6=campaign&cd11=recurring%20optimization&z=953054032
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 12:39:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83373
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-51388709-1&cid=641797413.1646308137&jid=736309967&gjid=1690759639&_gid=623306121.1646308137&_u=aGDACEABBAAAAC~&z=41031835
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.sawso.org/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 03 Mar 2022 11:48:57 GMT
content-type
text/plain
access-control-allow-origin
https://give.sawso.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
controller-11ddfb9d1b717b796454674767f13508.html
js.stripe.com/v3/ Frame A74B 		349 B
639 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-11ddfb9d1b717b796454674767f13508.html
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
7363737e6085c8bccb21750e5b090025d8da016074812f889411f0de954bc5e6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/

Response headers

last-modified
Wed, 02 Mar 2022 22:17:04 GMT
etag
"11ddfb9d1b717b796454674767f13508"
cache-control
max-age=60
content-type
text/html; charset=utf-8
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
server
Fastly
content-encoding
br
accept-ranges
bytes
date
Thu, 03 Mar 2022 11:48:57 GMT
via
1.1 varnish
age
50
x-request-id
24b17827-7150-4d4b-becc-b5dcd4276c63
x-served-by
cache-lga21920-LGA
x-cache
HIT
x-cache-hits
6
vary
Accept-Encoding
timing-allow-origin
*
content-length
167
payment-request-inner-google-pay-f3c243e24e2fb9589c04af30fe70ed74.html
js.stripe.com/v3/ Frame 40C7 		434 B
645 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-google-pay-f3c243e24e2fb9589c04af30fe70ed74.html
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
3eb46ac51a19783fc2372951df04b02b639d6eacba2d6f6ef0c3fad9a1701c81
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/

Response headers

last-modified
Wed, 02 Mar 2022 22:17:05 GMT
etag
"f3c243e24e2fb9589c04af30fe70ed74"
cache-control
max-age=60
content-type
text/html; charset=utf-8
content-security-policy
default-src 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; report-uri https://q.stripe.com/csp-report
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
server
Fastly
content-encoding
br
accept-ranges
bytes
date
Thu, 03 Mar 2022 11:48:57 GMT
via
1.1 varnish
age
36
x-request-id
825622bc-bccc-4ff6-8906-66205d33c3e8
x-served-by
cache-lga21920-LGA
x-cache
HIT
x-cache-hits
2
vary
Accept-Encoding
timing-allow-origin
*
content-length
197
payment-request-inner-browser-b51919bd0f0a8c44e76dbe1b415ff066.html
js.stripe.com/v3/ Frame 9EBB 		370 B
612 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-browser-b51919bd0f0a8c44e76dbe1b415ff066.html
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
55f69a55e7c589e20181de0a16d8635780fa2301dc4ab519cb6c8e1397bbef39
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/

Response headers

last-modified
Wed, 02 Mar 2022 22:17:04 GMT
etag
"b51919bd0f0a8c44e76dbe1b415ff066"
cache-control
max-age=60
content-type
text/html; charset=utf-8
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
server
Fastly
content-encoding
br
accept-ranges
bytes
date
Thu, 03 Mar 2022 11:48:57 GMT
via
1.1 varnish
age
55
x-request-id
e5087961-59a2-4b79-a4f3-b0dffd8b9caa
x-served-by
cache-lga21920-LGA
x-cache
HIT
x-cache-hits
3
vary
Accept-Encoding
timing-allow-origin
*
content-length
178
js
www.paypal.com/sdk/ 		330 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?components=buttons,funding-eligibility&enable-funding=venmo&currency=USD&client-id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&merchant-id=BXJ5YSTWHSQYQ&commit=false
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dfdee93b487ce959d0876f39e2808140fe5cc8ba88466c3ed9c00f20026f3a30
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-s45POQc+qoAc25NO/XD3GLLQtYxYRE4RoYbgyGxy5QdnP3Z3' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-s45POQc+qoAc25NO/XD3GLLQtYxYRE4RoYbgyGxy5QdnP3Z3' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-s45POQc+qoAc25NO/XD3GLLQtYxYRE4RoYbgyGxy5QdnP3Z3' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-s45POQc+qoAc25NO/XD3GLLQtYxYRE4RoYbgyGxy5QdnP3Z3' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
age
1438
via
1.1 varnish, 1.1 varnish
x-cache
MISS, HIT
p3p
true
paypal-debug-id
f91736014831d
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
102946
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100100-IAD, cache-lga21944-LGA
x-timer
S1646308138.662901,VS0,VE3
x-frame-options
SAMEORIGIN
date
Thu, 03 Mar 2022 11:48:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=10800
etag
W/"19222-45Mf1DP0pYB2M24maOw8EOPBzmE"
accept-ranges
bytes
x-cache-hits
0, 1
csp-report
q.stripe.com/ Frame A74B 		0
356 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://js.stripe.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
server
nginx
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
x-envoy-upstream-service-time
1
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length
0
csp-report
q.stripe.com/ Frame 40C7 		0
356 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://js.stripe.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
server
nginx
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
x-envoy-upstream-service-time
1
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length
0
csp-report
q.stripe.com/ Frame 9EBB 		0
356 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://js.stripe.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
server
nginx
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
x-envoy-upstream-service-time
1
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length
0
settings
syndication.twitter.com/ Frame DD98 		233 B
447 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=9680d0d71c79687566444b2a5479faeaeecd1634
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fgive.sawso.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
2816082c025f64540b613fde3096d814ae21ac75279461ec1d6bcb5c07099fdd
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time
6
date
Thu, 03 Mar 2022 11:48:57 GMT
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 11:48:57 GMT
server
tsa_b
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
bfe0d394802ff219d0b9ba04b0d1dec94f53a06feebcca338fe49d791a36995c
content-length
167
adsct
analytics.twitter.com/i/ 		31 B
237 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=l54yg&tw_sale_amount=undefined&tw_order_quantity=undefined&tw_iframe_status=0&event_id=3be59aea-4e50-4291-ab0e-b125f874f42e&tw_document_href=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F%23!%2Fdonation%2Fcheckout%3Fc_src%3DURLShortener%26c_src2%3Dukrainecrisis&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time
7
date
Thu, 03 Mar 2022 11:48:57 GMT
content-encoding
gzip
server
tsa_b
strict-transport-security
max-age=631138519
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0
x-connection-hash
ba262a92e4d18a0fef4c8dbab5bc27e34334f7219c4a5a56b9d747b93dcd8180
content-type
application/javascript;charset=utf-8
content-length
57
adsct
t.co/i/ 		43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=l54yg&tw_sale_amount=undefined&tw_order_quantity=undefined&tw_iframe_status=0&event_id=3be59aea-4e50-4291-ab0e-b125f874f42e&tw_document_href=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F%23!%2Fdonation%2Fcheckout%3Fc_src%3DURLShortener%26c_src2%3Dukrainecrisis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time
6
date
Thu, 03 Mar 2022 11:48:57 GMT
server
tsa_b
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
91285038954f05cbc6482b6cd38aa36c0b65a504f05a96ddf0c6d8ef7b1d1207
content-length
43
shared-85fd1b545fd560e7f16b520f4aa11d1b.js
js.stripe.com/v3/fingerprinted/js/ Frame A74B 		205 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-85fd1b545fd560e7f16b520f4aa11d1b.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-11ddfb9d1b717b796454674767f13508.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
373a259f7128f9b8f9ca552627f4986a05c4c081f6528b308ffb3dee358a5a74
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/controller-11ddfb9d1b717b796454674767f13508.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
50
x-cache
HIT
content-length
51477
etag
"01e8251b2ee27fe2a4fbd5095fb0dc7d"
x-request-id
fe58ff99-adb5-4978-9b59-3f6bbbc1f176
x-served-by
cache-lga21920-LGA
access-control-allow-origin
*
last-modified
Wed, 02 Mar 2022 22:17:15 GMT
server
Fastly
date
Thu, 03 Mar 2022 11:48:57 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
6
controller-a9f6cb0fddd49d309a87b91867df07e5.js
js.stripe.com/v3/fingerprinted/js/ Frame A74B 		331 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-a9f6cb0fddd49d309a87b91867df07e5.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-11ddfb9d1b717b796454674767f13508.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
d92368b6b477aa5816b65de648b901b23638fbe5b4ee34a90314b4c142ce79a8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/controller-11ddfb9d1b717b796454674767f13508.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
33
x-cache
HIT
content-length
85182
etag
"170fe52d5e55166f41313a5972d8246a"
x-request-id
a7d4832a-0345-4ef3-bd7e-81c441e7aa6a
x-served-by
cache-lga21920-LGA
access-control-allow-origin
*
last-modified
Wed, 02 Mar 2022 22:17:17 GMT
server
Fastly
date
Thu, 03 Mar 2022 11:48:57 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
4
pay.js
pay.google.com/gp/p/js/ Frame 40C7 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-f3c243e24e2fb9589c04af30fe70ed74.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1407::5c Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0ecde91d88dbb2ac0fee3fd1fbb92977853f7e91ba1977c2c33b04d237165693
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-tL9iNjM5Ohkfjw0RgKF+ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-tL9iNjM5Ohkfjw0RgKF+ow' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
cross-origin-opener-policy
same-origin; report-to="InstantbuyFrontendHttp"
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-tL9iNjM5Ohkfjw0RgKF+ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-tL9iNjM5Ohkfjw0RgKF+ow' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
expires
Thu, 03 Mar 2022 11:48:57 GMT
shared-85fd1b545fd560e7f16b520f4aa11d1b.js
js.stripe.com/v3/fingerprinted/js/ Frame 40C7 		205 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-85fd1b545fd560e7f16b520f4aa11d1b.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-f3c243e24e2fb9589c04af30fe70ed74.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
373a259f7128f9b8f9ca552627f4986a05c4c081f6528b308ffb3dee358a5a74
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-f3c243e24e2fb9589c04af30fe70ed74.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
50
x-cache
HIT
content-length
51477
etag
"01e8251b2ee27fe2a4fbd5095fb0dc7d"
x-request-id
bc9bad6b-d032-4441-92e3-fdf79ba3cd5b
x-served-by
cache-lga21920-LGA
access-control-allow-origin
*
last-modified
Wed, 02 Mar 2022 22:17:15 GMT
server
Fastly
date
Thu, 03 Mar 2022 11:48:57 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
7
payment-request-inner-google-pay-3a221349d0a7cd26d82a3c576de27ad1.js
js.stripe.com/v3/fingerprinted/js/ Frame 40C7 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-3a221349d0a7cd26d82a3c576de27ad1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-f3c243e24e2fb9589c04af30fe70ed74.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
9fa1f1dceac33f775634364cfd5f6f7ac199c8d8835584150fa3bfdb90c14c06
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-f3c243e24e2fb9589c04af30fe70ed74.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
36
x-cache
HIT
content-length
4384
etag
"22a6f248aafd8317728a0f81adec422e"
x-request-id
cf8f17dc-0cae-47ce-b827-6ea91fcdfbbe
x-served-by
cache-lga21920-LGA
access-control-allow-origin
*
last-modified
Mon, 28 Feb 2022 20:03:12 GMT
server
Fastly
date
Thu, 03 Mar 2022 11:48:57 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2
shared-85fd1b545fd560e7f16b520f4aa11d1b.js
js.stripe.com/v3/fingerprinted/js/ Frame 9EBB 		205 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-85fd1b545fd560e7f16b520f4aa11d1b.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-b51919bd0f0a8c44e76dbe1b415ff066.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
373a259f7128f9b8f9ca552627f4986a05c4c081f6528b308ffb3dee358a5a74
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-b51919bd0f0a8c44e76dbe1b415ff066.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
50
x-cache
HIT
content-length
51477
etag
"01e8251b2ee27fe2a4fbd5095fb0dc7d"
x-request-id
c0d8abf0-4d16-4c4a-8692-ee09135336c8
x-served-by
cache-lga21920-LGA
access-control-allow-origin
*
last-modified
Wed, 02 Mar 2022 22:17:15 GMT
server
Fastly
date
Thu, 03 Mar 2022 11:48:57 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
8
payment-request-inner-browser-05b583a5141366a84c20134c0f02eea9.js
js.stripe.com/v3/fingerprinted/js/ Frame 9EBB 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-05b583a5141366a84c20134c0f02eea9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-b51919bd0f0a8c44e76dbe1b415ff066.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
5ed01afec7a8885ac179d8946a1b9e8ea751051ec8495ba1c51c4b66367f69a3
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-b51919bd0f0a8c44e76dbe1b415ff066.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
30
x-cache
HIT
content-length
4063
etag
"ecab91c8eef71666a31a979393e13ad5"
x-request-id
4fc6e414-9b65-4379-929d-18ba1a60a9a4
x-served-by
cache-lga21920-LGA
access-control-allow-origin
*
last-modified
Mon, 28 Feb 2022 20:03:15 GMT
server
Fastly
date
Thu, 03 Mar 2022 11:48:57 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51388709-1&cid=641797413.1646308137&jid=736309967&_u=aGDACEABBAAAAC~&z=627263111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dest5.html
thesalvationarmy.demdex.net/ Frame 9A24 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thesalvationarmy.demdex.net/dest5.html?d_nsid=0
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.139.252 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-139-252.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Thu, 3 Mar 2022 11:48:58 GMT
DCS
dcs-prod-usw2-2-v025-04308963f.edge-usw2.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Mon, 14 Feb 2022 16:09:25 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
MuoXh6wDRr0=
transfer-encoding
chunked
Connection
keep-alive
id
thesalvationarmy.sc.omtrdc.net/ 		2 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://thesalvationarmy.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=20A0289659302A7E0A495D28%40AdobeOrg&mid=83179975797187033120693947332517638423&ts=1646308137694
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.212.155.93 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-212-155-93.us-west-2.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://give.sawso.org/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-74fcddc49f-bbnrf
vary
Origin
x-c
main-1585.I7afc85.M0-540
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://give.sawso.org
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YiCrKQAAAFOPYARA
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=83338073149347130610678269272526832418
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiCrKQAAAFOPYARA
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiCrKQAAAFOPYARA
Protocol
HTTP/1.1
Server
54.211.181.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-181-31.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v028-094b61eda.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
RUEZ2THfTmI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiCrKQAAAFOPYARA
Date
Thu, 03 Mar 2022 11:48:57 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
adsct
analytics.twitter.com/i/ 		31 B
458 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nvb33&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=5be06d57-5240-4071-b6ed-8bda69c86ab7&tw_document_href=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F%23!%2Fdonation%2Fcheckout%3Fc_src%3DURLShortener%26c_src2%3Dukrainecrisis&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time
5
date
Thu, 03 Mar 2022 11:48:56 GMT
content-encoding
gzip
server
tsa_b
strict-transport-security
max-age=631138519
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0
x-connection-hash
ba262a92e4d18a0fef4c8dbab5bc27e34334f7219c4a5a56b9d747b93dcd8180
content-type
application/javascript;charset=utf-8
content-length
57
adsct
t.co/i/ 		43 B
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nvb33&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=5be06d57-5240-4071-b6ed-8bda69c86ab7&tw_document_href=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F%23!%2Fdonation%2Fcheckout%3Fc_src%3DURLShortener%26c_src2%3Dukrainecrisis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time
6
date
Thu, 03 Mar 2022 11:48:57 GMT
server
tsa_b
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
91285038954f05cbc6482b6cd38aa36c0b65a504f05a96ddf0c6d8ef7b1d1207
content-length
43
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14884
x-xss-protection
0
server
cafe
etag
16747055602125368176
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 03 Mar 2022 11:48:57 GMT
js
www.googletagmanager.com/gtag/ 		102 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-590768768&l=dataLayer&cx=c
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
503ca51df348c460e10a0c105a076ec247d4a85045133a934bb7f39060b1a9c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40966
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 03 Mar 2022 11:48:57 GMT
js
www.googletagmanager.com/gtag/ 		99 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-590708955&l=dataLayer&cx=c
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
21a86cb0c5b58963de9d2140e861edfbbd5445fd7358deb88badcd09ef6db3d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40100
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 03 Mar 2022 11:48:57 GMT
5715322.js
bat.bing.com/p/action/ 		683 B
714 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5715322.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
bc0371de245112c0df044195130d049305d9cbe1a5f61ebbfe1cea8973dc8490

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:56 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 52E540CDC5934BB0A25C1A27593BA8A9 Ref B: EWR30EDGE1117 Ref C: 2022-03-03T11:48:57Z
x-powered-by
ARR/3.0
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store,no-cache
content-length
584
0
bat.bing.com/action/ 		0
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5715322&Ver=2&mid=378f1a2d-13e7-4e97-b786-25a2214dbd2c&sid=e8e895a09ae711ec901ee9a52311e8c5&vid=e8e97f509ae711ecb0e8414dce1132ca&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20to%20Help%20in%20Ukraine&p=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F%23!%2Fdonation%2Fcheckout%3Fc_src%3DURLShortener%26c_src2%3Dukrainecrisis&r=&lt=883&evt=pageLoad&msclkid=N&sv=1&rn=368080
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:56 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0CDA89FE9D724DF99C06DAC71FFB9D16 Ref B: EWR30EDGE1117 Ref C: 2022-03-03T11:48:57Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
5710159.js
bat.bing.com/p/action/ 		689 B
742 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5710159.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
55d96d837c19ca2db4cbfc87b8bf80c299d24179af70a94b0de76d62c42b73c8

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:56 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8C9CC5B27AFF4CC9A99D2F308B0F41C6 Ref B: EWR30EDGE1117 Ref C: 2022-03-03T11:48:57Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store,no-cache
content-length
589
0
bat.bing.com/action/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5710159&Ver=2&mid=b6ee8b5f-9254-4b4b-b2d8-a60c5034819a&sid=e8e895a09ae711ec901ee9a52311e8c5&vid=e8e97f509ae711ecb0e8414dce1132ca&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20to%20Help%20in%20Ukraine&p=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F%23!%2Fdonation%2Fcheckout%3Fc_src%3DURLShortener%26c_src2%3Dukrainecrisis&r=&lt=883&evt=pageLoad&msclkid=N&sv=1&rn=140200
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:56 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2BC8665F985D466DB775E5FA21C7EFD2 Ref B: EWR30EDGE1117 Ref C: 2022-03-03T11:48:57Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframeResizer-6bb8ec1b02.js
give.sawso.org/sso/ssobuild/js/ 		22 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://give.sawso.org/sso/ssobuild/js/iframeResizer-6bb8ec1b02.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb92a1ef1cf264bb8eea72c2931c0792c88263258e00e86de118bdd5f1aae997
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
tracestate
423787@nr=0-1-423787-363751183-e7e99e5710d8e6f7----1646308137764
traceparent
00-1ea717ccd0bebe791cac4b6dab913620-e7e99e5710d8e6f7-01
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJlN2U5OWU1NzEwZDhlNmY3IiwidHIiOiIxZWE3MTdjY2QwYmViZTc5MWNhYzRiNmRhYjkxMzYyMCIsInRpIjoxNjQ2MzA4MTM3NzY0fX0=
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://give.sawso.org/give/393706/
X-Requested-With
XMLHttpRequest

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
498136
cf-polished
origSize=35133
cf-bgj
minify
last-modified
Wed, 26 Jan 2022 18:22:02 GMT
server
cloudflare
etag
W/"61f1914a-893d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
6e6225650b4e1849-EWR
expires
Sat, 25 Feb 2023 17:26:41 GMT
ebAttribution.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebAttribution.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.146.123 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-146-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
002b2cf2b425335f6965c68c3d1d3aa45c24e8da9046330d4303e9d2f6b27376

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
content-encoding
gzip
last-modified
Thu, 20 Jan 2022 15:46:38 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
etag
W/"c85b1c78821cc2745e549680847e0fe1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=458
accept-ranges
bytes
content-length
7813
x-amz-cf-id
uTE5K6cIbOOb_WA_JBsSzgvMShrfCNO6FvXz71Xzs1449UttAo6d8Q==
adsct
analytics.twitter.com/i/ 		31 B
92 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nvb33&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=de38bdbd-be0e-46d8-a846-36d61f50f3ef&tw_document_href=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F%23!%2Fdonation%2Fcheckout%3Fc_src%3DURLShortener%26c_src2%3Dukrainecrisis&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time
6
date
Thu, 03 Mar 2022 11:48:57 GMT
content-encoding
gzip
server
tsa_b
strict-transport-security
max-age=631138519
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0
x-connection-hash
ba262a92e4d18a0fef4c8dbab5bc27e34334f7219c4a5a56b9d747b93dcd8180
content-type
application/javascript;charset=utf-8
content-length
57
adsct
t.co/i/ 		43 B
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nvb33&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=de38bdbd-be0e-46d8-a846-36d61f50f3ef&tw_document_href=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F%23!%2Fdonation%2Fcheckout%3Fc_src%3DURLShortener%26c_src2%3Dukrainecrisis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time
6
date
Thu, 03 Mar 2022 11:48:57 GMT
server
tsa_b
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
91285038954f05cbc6482b6cd38aa36c0b65a504f05a96ddf0c6d8ef7b1d1207
content-length
43
pptm.js
www.paypal.com/tagmanager/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=give.sawso.org&t=xo&v=5.0.287&source=payments_sdk&mrid=BXJ5YSTWHSQYQ&client_id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&comp=buttons,funding-eligibility&vault=false
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
36fb889569aab047217a5f00d75452120ec9495d749fb8921e1c5f2f0bd66355
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-J6bmluofUrP4AKRUcC1clZ72L7HgZGyqu9ZwEE58btNNnST4' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-J6bmluofUrP4AKRUcC1clZ72L7HgZGyqu9ZwEE58btNNnST4' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
age
45514
x-cache
HIT, HIT
paypal-debug-id
f446857297446
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
4300
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000027-IAD, cache-lga21944-LGA
x-timer
S1646308138.841808,VS0,VE2
x-frame-options
SAMEORIGIN
date
Thu, 03 Mar 2022 11:48:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/x-javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
etag
W/"2f38-JDMl9QCL5m4RLY99VyF7LBb/6MY"
accept-ranges
bytes
x-cache-hits
1, 1
0
r.stripe.com/ Frame A74B 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-85fd1b545fd560e7f16b520f4aa11d1b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 03 Mar 2022 11:48:57 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14884
x-xss-protection
0
server
cafe
etag
16747055602125368176
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 03 Mar 2022 11:48:58 GMT
csp-report
q.stripe.com/ Frame 118A 		0
130 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://m.stripe.network/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 03 Mar 2022 11:48:58 GMT
x-envoy-upstream-service-time
1
server
nginx
content-length
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
logger
www.paypal.com/xoplatform/logger/api/ 		813 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
337c8507276f310305e27066531779c039ef82c1d93d178eb3cbb7db1e6fc008
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://give.sawso.org/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type
application/json

Response headers

date
Thu, 03 Mar 2022 11:48:58 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
f2738126a5fa9
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-iad-kjyo7100163-IAD, cache-lga21946-LGA
x-timer
S1646308138.282425,VS0,VE78
etag
W/"32d-KqpPtYKw9CMRqH+lpMQ3KmcS1pc"
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
access-control-allow-origin
https://give.sawso.org
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://give.sawso.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://give.sawso.org
cache-control
max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id
f273812c646a5
x-content-type-options
nosniff
dc
ccg11-origin-www-1.paypal.com
accept-ranges
none
via
1.1 varnish, 1.1 varnish
content-encoding
br
date
Thu, 03 Mar 2022 11:48:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-served-by
cache-iad-kjyo7100068-IAD, cache-lga21946-LGA
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1646308138.099672,VS0,VE95
vary
accept-encoding
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/827406829/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/827406829/?random=1646308137957&cv=9&fst=1646308137957&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2s0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F&tiba=Donate%20to%20Help%20in%20Ukraine&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c5ce540400b917b6aa995f875a562013ac61e93ecba1b8dd7a9b5bdd793ddf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1033
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
bid.g.doubleclick.net/xbbe/ Frame 534B 		0
550 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 03 Mar 2022 11:48:58 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 03 Mar 2022 11:48:58 GMT
cache-control
private
status
give.sawso.org/sso/ 		89 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://give.sawso.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery33105740548829461498_1646308137760&_=1646308137761
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
dc3ccdb6a61671be4315a129fc7707e82d62669a65679d1b0b50bf82bfc5a28e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
tracestate
423787@nr=0-1-423787-363751183-c372447c4a32f58f----1646308137963
traceparent
00-5ec3dff8a8c9c8b233c41e00387474b0-c372447c4a32f58f-01
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJjMzcyNDQ3YzRhMzJmNThmIiwidHIiOiI1ZWMzZGZmOGE4YzljOGIyMzNjNDFlMDAzODc0NzRiMCIsInRpIjoxNjQ2MzA4MTM3OTYzfX0=
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://give.sawso.org/give/393706/
X-Requested-With
XMLHttpRequest

Response headers

cf-ray
6e6225666d241849-EWR
date
Thu, 03 Mar 2022 11:48:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/5.6.40
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="Classy does not have a P3P policy."
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=kZOoUhd_668TxwElmYjjB1UMyPvKMMsSgaAMnc3n7Y0-1646308138-0-AV2lqTQ8oN6t_GVo8v1MPgU12wJ3104wOpaudN3VyZ0_rv1ZQ8lOR3VJnMkosTn_bUp8Q7LFYTWRqB9RH60VM7s
cache-control
no-cache
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-xss-protection
1; mode=block
js
www.paypal.com/sdk/ 		340 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?components=buttons,funding-eligibility&currency=USD&client-id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&intent=tokenize&vault=true
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e581c5b4b6e28f6a83d0d1953f502c8f61d3ba1940c62c5a92c95f43737317ee
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-qIELkcGiD+yUcGWZeozknJd9zz4W7SQzcODJ6kfWFORn+jFg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-qIELkcGiD+yUcGWZeozknJd9zz4W7SQzcODJ6kfWFORn+jFg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-qIELkcGiD+yUcGWZeozknJd9zz4W7SQzcODJ6kfWFORn+jFg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-qIELkcGiD+yUcGWZeozknJd9zz4W7SQzcODJ6kfWFORn+jFg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
age
7176
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
p3p
true
paypal-debug-id
f1880196110cb
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
106605
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100096-IAD, cache-lga21944-LGA
x-timer
S1646308138.013655,VS0,VE1
x-frame-options
SAMEORIGIN
date
Thu, 03 Mar 2022 11:48:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=10800
etag
W/"1a06d-Y30ykBdO7RwapdcIuIBgMtiOQJA"
accept-ranges
bytes
x-cache-hits
1, 3
0
r.stripe.com/ Frame A74B 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-85fd1b545fd560e7f16b520f4aa11d1b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 03 Mar 2022 11:48:58 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame A74B 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-85fd1b545fd560e7f16b520f4aa11d1b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 03 Mar 2022 11:48:58 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame A74B 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-85fd1b545fd560e7f16b520f4aa11d1b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 03 Mar 2022 11:48:58 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame A74B 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-85fd1b545fd560e7f16b520f4aa11d1b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 03 Mar 2022 11:48:58 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame A74B 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-85fd1b545fd560e7f16b520f4aa11d1b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 03 Mar 2022 11:48:58 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame A74B 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-85fd1b545fd560e7f16b520f4aa11d1b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 03 Mar 2022 11:48:58 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame A74B 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-85fd1b545fd560e7f16b520f4aa11d1b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 03 Mar 2022 11:48:58 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame A74B 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-85fd1b545fd560e7f16b520f4aa11d1b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 03 Mar 2022 11:48:58 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame A74B 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-85fd1b545fd560e7f16b520f4aa11d1b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 03 Mar 2022 11:48:58 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
ts
t.paypal.com/ 		42 B
949 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Donate%20to%20Help%20in%20Ukraine&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1646308138007&g=0&completeurl=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F%23!%2Fdonation%2Fcheckout%3Fc_src%3DURLShortener%26c_src2%3Dukrainecrisis&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.3.126.131 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-126-131.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Mar 2022 11:48:58 GMT
Timing-Allow-Origin
*
Strict-Transport-Security
max-age=63072000
Connection
keep-alive
P3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
Paypal-Debug-Id
2ae1f933cb190
Cache-Control
max-age=0, no-cache, no-store
Server-Timing
content-encoding;desc="",x-cdn;desc="akamai"
Content-Type
image/gif
Content-Length
42
Expires
Thu, 03 Mar 2022 11:48:58 GMT
payframe
pay.google.com/gp/p/ui/ Frame 8BD7 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4023:1407::5c Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2382c2e76b6d43f104bd8e7f7a91626b03e1ddcaadf9f6e9a8449ed3776c5a0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dBn6oJqnadXsTesP2GC3tQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-dBn6oJqnadXsTesP2GC3tQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://js.stripe.com/

Response headers

content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible
IE=edge
expires
Thu, 03 Mar 2022 11:48:58 GMT
date
Thu, 03 Mar 2022 11:48:58 GMT
cache-control
private, max-age=3600
strict-transport-security
max-age=31536000
content-security-policy
script-src 'report-sample' 'nonce-dBn6oJqnadXsTesP2GC3tQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-dBn6oJqnadXsTesP2GC3tQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
report-to
{"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]}
cross-origin-resource-policy
same-site
cross-origin-opener-policy
same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi"
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
clarity.js
www.clarity.ms/eus2/s/0.6.32/ 		53 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2/s/0.6.32/clarity.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:2008 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:57 GMT
content-encoding
br
etag
"1d82e1aac2b7990"
last-modified
Wed, 02 Mar 2022 09:48:30 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
x-azure-ref
0KqsgYgAAAAD+7ujYiz+HQatlpTx1qL1MTEFTMzBFREdFMDExNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges
bytes
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=13BB353D1BA54C57A356225B4277C644&RedC=c.clarity.ms&MXFR=39489AE697CF68A402158BBA93CF662E
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=13BB353D1BA54C57A356225B4277C644&MUID=34E063E27C196CD5316A72BE7D7B6D5A
42 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=13BB353D1BA54C57A356225B4277C644&MUID=34E063E27C196CD5316A72BE7D7B6D5A
Protocol
H2
Server
20.36.253.92 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:58 GMT
last-modified
Fri, 18 Feb 2022 23:15:27 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"6afd196a1d25d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:57 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E1B4CBA21E2A44C3AC85A7E74B81755B Ref B: EWR30EDGE1117 Ref C: 2022-03-03T11:48:58Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=13BB353D1BA54C57A356225B4277C644&MUID=34E063E27C196CD5316A72BE7D7B6D5A
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
EBUidCache.js
secure-ds.serving-sys.com/BurstingCachedScripts/UserProviders_1_19_0_0/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/BurstingCachedScripts/UserProviders_1_19_0_0/EBUidCache.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.146.123 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-146-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ebacb8069ea13a513ec42f29ad43140bb58a53c7206f0d65dbdbfbff75d6befd

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:58 GMT
content-encoding
gzip
last-modified
Thu, 20 Jan 2022 15:46:38 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C1
etag
W/"21cbddda333527c67445846e1000aeef"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1638689
accept-ranges
bytes
content-length
1338
x-amz-cf-id
UWglG_BFC2uQSxdcyibXZ4Y-kNoNQ6mvgA8NTNuyOt5CMIoF9Y80KA==
out-4.5.41.js
m.stripe.network/ Frame 118A 		85 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.41.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:9200:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
36
x-cache
Hit from cloudfront
date
Thu, 03 Mar 2022 11:48:25 GMT
last-modified
Fri, 28 Jan 2022 20:07:53 GMT
server
Cloudfront
etag
W/"2db385faf28cf5f9393cf01a0a1edfa2"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 3f65d34f6010e326e59d2f311de6e202.cloudfront.net (CloudFront)
cache-control
max-age=300, public
x-amz-cf-pop
EWR53-P1
timing-allow-origin
*
x-amz-cf-id
GDHkGNjkEC_fFI8Zc0M4bYbDeMT6PUEc5QAu1DCkal79BqcUms6Cvg==
pptm.js
www.paypal.com/tagmanager/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=give.sawso.org&t=xo&v=5.0.287&source=payments_sdk&client_id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&comp=buttons,funding-eligibility&vault=true
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b1c26706c63610fb486bfb104c4db875f1092178de4918074590436b4ab3b7d6
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-LycwJYCKNRI/Qx+f9LX2PORj5ZjNKqqeU8F8oomTuOegmFBW' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-LycwJYCKNRI/Qx+f9LX2PORj5ZjNKqqeU8F8oomTuOegmFBW' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
age
39540
x-cache
HIT, HIT
paypal-debug-id
f39343545b1c0
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
4016
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200026-IAD, cache-lga21944-LGA
x-timer
S1646308138.125605,VS0,VE2
x-frame-options
SAMEORIGIN
date
Thu, 03 Mar 2022 11:48:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/x-javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
etag
W/"2c02-HTaBRxJNkY+tRWLIcCEcFBXQpWE"
accept-ranges
bytes
x-cache-hits
1, 1
Serving
bs.serving-sys.com/ 		497 B
493 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?EBUI.js&cn=cu
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.92.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-92-210.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
83f9d60bdf606abe6ef16c81e02ccd235a0d56daadc2fd475428de9b926e81ea

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:58 GMT
content-encoding
gzip
etag
"a6985b37c65dcd1:0"
last-modified
Thu, 03 Mar 2022 11:48:00 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin
*
cache-control
private, max-age=3600
content-type
application/x-javascript
content-length
227
67fe2a1b26
bam-cell.nr-data.net/events/1/ 		24 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/events/1/67fe2a1b26?a=363721230&v=1215.1253ab8&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaV1wQUEoKUwMJQlkMUl58Ah8%3D&rst=2614&ck=1&ref=https://give.sawso.org/give/393706/
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://give.sawso.org/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type
text/plain

Response headers

Date
Thu, 03 Mar 2022 11:48:58 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://give.sawso.org
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
6e6225676faa8c9b-EWR
Content-Length
24
buttons
www.paypal.com/smart/ Frame C144 		352 KB
144 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZlbmFibGUtZnVuZGluZz12ZW5tbyZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5Jm1lcmNoYW50LWlkPUJYSjVZU1RXSFNRWVEmY29tbWl0PWZhbHNlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfa2xka2drcWthbmZ2cmdnZnZja3d1bmJrcXN1cGZpIn19&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=a314411c7d694&storageID=uid_29732d8222_mte6ndg6ntc&sessionID=uid_922888e6dc_mte6ndg6ntc&buttonSessionID=uid_fc30b3d375_mte6ndg6ntg&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6dHJ1ZSwibWVyY2hhbnRDb25maWdIYXNoIjoiMmU3NjAyNDA5YWRhZWVlMWEzYWFlYzM1NWQyZWQ4YzRhZDAzNWU4OSIsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjoiZXhwZXJpbWVudGFibGUifSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhcmlhbnQiOiJleHBlcmltZW50YWJsZSJ9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOnRydWV9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6dHJ1ZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=true&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&merchantID.0=BXJ5YSTWHSQYQ&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?components=buttons,funding-eligibility&enable-funding=venmo&currency=USD&client-id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&merchant-id=BXJ5YSTWHSQYQ&commit=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5548d23a1f4aceebe3832d5d9ef190af532a7022a584eb2e84b875c792c28e77
Security Headers
Name Value
Content-Security-Policy form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-disposition
inline
content-security-policy
form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
etag
W/"581a7-6Tp66MX0RQS5oYVhTFQhY/dQOkM"
p3p
true
paypal-debug-id
f2738125fc179
x-content-type-options
nosniff
x-csrf-jwt
__blank__
x-xss-protection
1; mode=block
dc
ccg11-origin-www-1.paypal.com
accept-ranges
none
via
1.1 varnish, 1.1 varnish
content-encoding
br
date
Thu, 03 Mar 2022 11:48:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-served-by
cache-iad-kjyo7100140-IAD, cache-lga21944-LGA
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1646308138.219036,VS0,VE247
vary
Accept-Encoding
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
buttons
www.paypal.com/smart/ Frame C1A1 		352 KB
143 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5JmludGVudD10b2tlbml6ZSZ2YXVsdD10cnVlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfdXRobmR6bHp0cWNtZ2pyam5jaWpyc29mdGpmdmx5In19&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=f312126797ac9&storageID=uid_1e6744abf7_mte6ndg6ntg&sessionID=uid_49a2e987d5_mte6ndg6ntg&buttonSessionID=uid_4ffb326479_mte6ndg6ntg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiMmU3NjAyNDA5YWRhZWVlMWEzYWFlYzM1NWQyZWQ4YzRhZDAzNWU4OSIsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjp0cnVlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?components=buttons,funding-eligibility&currency=USD&client-id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&intent=tokenize&vault=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
323077d5db342792d6cada4af2b7cfd297c0f415b39a2f383f8dbe312657cdf1
Security Headers
Name Value
Content-Security-Policy form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-disposition
inline
content-security-policy
form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
etag
W/"58078-IFkYan2wwHVk0QTdObX19Yjq8EY"
p3p
true
paypal-debug-id
f273812a5fc3c
x-content-type-options
nosniff
x-csrf-jwt
__blank__
x-xss-protection
1; mode=block
dc
ccg11-origin-www-1.paypal.com
accept-ranges
none
via
1.1 varnish, 1.1 varnish
content-encoding
br
date
Thu, 03 Mar 2022 11:48:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-served-by
cache-iad-kcgs7200085-IAD, cache-lga21944-LGA
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1646308138.268490,VS0,VE271
vary
Accept-Encoding
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
truncated
/ Frame C720 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 5EFF 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
logger
www.paypal.com/xoplatform/logger/api/ 		815 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f8cb4532c250333223a609fec280bb1ce0cd81deac162a5ebdf722b8d7ed5f79
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://give.sawso.org/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type
application/json

Response headers

date
Thu, 03 Mar 2022 11:48:58 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
f273812afd46a
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-iad-kcgs7200176-IAD, cache-lga21946-LGA
x-timer
S1646308138.452483,VS0,VE93
etag
W/"32f-hZ6LMmO/Q34WvCa++pOxsccL6pc"
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
access-control-allow-origin
https://give.sawso.org
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://give.sawso.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://give.sawso.org
cache-control
max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id
f273812fe8c47
x-content-type-options
nosniff
dc
ccg11-origin-www-1.paypal.com
accept-ranges
none
via
1.1 varnish, 1.1 varnish
content-encoding
br
date
Thu, 03 Mar 2022 11:48:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-served-by
cache-iad-kiad7000142-IAD, cache-lga21946-LGA
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1646308138.344253,VS0,VE98
vary
accept-encoding
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v10/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mulish/v10/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.sawso.org
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 14:34:58 GMT
x-content-type-options
nosniff
age
162840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27420
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:16:30 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Mar 2023 14:34:58 GMT
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v10/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mulish/v10/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.sawso.org
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 14:34:58 GMT
x-content-type-options
nosniff
age
162840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27420
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:16:30 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Mar 2023 14:34:58 GMT
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v10/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mulish/v10/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.sawso.org
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 14:34:58 GMT
x-content-type-options
nosniff
age
162840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27420
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:16:30 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Mar 2023 14:34:58 GMT
1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v10/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mulish/v10/1Pttg83HX_SGhgqk2jovaqQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
056a25fd3493379aba428c8c679b68a841060e54b9bab8c65361a573ba2305ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.sawso.org
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 06:31:04 GMT
x-content-type-options
nosniff
age
19074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29144
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:16:56 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 03 Mar 2023 06:31:04 GMT
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 8BD7 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4023:1407::5c Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 03 Mar 2022 11:48:58 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1608
content-type
text/html; charset=UTF-8
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14884
x-xss-protection
0
server
cafe
etag
16747055602125368176
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 03 Mar 2022 11:48:58 GMT
ActivityServer.bs
bs.serving-sys.com/Serving/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving/ActivityServer.bs?cn=as&ActivityID=485783&rnd=629299.8987356789
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.92.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-92-210.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b4535a58d0e477653d650ee55e59ee772faa0c0c034ab91b756ab6b5c1b8b9c7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:58 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin
*
cache-control
no-cache, no-store
content-type
text/html; charset=UTF-8
content-length
584
expires
Sun, 05-Jun-2005 22:00:00 GMT
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f803:c51b:4d23:ce8c , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:58 GMT
content-encoding
gzip
etag
"yoD6mq4JTyPdtDBolW+GUg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Thu, 10 Mar 2022 11:48:58 GMT
xyz.js
getrockerbox.com/assets/ 		45 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://getrockerbox.com/assets/xyz.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.209.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a8b42be2df7b31e11b442a965f4ee259ffac45e2643d39f47faedc219589fc5

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BC2no%2FSJSOd6khDyEcqX20WX2pqW2s7eEYAA112yAivkF18dR3GRlkK2VUkFtAwr7Kh7%2FZ0yAP3Q4hdMunIuPxjPKur8h4RrTLrxGGFUJmHiy1%2FzD2ukuaqp8Rlcj72yJ97"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
6e6225695c291982-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
st.v3.js
www.everestjs.net/static/ 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.everestjs.net/static/st.v3.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.96.61 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-96-61.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a7b2e960f7628e2b6d292e1e5e51cedf3243dab1c9d7cafb9897ba05c8185ce4

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
Last-Modified
Thu, 24 Jun 2021 13:55:47 GMT
Server
AmazonS3
x-amz-request-id
WSG7WGAQHZZN8Y0Q
ETag
"9a2486101572abfab95503fa8e906001"
Vary
Accept-Encoding
Content-Type
text/javascript
Date
Thu, 03 Mar 2022 11:48:58 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28890
x-amz-id-2
FUjq3mok/aTYW2Qz/XMJjRQtwV8fQcLOAfiRcfPdmgwaBInsbibAAlgOjDKbZt+iKltiruh4xZw=
pixel.js
www.redditstatic.com/ads/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
dc832faf8ca21fb791b9abb9a3ba334ef3e31914317791dd53510b8a24d0621d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:58 GMT
via
1.1 varnish, 1.1 varnish
last-modified
Mon, 14 Feb 2022 14:11:16 GMT
server
snooserv
etag
"9dd34b4324742bd3f713adf7f070d3b4"
vary
Accept-Encoding,Origin
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-encoding
gzip
content-length
7531
jquery-3.3.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:58 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-1538f"
vary
Accept-Encoding
x-hw
1646308138.dop012.ny3.t,1646308138.cds210.ny3.hn,1646308138.cds029.ny3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30288
44762
cdn.bttrack.com/universal/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bttrack.com/universal/44762
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
95fd59d301ce000ce5dcc1de36e8b8078c9ddece1223ddc35076e8163ed3a8c6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 11:48:58 GMT
Cache-Control
max-age=900
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2374
X-HW
1646308138.dop037.ny3.t,1646308138.cds137.ny3.shn,1646308138.dop037.ny3.t,1646308138.cds043.ny3.p
Content-Type
application/javascript; charset=utf-8
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=2009905384&t=pageview&_s=1&dl=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F&ul=en-us&de=UTF-8&dt=Donate%20to%20Help%20in%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=641797413.1646308137&tid=UA-51388709-1&_gid=623306121.1646308137&gtm=2wg2s0PMXWH57&z=1134071402
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 12:39:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83374
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://rtd-tm.everesttech.net/upi/?sid=BI5HN7C1EL5Auw2BCnPp&cs=1&gtmcb=636270098
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWlDcktRQUFBRk9QWUFSQQ
170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWlDcktRQUFBRk9QWUFSQQ
Protocol
H2
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:58 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1646308138.487078,VS0,VE8
x-served-by
cache-lga21953-LGA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWlDcktRQUFBRk9QWUFSQQ
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
impression
b.videoamp.com/d2/a318dba2-27b2-11ec-bb7e-4189d3b56416/2380/ 		42 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.videoamp.com/d2/a318dba2-27b2-11ec-bb7e-4189d3b56416/2380/impression?dnt=false&vpxid=2380&bwb=35&us_privacy=&gtmcb=1618803248
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.23.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-23-213.compute-1.amazonaws.com
Software
Beacon Server /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 03 Mar 2022 11:48:58 GMT
access-control-allow-credentials
true
server
Beacon Server
access-control-allow-headers
Content-Type
content-length
42
content-type
image/gif
1023
bttrack.com/Pixel/Retarget/ 		35 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/Pixel/Retarget/1023
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-ServerName
Track002-iad
Pragma
no-cache
Date
Thu, 03 Mar 2022 11:48:57 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
sync
ups.analytics.yahoo.com/ups/55953/
Redirect Chain
  • https://insight.adsrvr.org/track/pxl/?adv=9vus3v7&ct=0:95naoge&fmt=3
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=14592955-fd9d-4a52-95dd-654fd0ed5b4b&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
  • https://tags.bluekai.com/site/5386?id=14592955-fd9d-4a52-95dd-654fd0ed5b4b&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbluekai
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=14592955-fd9d-4a52-95dd-654fd0ed5b4b&_origin=1&gdpr=0&gdpr_consent=
0
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=14592955-fd9d-4a52-95dd-654fd0ed5b4b&_origin=1&gdpr=0&gdpr_consent=
Protocol
H2
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:59 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=14592955-fd9d-4a52-95dd-654fd0ed5b4b&_origin=1&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
h
heapanalytics.com/ 		37 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=1566116007&u=1841682043291337&v=2665113827604000&s=5223150494018539&b=web&tv=4.0&sp=ts&sp=1646308136897&sp=d&sp=give.sawso.org&sp=h&sp=%2Fgive%2F393706%2F&sp=g&sp=%23!%2Fdonation%2Fcheckout%3Fc_src%3DURLShortener%26c_src2%3Dukrainecrisis&pp=d&pp=give.sawso.org&pp=h&pp=%2Fgive%2F393706%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout%3Fc_src%3DURLShortener%26c_src2%3Dukrainecrisis&pp=t&pp=Help%20in%20Ukraine&pp=ts&pp=1646308136897&id0=2203830066936148&k0=environment&k0=prod&k0=organization_id&k0=49501&k0=campaign&k0=393706&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=page&k0=%2Fgive%2F393706%2F%23!%2Fdonation%2Fcheckout%3Fc_src%3DURLShortener%26c_src2%3Dukrainecrisis&k0=title&k0=Donation%20Page&k0=userAgent&k0=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&k0=environment&k0=prod&k0=is_public&k0=true&t0=Page%20View&ts0=1646308138412&st=1646308138415
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.107.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-107-245.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:58 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
6
m.stripe.com/ Frame 118A 		156 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.86.168 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-86-168.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
1d5ec60aee43382b99e854d9b0fdf3887554017d8ae588816fd6496598b81f08
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 03 Mar 2022 11:48:58 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.kwL4cIta-bk.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AM... Frame 8BD7 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.kwL4cIta-bk.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhyPmajAmVHz4flnLjbOuEjZAuMdw/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12722c9f5fabaa7b9bfc7bd1900cc46b73434bf728ed0e02cb6d1f7c51855b42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 17:08:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53298
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 06:25:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Mar 2023 17:08:52 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/590768768/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/590768768/?random=1646308138432&cv=9&fst=1646308138432&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2s0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F&tiba=Donate%20to%20Help%20in%20Ukraine&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03c177808925e534ed41863f25f8f7d62e962acff411af2738563d8b9c71145a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1018
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/590708955/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/590708955/?random=1646308138434&cv=9&fst=1646308138434&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa320&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F&tiba=Donate%20to%20Help%20in%20Ukraine&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76c789f6e57eff56014aef6035e4982aab59e25f888dea0f959612d2c3598dfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1022
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
lasteventf-tm.everesttech.net/ 		0
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lasteventf-tm.everesttech.net/?_les_imsOrgId=20A0289659302A7E0A495D28@AdobeOrg&_les_sdid=012BBBE57067BFB2-41FF64FD73E22A2A&_les_last_search_click=&_les_rsid=tsa.global&_les_mid=83179975797187033120693947332517638423&_les_url=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F%23!%2Fdonation%2Fcheckout%3Fc_src%3DURLShortener%26c_src2%3Dukrainecrisis
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:58 GMT
via
1.1 varnish
server
Varnish
x-timer
S1646308138.494561,VS0,VE0
x-cache
MISS
content-type
text/plain
access-control-allow-origin
https://give.sawso.org
access-control-allow-credentials
true
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-lga21953-LGA
1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v10/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mulish/v10/1Pttg83HX_SGhgqk2jovaqQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
056a25fd3493379aba428c8c679b68a841060e54b9bab8c65361a573ba2305ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.sawso.org
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 06:31:04 GMT
x-content-type-options
nosniff
age
19074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29144
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:16:56 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 03 Mar 2023 06:31:04 GMT
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v10/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mulish/v10/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.sawso.org
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 14:34:58 GMT
x-content-type-options
nosniff
age
162840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27420
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:16:30 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Mar 2023 14:34:58 GMT
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v10/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mulish/v10/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.sawso.org
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 14:34:58 GMT
x-content-type-options
nosniff
age
162840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27420
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:16:30 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Mar 2023 14:34:58 GMT
/
www.google.com/pagead/1p-user-list/827406829/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/827406829/?random=1646308137957&cv=9&fst=1646305200000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F&tiba=Donate%20to%20Help%20in%20Ukraine&async=1&fmt=3&is_vtc=1&random=2117870195&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2009905384&t=pageview&_s=1&dl=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F&dp=%2Fgive%2F393706%2F%23!%2Fdonation%2Fcheckout%3Fc_src%3DURLShortener%26c_src2%3Dukrainecrisis&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAAC~&jid=1615733824&gjid=1154141932&cid=641797413.1646308137&tid=UA-128124334-1&_gid=623306121.1646308137&_r=1&_slc=1&z=1927173013
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://give.sawso.org/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://give.sawso.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=2009905384&t=pageview&_s=7&dl=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F&dp=%2Fgive%2F393706%2F%23!%2Fdonation%2Fcheckout%3Fc_src%3DURLShortener%26c_src2%3Dukrainecrisis&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=641797413.1646308137&tid=UA-3837893-1&_gid=623306121.1646308137&cd1=49501&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=393706&cd6=campaign&cd11=recurring%20optimization&z=185704637
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 12:39:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
83374
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
Serving
bs.serving-sys.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?secCall=1&sessionid=3782418581831317133&cn=as&ActivityID=550371&rnd=641548.5041763908&UniqueDonorID=undefined&ZipCode=undefined&NewDonor=[NewDonor]&Revenue=undefined&Territory=[Territory]&cuid=9b545b9c-fe1b-4564-b25b-c5890ccb2d3b
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.92.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-92-210.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3fa9c7899ebf9d8885ab7169775a17bd9daeec34e9dbe541611f164de66e2f0f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:58 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin
*
cache-control
private
content-type
text/html; charset=UTF-8
content-length
533
expires
Sun, 05-Jun-2005 22:00:00 GMT
s5833884361755
thesalvationarmy.sc.omtrdc.net/b/ss/tsa.global/10/JS-2.20.0/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesalvationarmy.sc.omtrdc.net/b/ss/tsa.global/10/JS-2.20.0/s5833884361755?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=3%2F2%2F2022%2011%3A48%3A58%204%200&d.&nsid=0&jsonv=1&.d&sdid=012BBBE57067BFB2-41FF64FD73E22A2A&mid=83179975797187033120693947332517638423&aamlh=7&ce=UTF-8&pageName=undefined%7C393706%7CCampaign%20Donate&g=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F%23%21%2Fdonation%2Fcheckout%3Fc_src%3DURLShortener%26c_src2%3Dukrainecrisis&cc=USD&ch=Donate&events=event5&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F&v1=undefined%7C393706%7CCampaign%20Donate&c2=give.sawso.org&c3=undefined&v5=Help%20in%20Ukraine%3A393706&c6=16&c9=VisitorAPI%20Present&c12=D%3Dmid&c15=donation&c16=D%3Dv31&c18=D%3Dv64&v21=false&v24=null%3Anull%3Anull%3Anull%3Anull&v30=Help%20in%20Ukraine&v33=D%3Dmid&v64=D%3Dg&v66=undefined&v68=49501&v73=URLShortener%20%7C%20ukrainecrisis&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=20A0289659302A7E0A495D28%40AdobeOrg&AQE=1
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.212.155.93 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-212-155-93.us-west-2.compute.amazonaws.com
Software
jag /
Resource Hash
a2e321f8b5d03a2bd04821e88115c1fe0ba9a65ee41216a318adae0ddd24a34c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-aam-tid
+sVKU7xNTEA=
date
Thu, 03 Mar 2022 11:48:58 GMT
x-content-type-options
nosniff
x-c
main-1585.I7afc85.M0-540
p3p
CP="This is not a P3P policy"
content-length
3353
x-xss-protection
1; mode=block
dcs
dcs-prod-va6-1-v028-07f726029.edge-va6.demdex.com UNKNOWN
pragma
no-cache
last-modified
Fri, 04 Mar 2022 11:48:58 GMT
server
jag
xserver
anedge-74fcddc49f-jxjkj
etag
3535419807447089152-4619756716460448311
vary
*
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Wed, 02 Mar 2022 11:48:58 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-128124334-1&cid=641797413.1646308137&jid=1615733824&gjid=1154141932&_gid=623306121.1646308137&_u=aGDACEABBAAAAC~&z=1406513134
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.sawso.org/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 03 Mar 2022 11:48:58 GMT
content-type
text/plain
access-control-allow-origin
https://give.sawso.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.paypal.com/sdk/ Frame C144 		330 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?components=buttons,funding-eligibility&enable-funding=venmo&currency=USD&client-id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&merchant-id=BXJ5YSTWHSQYQ&commit=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZlbmFibGUtZnVuZGluZz12ZW5tbyZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5Jm1lcmNoYW50LWlkPUJYSjVZU1RXSFNRWVEmY29tbWl0PWZhbHNlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfa2xka2drcWthbmZ2cmdnZnZja3d1bmJrcXN1cGZpIn19&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=a314411c7d694&storageID=uid_29732d8222_mte6ndg6ntc&sessionID=uid_922888e6dc_mte6ndg6ntc&buttonSessionID=uid_fc30b3d375_mte6ndg6ntg&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6dHJ1ZSwibWVyY2hhbnRDb25maWdIYXNoIjoiMmU3NjAyNDA5YWRhZWVlMWEzYWFlYzM1NWQyZWQ4YzRhZDAzNWU4OSIsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjoiZXhwZXJpbWVudGFibGUifSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhcmlhbnQiOiJleHBlcmltZW50YWJsZSJ9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOnRydWV9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6dHJ1ZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=true&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&merchantID.0=BXJ5YSTWHSQYQ&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dfdee93b487ce959d0876f39e2808140fe5cc8ba88466c3ed9c00f20026f3a30
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-s45POQc+qoAc25NO/XD3GLLQtYxYRE4RoYbgyGxy5QdnP3Z3' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-s45POQc+qoAc25NO/XD3GLLQtYxYRE4RoYbgyGxy5QdnP3Z3' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZlbmFibGUtZnVuZGluZz12ZW5tbyZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5Jm1lcmNoYW50LWlkPUJYSjVZU1RXSFNRWVEmY29tbWl0PWZhbHNlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfa2xka2drcWthbmZ2cmdnZnZja3d1bmJrcXN1cGZpIn19&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=a314411c7d694&storageID=uid_29732d8222_mte6ndg6ntc&sessionID=uid_922888e6dc_mte6ndg6ntc&buttonSessionID=uid_fc30b3d375_mte6ndg6ntg&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6dHJ1ZSwibWVyY2hhbnRDb25maWdIYXNoIjoiMmU3NjAyNDA5YWRhZWVlMWEzYWFlYzM1NWQyZWQ4YzRhZDAzNWU4OSIsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjoiZXhwZXJpbWVudGFibGUifSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhcmlhbnQiOiJleHBlcmltZW50YWJsZSJ9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOnRydWV9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6dHJ1ZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=true&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&merchantID.0=BXJ5YSTWHSQYQ&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-s45POQc+qoAc25NO/XD3GLLQtYxYRE4RoYbgyGxy5QdnP3Z3' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-s45POQc+qoAc25NO/XD3GLLQtYxYRE4RoYbgyGxy5QdnP3Z3' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
age
1439
via
1.1 varnish, 1.1 varnish
x-cache
MISS, HIT
p3p
true
paypal-debug-id
f91736014831d
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
102946
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100100-IAD, cache-lga21944-LGA
x-timer
S1646308139.608269,VS0,VE2
x-frame-options
SAMEORIGIN
date
Thu, 03 Mar 2022 11:48:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=10800
etag
W/"19222-45Mf1DP0pYB2M24maOw8EOPBzmE"
accept-ranges
bytes
x-cache-hits
0, 2
ibs:dpid=470&dpuuid=4020377871843843627
dpm.demdex.net/ Frame 9A24
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=4020377871843843627
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=470&dpuuid=4020377871843843627
Protocol
HTTP/1.1
Server
54.211.181.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-181-31.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://thesalvationarmy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v028-0d60e8a8f.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
D5wNxRkBRiw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=470&dpuuid=4020377871843843627
pragma
no-cache
date
Thu, 03 Mar 2022 11:48:58 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pixel_details.html
www.everestjs.net/static/ Frame 6F17
Redirect Chain
  • https://pixel.everesttech.net/8196/gr?ev_gb=0&url=https%3A%2F%2Fwww.everestjs.net%2Fstatic%2Fpixel_details.html%23google%3D__EFGCK__%26gsurfer%3D__EFGSURFER__%26imsId%3D__EFIMSORGID__%26optout%3D__...
  • https://www.everestjs.net/static/pixel_details.html
166 B
597 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.everestjs.net/static/pixel_details.html
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.96.61 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-96-61.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
769254457b771e41802cfbc21371888c7b2485ad5baddaacae3b25cd428e428a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/

Response headers

x-amz-id-2
+1jNfJX9av/o6uLQM8zCLW4ESSgB1wJGhGWjxCS1ewNaNiYRH0+t2MaCRzGt0rHt8CWfnlXikfM=
x-amz-request-id
0XM0J16JHJ26KPD2
Last-Modified
Mon, 15 Mar 2021 04:37:06 GMT
ETag
"003ecf27f0c456effed26f884130b077"
x-amz-version-id
null
Accept-Ranges
bytes
Content-Type
text/html
Server
AmazonS3
Content-Encoding
gzip
Content-Length
146
Date
Thu, 03 Mar 2022 11:48:58 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Date
Thu, 03 Mar 2022 11:48:58 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
356
Connection
keep-alive
Server
Apache
Cache-Control
no-cache
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
Location
https://www.everestjs.net/static/pixel_details.html#google=YiCrKQAAAFOPYARA&gsurfer=YiCrKQAAAFOPYARA&imsId=&optout=0&throttleCookie=&time=20220303114858
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/827406829/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/827406829/?random=1646308138602&cv=9&fst=1646308138602&num=1&label=pQ-wCLfl3IgBEO3zxIoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F&tiba=Donate%20to%20Help%20in%20Ukraine&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
643052defbfd732992d83bb697a4b05d4417ed1bf13e124979d301912805b395
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1107
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/980170053/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/980170053/?random=1646308138603&cv=9&fst=1646308138603&num=1&value=0&label=x8c1CMjokmsQxeqw0wM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F&tiba=Donate%20to%20Help%20in%20Ukraine&auid=617112300.1646308137&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
1f72772abce62c53d64d8a6f0830f27d898b44d5ff87918fdaa1378d27957de9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1221
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dap-x1.js
dap-dist.akamaized.net/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dap-dist.akamaized.net/dap-x1.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2600:141b:13::17d7:82ca New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d25f83d0f7902281216e314e4c888ce0ee752f5fe59a16fcaacbac13744e5015

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 11:48:58 GMT
Last-Modified
Tue, 13 Jul 2021 17:59:58 GMT
Server
AkamaiNetStorage
ETag
"a8c4860980709dc3b2b2bc59c9555044:1626199198.261924"
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
8348
rp.gif
alb.reddit.com/ 		42 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1646308138621&id=t2_8x24ctfw&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&uuid=530de5e5-70fe-46ed-919c-d4e4f586b94d&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_da535582
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:58 GMT
via
1.1 varnish
server
Varnish
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
rules-p-d5N1L76OG6H12.js
rules.quantcount.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-d5N1L76OG6H12.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:1800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b2cf6a1b18d22607d58a89b74c4f9276b7aacca733871d9f3883cb3fc00a98

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:58 GMT
content-encoding
gzip
age
91
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Mon, 20 Dec 2021 22:57:59 GMT
server
AmazonS3
etag
W/"ad0a0eb15beaf3ff81216f6012459a32"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 2c7d387775f2e52dd268d2f49202b5d2.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
zSclzj1vH050mac6qUwSBkFEGdASs1KlZ0lE03dQXcTl4c0ZtUhhIw==
m=byfTOb,lsjVmc,LEikZe
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.kwL4cIta-bk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.LuE... Frame 8BD7 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.kwL4cIta-bk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.LuE_GlHQfaM.L.B1.O/am=BgAC/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjauJSMaCvlffTvhtCgl1HvYa0cTg/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.kwL4cIta-bk.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhyPmajAmVHz4flnLjbOuEjZAuMdw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8558acd8a95e09a66156964628a643d9488245845d7d9e93b26fac23bd136bcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 17:10:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13520
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 23:25:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Mar 2023 17:10:45 GMT
integrations
getrockerbox.com/ 		42 B
565 B 		Script
General
Check archive.org
Download Go to
Full URL
https://getrockerbox.com/integrations?source=salvation_army
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.209.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6e9e1722cffa254dc5061e3d89fc40a4faec0cd7d44819923657d498e8df822

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPeejkkADqe96qWtlGETD9D2o8BhOnoyVKKQnqSXGKrlNQ3pOzABwEePD7i3%2FkMj2ss5WPEMBJyg0%2BCWT5%2BcYbdUy%2BPyRZNTfeMq%2F5b9LApvJ6FUnwsPiM%2BtgrFTITTB7SSc"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
6e62256b4d241760-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jpuid
getrockerbox.com/ 		67 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://getrockerbox.com/jpuid?jsonp=RB.jsonPUID
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.209.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89397a3eb88b067419cf551364ac1ea625db85b69bf400526588c7b36d84bde8

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJ6Ulq4lX2xS6LmkMVxLAEpm%2F3W15H3QeFWAI%2FYESwG%2FFDZaMHwaBBmzbF4%2BW63ICPknp4Qr26cG%2B08PXcDeU%2FXW4%2BlQTcKIx8c8V50Upq9387fIuHl3ViwrigfrQt7dEabt"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
6e62256b4d231760-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
www.google.com/pagead/1p-user-list/590768768/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/590768768/?random=1646308138432&cv=9&fst=1646305200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F&tiba=Donate%20to%20Help%20in%20Ukraine&async=1&fmt=3&is_vtc=1&random=1586342322&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame C144 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
www.google.com/pagead/1p-user-list/590708955/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/590708955/?random=1646308138434&cv=9&fst=1646305200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa320&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F&tiba=Donate%20to%20Help%20in%20Ukraine&async=1&fmt=3&is_vtc=1&random=3413113666&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.paypal.com/sdk/ Frame C1A1 		340 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?components=buttons,funding-eligibility&currency=USD&client-id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&intent=tokenize&vault=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5JmludGVudD10b2tlbml6ZSZ2YXVsdD10cnVlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfdXRobmR6bHp0cWNtZ2pyam5jaWpyc29mdGpmdmx5In19&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=f312126797ac9&storageID=uid_1e6744abf7_mte6ndg6ntg&sessionID=uid_49a2e987d5_mte6ndg6ntg&buttonSessionID=uid_4ffb326479_mte6ndg6ntg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiMmU3NjAyNDA5YWRhZWVlMWEzYWFlYzM1NWQyZWQ4YzRhZDAzNWU4OSIsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjp0cnVlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e581c5b4b6e28f6a83d0d1953f502c8f61d3ba1940c62c5a92c95f43737317ee
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-qIELkcGiD+yUcGWZeozknJd9zz4W7SQzcODJ6kfWFORn+jFg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-qIELkcGiD+yUcGWZeozknJd9zz4W7SQzcODJ6kfWFORn+jFg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5JmludGVudD10b2tlbml6ZSZ2YXVsdD10cnVlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfdXRobmR6bHp0cWNtZ2pyam5jaWpyc29mdGpmdmx5In19&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=f312126797ac9&storageID=uid_1e6744abf7_mte6ndg6ntg&sessionID=uid_49a2e987d5_mte6ndg6ntg&buttonSessionID=uid_4ffb326479_mte6ndg6ntg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiMmU3NjAyNDA5YWRhZWVlMWEzYWFlYzM1NWQyZWQ4YzRhZDAzNWU4OSIsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjp0cnVlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-qIELkcGiD+yUcGWZeozknJd9zz4W7SQzcODJ6kfWFORn+jFg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-qIELkcGiD+yUcGWZeozknJd9zz4W7SQzcODJ6kfWFORn+jFg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
age
7177
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
p3p
true
paypal-debug-id
f1880196110cb
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
106605
x-xss-protection
1; mode=block
x-served-by
cache-iad-kjyo7100096-IAD, cache-lga21944-LGA
x-timer
S1646308139.686912,VS0,VE1
x-frame-options
SAMEORIGIN
date
Thu, 03 Mar 2022 11:48:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=10800
etag
W/"1a06d-Y30ykBdO7RwapdcIuIBgMtiOQJA"
accept-ranges
bytes
x-cache-hits
1, 4
m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.kwL4cIta-bk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.LuE... Frame 8BD7 		75 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.kwL4cIta-bk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.LuE_GlHQfaM.L.B1.O/am=BgAC/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjauJSMaCvlffTvhtCgl1HvYa0cTg/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.kwL4cIta-bk.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhyPmajAmVHz4flnLjbOuEjZAuMdw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f4e805c9d1889034712238bd4c45a2f26c0d3e8904109eabcda4f1ff29f6614
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 17:10:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27960
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 23:25:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Mar 2023 17:10:45 GMT
truncated
/ Frame C1A1 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
ibs:dpid=1175&gdpr=0&dpuuid=0zb214Rm9obIZ_GE0DTphIc2_IPINqbT3Tca7JGr
dpm.demdex.net/ Frame 9A24
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=0zb214Rm9obIZ_GE0DTphIc2_IPINqbT3Tca7JGr
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=0zb214Rm9obIZ_GE0DTphIc2_IPINqbT3Tca7JGr
Protocol
HTTP/1.1
Server
54.211.181.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-181-31.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://thesalvationarmy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v028-0cf596de4.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
RNiUJJCGR+A=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:58 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=0zb214Rm9obIZ_GE0DTphIc2_IPINqbT3Tca7JGr
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
collect
b.clarity.ms/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://give.sawso.org/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://give.sawso.org
date
Thu, 03 Mar 2022 11:48:58 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
/
www.google.com/pagead/1p-conversion/980170053/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/980170053/?random=865230684&cv=9&fst=1646308138603&num=1&value=0&label=x8c1CMjokmsQxeqw0wM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u...
  • https://www.google.com/pagead/1p-conversion/980170053/?random=865230684&cv=9&fst=1646308138603&num=1&value=0&label=x8c1CMjokmsQxeqw0wM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/980170053/?random=865230684&cv=9&fst=1646308138603&num=1&value=0&label=x8c1CMjokmsQxeqw0wM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F&tiba=Donate%20to%20Help%20in%20Ukraine&auid=617112300.1646308137&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=KqsgYtayJ9iOoPMPh46kyAQ&cid=CAQSKQCNIrLMzClan8rxMrhAe_vft5kFJyzSnm3LEU1CsGlKiz4b_0yHDZW7&eitems=ChEIgOuBkQYQ2ffk1omxo5XbARIdAHMG3ssoIEDGJt1B_J1UcG-TqCENOJD28LzEvBo&random=77396955&resp=GooglemKTybQhCsO
Protocol
H3
Server
2607:f8b0:4006:80a::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:58 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
location
https://www.google.com/pagead/1p-conversion/980170053/?random=865230684&cv=9&fst=1646308138603&num=1&value=0&label=x8c1CMjokmsQxeqw0wM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2s0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F&tiba=Donate%20to%20Help%20in%20Ukraine&auid=617112300.1646308137&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=KqsgYtayJ9iOoPMPh46kyAQ&cid=CAQSKQCNIrLMzClan8rxMrhAe_vft5kFJyzSnm3LEU1CsGlKiz4b_0yHDZW7&eitems=ChEIgOuBkQYQ2ffk1omxo5XbARIdAHMG3ssoIEDGJt1B_J1UcG-TqCENOJD28LzEvBo&random=77396955&resp=GooglemKTybQhCsO
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/827406829/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/827406829/?random=1646308138602&cv=9&fst=1646305200000&num=1&label=pQ-wCLfl3IgBEO3zxIoD&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2s0&sendb=1&frm=0&url=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F&tiba=Donate%20to%20Help%20in%20Ukraine&async=1&fmt=3&is_vtc=1&cid=CAQSKQCNIrLMBuPc5Tlb-2n0UwnuP5HnnneaskAaC5Usuq0bf1CJNpgoN2A_&random=3181603818&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fb.js
c.paypal.com/da/r/ Frame C144 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZlbmFibGUtZnVuZGluZz12ZW5tbyZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5Jm1lcmNoYW50LWlkPUJYSjVZU1RXSFNRWVEmY29tbWl0PWZhbHNlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfa2xka2drcWthbmZ2cmdnZnZja3d1bmJrcXN1cGZpIn19&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=a314411c7d694&storageID=uid_29732d8222_mte6ndg6ntc&sessionID=uid_922888e6dc_mte6ndg6ntc&buttonSessionID=uid_fc30b3d375_mte6ndg6ntg&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6dHJ1ZSwibWVyY2hhbnRDb25maWdIYXNoIjoiMmU3NjAyNDA5YWRhZWVlMWEzYWFlYzM1NWQyZWQ4YzRhZDAzNWU4OSIsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjoiZXhwZXJpbWVudGFibGUifSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhcmlhbnQiOiJleHBlcmltZW50YWJsZSJ9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOnRydWV9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6dHJ1ZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=true&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&merchantID.0=BXJ5YSTWHSQYQ&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
ECAcc (nya/7974) /
Resource Hash
5a9fe372bcff9fdc9196edad388df17256dda91a192654f4ec796bff77b1569c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
130522
x-cache
HIT, HIT
paypal-debug-id
fda23fd0d9cc0
x-cache-hits
46784
access-control-allow-methods
GET
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
19250
via
1.1 varnish
x-served-by
cache-lga21978-LGA
last-modified
Tue, 01 Mar 2022 17:38:12 GMT
server
ECAcc (nya/7974)
x-timer
S1646308139.006626,VS0,VE1
etag
"621e5a04-de78+gzip"
access-control-max-age
86400
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=86400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 11:48:59 GMT
serving
bs.serving-sys.com/ Frame 9A24 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bs.serving-sys.com/serving?cn=um&dpid=1&euuid=83338073149347130610678269272526832418&redir=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.92.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-92-210.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://thesalvationarmy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:58 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
0
p3p
CP="NOI DEVa OUR BUS UNI"
bounce
secure.adnxs.com/
Redirect Chain
  • https://getrockerbox.com/rb?url=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F%23!%2Fdonation%2Fcheckout%3Fc_src%3DURLShortener%26c_src2%3Dukrainecrisis&action=view&source=salvation_army&rb_source...
  • https://secure.adnxs.com/seg?add=9705236
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9705236
43 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9705236
Protocol
HTTP/1.1
Server
68.67.179.135 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
550.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Mar 2022 11:48:59 GMT
X-Proxy-Origin
37.120.138.195; 37.120.138.195; 550.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
1b341187-111c-4b60-a95d-e03861f55f3a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 03 Mar 2022 11:48:59 GMT
X-Proxy-Origin
37.120.138.195; 37.120.138.195; 550.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
6f1b6144-366d-452d-b7a2-e9eeeb1193b2
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9705236
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
logger
www.paypal.com/xoplatform/logger/api/ 		830 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0734a01ab47d2a5f1cdcba6b63df10a5604684a76db5a7ba6a70265c3d7ffcb8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://give.sawso.org/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type
application/json

Response headers

date
Thu, 03 Mar 2022 11:48:59 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
f1666588949d8
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-iad-kjyo7100055-IAD, cache-lga21946-LGA
x-timer
S1646308139.039082,VS0,VE139
etag
W/"33e-3eXVNP5DNJ3IUViR/sMwbO8CQEI"
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
access-control-allow-origin
https://give.sawso.org
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://give.sawso.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://give.sawso.org
cache-control
max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id
f16665813a601
x-content-type-options
nosniff
dc
ccg11-origin-www-1.paypal.com
accept-ranges
none
via
1.1 varnish, 1.1 varnish
content-encoding
br
date
Thu, 03 Mar 2022 11:48:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-served-by
cache-iad-kjyo7100039-IAD, cache-lga21946-LGA
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1646308139.956250,VS0,VE76
vary
accept-encoding
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
logger
www.paypal.com/xoplatform/logger/api/ Frame C144 		834 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZlbmFibGUtZnVuZGluZz12ZW5tbyZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5Jm1lcmNoYW50LWlkPUJYSjVZU1RXSFNRWVEmY29tbWl0PWZhbHNlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfa2xka2drcWthbmZ2cmdnZnZja3d1bmJrcXN1cGZpIn19&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=a314411c7d694&storageID=uid_29732d8222_mte6ndg6ntc&sessionID=uid_922888e6dc_mte6ndg6ntc&buttonSessionID=uid_fc30b3d375_mte6ndg6ntg&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6dHJ1ZSwibWVyY2hhbnRDb25maWdIYXNoIjoiMmU3NjAyNDA5YWRhZWVlMWEzYWFlYzM1NWQyZWQ4YzRhZDAzNWU4OSIsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjoiZXhwZXJpbWVudGFibGUifSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhcmlhbnQiOiJleHBlcmltZW50YWJsZSJ9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOnRydWV9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6dHJ1ZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=true&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&merchantID.0=BXJ5YSTWHSQYQ&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2d6017d0165dcaf6d7196aa44add160ae5a42830ff81d353102f551759e8af26
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZlbmFibGUtZnVuZGluZz12ZW5tbyZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5Jm1lcmNoYW50LWlkPUJYSjVZU1RXSFNRWVEmY29tbWl0PWZhbHNlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfa2xka2drcWthbmZ2cmdnZnZja3d1bmJrcXN1cGZpIn19&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=a314411c7d694&storageID=uid_29732d8222_mte6ndg6ntc&sessionID=uid_922888e6dc_mte6ndg6ntc&buttonSessionID=uid_fc30b3d375_mte6ndg6ntg&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6dHJ1ZSwibWVyY2hhbnRDb25maWdIYXNoIjoiMmU3NjAyNDA5YWRhZWVlMWEzYWFlYzM1NWQyZWQ4YzRhZDAzNWU4OSIsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjoiZXhwZXJpbWVudGFibGUifSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhcmlhbnQiOiJleHBlcmltZW50YWJsZSJ9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOnRydWV9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6dHJ1ZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=true&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&merchantID.0=BXJ5YSTWHSQYQ&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 03 Mar 2022 11:48:59 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
f1666581bbef0
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-iad-kjyo7100032-IAD, cache-lga21944-LGA
x-timer
S1646308139.970241,VS0,VE98
etag
W/"342-ZeXOLY1QGKHyKaaSV0xOiabmw8M"
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0, 0
tokenize
salvationarmyusa.dap.akadns.net/data-activation/x1/domain/salvationarmyusa.org/identity/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://salvationarmyusa.dap.akadns.net/data-activation/x1/domain/salvationarmyusa.org/identity/tokenize
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::1732:35b9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,pragma
Origin
https://give.sawso.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Content-Type
text/html
Content-Length
0
Date
Thu, 03 Mar 2022 11:48:59 GMT
Connection
keep-alive
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
true
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC,Akamai-DAP-Token,X-Cache,Akamai-DAP-100,Akamai-DAP-DDID
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,Authorization,X-API-KEY,Content-Type,Pragma,Akamai-DAP-DDID
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
tokenize
salvationarmyusa.dap.akadns.net/data-activation/x1/domain/salvationarmyusa.org/identity/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://salvationarmyusa.dap.akadns.net/data-activation/x1/domain/salvationarmyusa.org/identity/tokenize
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::1732:35b9 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Pragma
akamai-x-cache-on
Accept
*/*
Referer
https://give.sawso.org/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

Strict-Transport-Security
max-age=31536000
Akamai-DAP-100
6DC4
X-Cache
TCP_MISS from a23-50-53-181.deploy.akamaitechnologies.com (AkamaiGHost/10.7.2-39291661) (-)
Akamai-DAP-Token
eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoicGFzc3dvcmQxIn0..BMmQVfvnWuNRwnf5C6kHqA.TdRJU3e7qpxLkfyfLaSLGUdW3H2WiWqSMKbjilx-_flPtKKt6eh_p7CCzoIXtQC1BIssih2XUVCNnJe616H_MJ7lir9ls3YP4VPRCgnkBOroPQ3jA9JpoEHeHs2EwDha_i7nR2B08nz-7c6uw8lhdRGlr_B62ti0StOCJDDA2D0movJUpknk7BtFhq-HUWOaMPV1xw7G3D6VTMNE1DVdMahCKZ0F83euDhfOgI1j8SotP4f3wFgA9bWjUNBJ_s-Q_aVDWixGaOHJNE6oeBeK8UEupn0TnTuG6SC1JXJ7X1ivPX12EjxdBIeZ-fj2PYSBckx3TYyh7tzNzvBHvV9O1X5tNQWweRCVuM0U1Act9_NUH9oTdRajAp3GJ2-_EBQS1o4s3qxUDckfz4oFVnuPPA.PqC859L9tjhf1F_jrZgGmuU8B7gj0wpk57QwdQXivAk
Connection
close
Pragma
no-cache
Server
Microsoft-HTTPAPI/2.0
Date
Thu, 03 Mar 2022 11:48:59 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/xml; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC,Akamai-DAP-Token,X-Cache,Akamai-DAP-100,Akamai-DAP-DDID
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
origin,range,hdntl,hdnts,Authorization,X-API-KEY,Content-Type,Pragma,Akamai-DAP-DDID
Expires
Thu, 03 Mar 2022 11:48:59 GMT
analytics.js
www.google-analytics.com/ Frame 8BD7 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.kwL4cIta-bk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.LuE_GlHQfaM.L.B1.O/am=BgAC/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjauJSMaCvlffTvhtCgl1HvYa0cTg/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3902
date
Thu, 03 Mar 2022 10:43:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 03 Mar 2022 12:43:56 GMT
pay
pay.google.com/gp/p/ui/ Frame 8BD7 		1 MB
345 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.kwL4cIta-bk.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhyPmajAmVHz4flnLjbOuEjZAuMdw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4023:1407::5c Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
206f8f9185f8126ddd7372af71d1662af462e12456744e1864e40c6cf7cb9172
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-UPlvzJtrtP1vHBlSmABtTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-UPlvzJtrtP1vHBlSmABtTw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge
server
ESF
cross-origin-opener-policy
unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi"
date
Thu, 03 Mar 2022 11:48:59 GMT
x-frame-options
DENY
report-to
{"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]}
content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
private, max-age=3600
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-UPlvzJtrtP1vHBlSmABtTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-UPlvzJtrtP1vHBlSmABtTw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
expires
Thu, 03 Mar 2022 11:48:59 GMT
ibs:dpid=30646
dpm.demdex.net/ Frame 9A24
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=83338073149347130610678269272526832418&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-FztSn_BE2pGN0lTBY.9rWqxe_HijLjrojsc-~A
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-FztSn_BE2pGN0lTBY.9rWqxe_HijLjrojsc-~A
Protocol
HTTP/1.1
Server
54.211.181.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-181-31.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://thesalvationarmy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v028-08e0d6f7e.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
KsDqUHB9TzE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Thu, 03 Mar 2022 11:48:59 GMT
via
http/1.1 spdc0102.pbp.bf1.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-FztSn_BE2pGN0lTBY.9rWqxe_HijLjrojsc-~A
content-length
0
fb.js
c.paypal.com/da/r/ Frame C1A1 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5JmludGVudD10b2tlbml6ZSZ2YXVsdD10cnVlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfdXRobmR6bHp0cWNtZ2pyam5jaWpyc29mdGpmdmx5In19&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=f312126797ac9&storageID=uid_1e6744abf7_mte6ndg6ntg&sessionID=uid_49a2e987d5_mte6ndg6ntg&buttonSessionID=uid_4ffb326479_mte6ndg6ntg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiMmU3NjAyNDA5YWRhZWVlMWEzYWFlYzM1NWQyZWQ4YzRhZDAzNWU4OSIsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjp0cnVlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
ECAcc (nya/7974) /
Resource Hash
5a9fe372bcff9fdc9196edad388df17256dda91a192654f4ec796bff77b1569c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
130522
x-cache
HIT, HIT
paypal-debug-id
fda23fd0d9cc0
x-cache-hits
46785
access-control-allow-methods
GET
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
19250
via
1.1 varnish
x-served-by
cache-lga21978-LGA
last-modified
Tue, 01 Mar 2022 17:38:12 GMT
server
ECAcc (nya/7974)
x-timer
S1646308139.014634,VS0,VE1
etag
"621e5a04-de78+gzip"
access-control-max-age
86400
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=86400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 11:48:59 GMT
pixel;r=1829339718;labels=_fp.event.Default;rf=0;a=p-d5N1L76OG6H12;url=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F%23!%2Fdonation%2Fcheckout%3Fc_src%3DURLShortener%26c_src2%3Dukrainecrisis;uht=...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1829339718;labels=_fp.event.Default;rf=0;a=p-d5N1L76OG6H12;url=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F%23!%2Fdonation%2Fcheckout%3Fc_src%3DURLShortener%26c_src2%3Dukrainecrisis;uht=2;fpan=1;fpa=P0-1502130799-1646308139036;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;ref=;d=sawso.org;je=0;sr=1600x1200x24;dst=0;et=1646308139035;tzo=0;ogl=site_name.Classy%2Ctype.website%2Curl.https%3A%2F%2Fgive%252Esawso%252Eorg%2Fgive%2F393706%2F%23!%2Fdonation%2Fcheckout%3Fc_src%3DURLShortener%26c_src%2Cimage.https%3A%2F%2Fassets%252Eclassy%252Eorg%2F6194986%2F6b9a747c-966b-11ec-bb09-0ae8ad3342b3%252Ejpg%2Ctitle.Donate%20to%20Help%20in%20Ukraine
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f803:c51b:4d23:ce8c , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:59 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
collect
b.clarity.ms/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://give.sawso.org/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://give.sawso.org
date
Thu, 03 Mar 2022 11:48:58 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
t
pixel.everesttech.net/8196/ 		128 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.everesttech.net/8196/t?ev_Donation_Form_Start=1&ev_transid=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.94.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-94-205.compute-1.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 11:48:59 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"b3b51c-80-5c775461d9c40"
Vary
Cookie
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
128
1x1
pixel.everesttech.net/
Redirect Chain
  • https://cm.everesttech.net/cm
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&url=/1x1&google_hm=WWlDcktRQUFBRk9QWUFSQQ
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_gid=CAESEAjNpRn2bpfUGBk79qumkEQ&google_cver=1
  • https://pixel.everesttech.net/1x1
128 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.everesttech.net/1x1
Protocol
HTTP/1.1
Server
54.236.94.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-94-205.compute-1.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 11:48:59 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"b3b51c-80-5c775461d9c40"
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
128

Redirect headers

Location
https://pixel.everesttech.net/1x1
Date
Thu, 03 Mar 2022 11:48:59 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
i
c.paypal.com/v1/r/d/ Frame 9763 		160 B
942 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.paypal.com/

Response headers

correlation-id
ccaa6a734a2a9
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-security-policy-report-only
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html;charset=UTF-8
paypal-debug-id
ccaa6a734a2a9
x-content-type-options
nosniff
x-xss-protection
1; mode=block
accept-ranges
none
via
1.1 varnish, 1.1 varnish
content-encoding
br
date
Thu, 03 Mar 2022 11:48:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-served-by
cache-iad-kiad7000021-IAD, cache-lga21978-LGA
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1646308139.106827,VS0,VE84
vary
Accept-Encoding
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
timing-allow-origin
*
counter2.cgi
slc.stats.paypal.com/v2/ Frame 2F87
Redirect Chain
  • https://b.stats.paypal.com/v2/counter.cgi?p=uid_922888e6dc_mte6ndg6ntc&s=SMART_PAYMENT_BUTTONS
  • https://slc.stats.paypal.com/v2/counter2.cgi?p=uid_922888e6dc_mte6ndg6ntc&s=SMART_PAYMENT_BUTTONS
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slc.stats.paypal.com/v2/counter2.cgi?p=uid_922888e6dc_mte6ndg6ntc&s=SMART_PAYMENT_BUTTONS
Protocol
HTTP/1.1
Server
34.106.92.18 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
18.92.106.34.bc.googleusercontent.com
Software
PayPal-B.Stats/1.0 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 11:48:59 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
42
Content-Type
image/jpeg

Redirect headers

Location
https://slc.stats.paypal.com/v2/counter2.cgi?p=uid_922888e6dc_mte6ndg6ntc&s=SMART_PAYMENT_BUTTONS
Date
Thu, 03 Mar 2022 11:48:59 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
0
Content-Type
application/octet-stream
i
c.paypal.com/v1/r/d/ Frame 195A 		160 B
348 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://www.paypal.com/

Response headers

correlation-id
f1b92aab27dfd
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-security-policy-report-only
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html;charset=UTF-8
paypal-debug-id
f1b92aab27dfd
x-content-type-options
nosniff
x-xss-protection
1; mode=block
accept-ranges
none
via
1.1 varnish, 1.1 varnish
content-encoding
br
date
Thu, 03 Mar 2022 11:48:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-served-by
cache-iad-kiad7000045-IAD, cache-lga21978-LGA
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1646308139.121650,VS0,VE70
vary
Accept-Encoding
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
timing-allow-origin
*
counter2.cgi
slc.stats.paypal.com/v2/ Frame CCEE
Redirect Chain
  • https://b.stats.paypal.com/v2/counter.cgi?p=uid_49a2e987d5_mte6ndg6ntg&s=SMART_PAYMENT_BUTTONS
  • https://slc.stats.paypal.com/v2/counter2.cgi?p=uid_49a2e987d5_mte6ndg6ntg&s=SMART_PAYMENT_BUTTONS
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slc.stats.paypal.com/v2/counter2.cgi?p=uid_49a2e987d5_mte6ndg6ntg&s=SMART_PAYMENT_BUTTONS
Protocol
HTTP/1.1
Server
34.106.92.18 Salt Lake City, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
18.92.106.34.bc.googleusercontent.com
Software
PayPal-B.Stats/1.0 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 11:48:59 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
42
Content-Type
image/jpeg

Redirect headers

Location
https://slc.stats.paypal.com/v2/counter2.cgi?p=uid_49a2e987d5_mte6ndg6ntg&s=SMART_PAYMENT_BUTTONS
Date
Thu, 03 Mar 2022 11:48:59 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
0
Content-Type
application/octet-stream
ibs:dpid=49276&dpuuid=448581c5-b9ef-4097-802d-a87d6154c35e
dpm.demdex.net/ Frame 9A24
Redirect Chain
  • https://bttrack.com/dmp/adobe/user?dd_uuid=83338073149347130610678269272526832418
  • https://dpm.demdex.net/ibs:dpid=49276&dpuuid=448581c5-b9ef-4097-802d-a87d6154c35e
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=49276&dpuuid=448581c5-b9ef-4097-802d-a87d6154c35e
Protocol
HTTP/1.1
Server
54.211.181.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-181-31.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://thesalvationarmy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v028-0bbc3dfa6.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
OIetEWzFRUA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

X-ServerName
Track004-iad
Pragma
no-cache
Date
Thu, 03 Mar 2022 11:48:58 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Location
//dpm.demdex.net/ibs:dpid=49276&dpuuid=448581c5-b9ef-4097-802d-a87d6154c35e
Cache-Control
private,no-cache
Content-Type
text/html; charset=utf-8
Content-Length
206
Expires
-1
logger
www.paypal.com/xoplatform/logger/api/ Frame C1A1 		824 B
713 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5JmludGVudD10b2tlbml6ZSZ2YXVsdD10cnVlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfdXRobmR6bHp0cWNtZ2pyam5jaWpyc29mdGpmdmx5In19&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=f312126797ac9&storageID=uid_1e6744abf7_mte6ndg6ntg&sessionID=uid_49a2e987d5_mte6ndg6ntg&buttonSessionID=uid_4ffb326479_mte6ndg6ntg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiMmU3NjAyNDA5YWRhZWVlMWEzYWFlYzM1NWQyZWQ4YzRhZDAzNWU4OSIsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjp0cnVlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bc1ecbfdb6723d25272ba8de0311879a3bacad85217cabe4cd8cf1b3b57557f3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5JmludGVudD10b2tlbml6ZSZ2YXVsdD10cnVlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfdXRobmR6bHp0cWNtZ2pyam5jaWpyc29mdGpmdmx5In19&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=f312126797ac9&storageID=uid_1e6744abf7_mte6ndg6ntg&sessionID=uid_49a2e987d5_mte6ndg6ntg&buttonSessionID=uid_4ffb326479_mte6ndg6ntg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiMmU3NjAyNDA5YWRhZWVlMWEzYWFlYzM1NWQyZWQ4YzRhZDAzNWU4OSIsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjp0cnVlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 03 Mar 2022 11:48:59 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
f166658456876
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-iad-kiad7000121-IAD, cache-lga21944-LGA
x-timer
S1646308139.127393,VS0,VE112
etag
W/"338-YGXskhmpxJ8bnc1GIkmhFlfcITE"
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0, 0
log
play.google.com/ Frame 8BD7 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.kwL4cIta-bk.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhyPmajAmVHz4flnLjbOuEjZAuMdw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 03 Mar 2022 11:48:59 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://pay.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://pay.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Thu, 03 Mar 2022 11:48:59 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
log
play.google.com/ Frame 8BD7 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.kwL4cIta-bk.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhyPmajAmVHz4flnLjbOuEjZAuMdw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 03 Mar 2022 11:48:59 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://pay.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://pay.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Thu, 03 Mar 2022 11:48:59 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
log
play.google.com/ Frame 8BD7 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.kwL4cIta-bk.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhyPmajAmVHz4flnLjbOuEjZAuMdw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 03 Mar 2022 11:48:59 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://pay.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://pay.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Thu, 03 Mar 2022 11:48:59 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
log
play.google.com/ Frame 8BD7 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.kwL4cIta-bk.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhyPmajAmVHz4flnLjbOuEjZAuMdw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 03 Mar 2022 11:48:59 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://pay.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://pay.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Thu, 03 Mar 2022 11:48:59 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
log
play.google.com/ Frame 8BD7 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.kwL4cIta-bk.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhyPmajAmVHz4flnLjbOuEjZAuMdw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 03 Mar 2022 11:48:59 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://pay.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://pay.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Thu, 03 Mar 2022 11:48:59 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.kwL4cIta-bk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.LuE... Frame 8BD7 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.kwL4cIta-bk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.LuE_GlHQfaM.L.B1.O/am=BgAC/d=1/exm=Das5Le,IZT63,LEikZe,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjauJSMaCvlffTvhtCgl1HvYa0cTg/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.kwL4cIta-bk.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhyPmajAmVHz4flnLjbOuEjZAuMdw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9977aa286359b9d322d035dfeb9fa83d38c48e45256a7a1aff0ff1dfd5c54b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 17:10:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153492
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7205
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 23:25:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Mar 2023 17:10:47 GMT
m=lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.kwL4cIta-bk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.LuE... Frame 8BD7 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.kwL4cIta-bk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.LuE_GlHQfaM.L.B1.O/am=BgAC/d=1/exm=Das5Le,FCpbqb,IZT63,LEikZe,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,hhhU8,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjauJSMaCvlffTvhtCgl1HvYa0cTg/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.kwL4cIta-bk.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhyPmajAmVHz4flnLjbOuEjZAuMdw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f4aa756253912801a72d07a0233b9402e469d2a08d47b127f49759156aaf879
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 17:10:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153492
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3346
x-xss-protection
0
last-modified
Mon, 28 Feb 2022 23:25:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Mar 2023 17:10:47 GMT
log
play.google.com/ Frame 8BD7 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.kwL4cIta-bk.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhyPmajAmVHz4flnLjbOuEjZAuMdw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 03 Mar 2022 11:48:59 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://pay.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://pay.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Thu, 03 Mar 2022 11:48:59 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
0
r.stripe.com/ Frame A74B 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-85fd1b545fd560e7f16b520f4aa11d1b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 03 Mar 2022 11:48:59 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame A74B 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-85fd1b545fd560e7f16b520f4aa11d1b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 03 Mar 2022 11:48:59 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
fb.js
c.paypal.com/da/r/ Frame 9763 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
ECAcc (nya/7974) /
Resource Hash
5a9fe372bcff9fdc9196edad388df17256dda91a192654f4ec796bff77b1569c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
130522
x-cache
HIT, HIT
paypal-debug-id
fda23fd0d9cc0
x-cache-hits
46786
access-control-allow-methods
GET
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
19250
via
1.1 varnish
x-served-by
cache-lga21978-LGA
last-modified
Tue, 01 Mar 2022 17:38:12 GMT
server
ECAcc (nya/7974)
x-timer
S1646308139.259971,VS0,VE1
etag
"621e5a04-de78+gzip"
access-control-max-age
86400
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=86400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 11:48:59 GMT
fb.js
c.paypal.com/da/r/ Frame 195A 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
ECAcc (nya/7974) /
Resource Hash
5a9fe372bcff9fdc9196edad388df17256dda91a192654f4ec796bff77b1569c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
130522
x-cache
HIT, HIT
paypal-debug-id
fda23fd0d9cc0
x-cache-hits
46787
access-control-allow-methods
GET
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
19250
via
1.1 varnish
x-served-by
cache-lga21978-LGA
last-modified
Tue, 01 Mar 2022 17:38:12 GMT
server
ECAcc (nya/7974)
x-timer
S1646308139.261108,VS0,VE1
etag
"621e5a04-de78+gzip"
access-control-max-age
86400
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=86400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 11:48:59 GMT
pixel
cm.g.doubleclick.net/ Frame 9A24
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWlDcktRQUFBRk9QWUFSQQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWlDcktRQUFBRk9QWUFSQQ==
Protocol
H3
Server
142.250.80.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://thesalvationarmy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:59 GMT
via
1.1 varnish
server
Varnish
x-timer
S1646308139.280955,VS0,VE0
x-served-by
cache-lga21953-LGA
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWlDcktRQUFBRk9QWUFSQQ==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
0
r.stripe.com/ Frame A74B 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-85fd1b545fd560e7f16b520f4aa11d1b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 03 Mar 2022 11:48:59 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame A74B 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-85fd1b545fd560e7f16b520f4aa11d1b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 03 Mar 2022 11:48:59 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
log
play.google.com/ Frame 8BD7 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.kwL4cIta-bk.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhyPmajAmVHz4flnLjbOuEjZAuMdw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 03 Mar 2022 11:48:59 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
0
r.stripe.com/ Frame A74B 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-85fd1b545fd560e7f16b520f4aa11d1b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 03 Mar 2022 11:48:59 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
h
heapanalytics.com/ 		37 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=1566116007&u=1841682043291337&v=2665113827604000&s=5223150494018539&b=web&tv=4.0&sp=ts&sp=1646308136897&sp=d&sp=give.sawso.org&sp=h&sp=%2Fgive%2F393706%2F&sp=g&sp=%23!%2Fdonation%2Fcheckout%3Fc_src%3DURLShortener%26c_src2%3Dukrainecrisis&pp=d&pp=give.sawso.org&pp=h&pp=%2Fgive%2F393706%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout%3Fc_src%3DURLShortener%26c_src2%3Dukrainecrisis&pp=t&pp=Help%20in%20Ukraine&pp=ts&pp=1646308136897&id0=8238206680248810&k0=environment&k0=prod&k0=organization_id&k0=49501&k0=campaign&k0=393706&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=digitalWalletsLoaded&k0=true&t0=Donation%20Page%20-%20View%20Page%20-%20Digital%20Wallet&ts0=1646308139267&st=1646308139269
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.107.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-107-245.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:59 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
GooglePay-logo.svg
give.sawso.org/static/global/images/digitalWallets/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://give.sawso.org/static/global/images/digitalWallets/GooglePay-logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/give/393706/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 26 Jan 2022 18:28:22 GMT
server
cloudflare
age
497839
etag
W/"61f192c6-b41"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
cf-ray
6e62256eaf391849-EWR
expires
Sat, 25 Feb 2023 17:31:40 GMT
p1
c.paypal.com/v1/r/d/b/ Frame 9763 		125 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/p1
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4e5f38f83d2f6add817e3b6ecab157b7343293a658bc177e0cd89fb87fb79b92
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

timing-allow-origin
*
date
Thu, 03 Mar 2022 11:48:59 GMT
via
1.1 varnish, 1.1 varnish
correlation-id
ec4f32a219600
x-served-by
cache-iad-kjyo7100085-IAD, cache-lga21978-LGA
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id
ec4f32a219600
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges
bytes
content-type
application/json
content-length
125
x-cache-hits
0, 0
e
c.paypal.com/v1/r/d/b/ Frame 9763 		15 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/e
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 03 Mar 2022 11:48:59 GMT
via
1.1 varnish, 1.1 varnish
correlation-id
c87bb480d0f68
x-served-by
cache-iad-kcgs7200123-IAD, cache-lga21978-LGA
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
content-type
application/json
paypal-debug-id
c87bb480d0f68
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges
bytes
timing-allow-origin
*
content-length
15
x-cache-hits
0, 0
p3
c6.paypal.com/v1/r/d/b/ Frame 9763 		0
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c6.paypal.com/v1/r/d/b/p3?f=uid_922888e6dc_mte6ndg6ntc&s=SMART_PAYMENT_BUTTONS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:59 GMT
via
1.1 varnish, 1.1 varnish
correlation-id
db9720dd787fb
x-timer
S1646308139.389019,VS0,VE91
x-served-by
cache-iad-kjyo7100108-IAD, cache-lga21978-LGA
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
db9720dd787fb
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges
bytes
timing-allow-origin
*
content-length
0
x-cache-hits
0, 0
p1
c.paypal.com/v1/r/d/b/ Frame 195A 		125 B
603 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/p1
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
08d4602a1000157a77fa2920bd43e22d0c7aefbd236ebb2e4c811eea45692076
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

timing-allow-origin
*
date
Thu, 03 Mar 2022 11:48:59 GMT
via
1.1 varnish, 1.1 varnish
correlation-id
9531089889286
x-served-by
cache-iad-kcgs7200084-IAD, cache-lga21978-LGA
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id
9531089889286
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges
bytes
content-type
application/json
content-length
125
x-cache-hits
0, 0
e
c.paypal.com/v1/r/d/b/ Frame 195A 		15 B
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/e
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 03 Mar 2022 11:48:59 GMT
via
1.1 varnish, 1.1 varnish
correlation-id
e389eaf155f3c
x-served-by
cache-iad-kiad7000073-IAD, cache-lga21978-LGA
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
content-type
application/json
paypal-debug-id
e389eaf155f3c
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges
bytes
timing-allow-origin
*
content-length
15
x-cache-hits
0, 0
p3
c6.paypal.com/v1/r/d/b/ Frame 195A 		0
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c6.paypal.com/v1/r/d/b/p3?f=uid_49a2e987d5_mte6ndg6ntg&s=SMART_PAYMENT_BUTTONS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://c.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 11:48:59 GMT
via
1.1 varnish, 1.1 varnish
correlation-id
ea316de94b5f6
x-timer
S1646308139.389171,VS0,VE85
x-served-by
cache-iad-kjyo7100127-IAD, cache-lga21978-LGA
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
ea316de94b5f6
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges
bytes
timing-allow-origin
*
content-length
0
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame C144 		813 B
745 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?components=buttons,funding-eligibility&enable-funding=venmo&currency=USD&client-id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&merchant-id=BXJ5YSTWHSQYQ&commit=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
42875a3fa8173f9022824569986c69e24060532533eb9262ae82194cce5d165f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZlbmFibGUtZnVuZGluZz12ZW5tbyZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5Jm1lcmNoYW50LWlkPUJYSjVZU1RXSFNRWVEmY29tbWl0PWZhbHNlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfa2xka2drcWthbmZ2cmdnZnZja3d1bmJrcXN1cGZpIn19&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=a314411c7d694&storageID=uid_29732d8222_mte6ndg6ntc&sessionID=uid_922888e6dc_mte6ndg6ntc&buttonSessionID=uid_fc30b3d375_mte6ndg6ntg&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6dHJ1ZSwibWVyY2hhbnRDb25maWdIYXNoIjoiMmU3NjAyNDA5YWRhZWVlMWEzYWFlYzM1NWQyZWQ4YzRhZDAzNWU4OSIsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjoiZXhwZXJpbWVudGFibGUifSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhcmlhbnQiOiJleHBlcmltZW50YWJsZSJ9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOnRydWV9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6dHJ1ZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=true&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&enableFunding.0=venmo&merchantID.0=BXJ5YSTWHSQYQ&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type
application/json

Response headers

date
Thu, 03 Mar 2022 11:48:59 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
f16665874a74e
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-iad-kjyo7100165-IAD, cache-lga21944-LGA
x-timer
S1646308139.374290,VS0,VE83
etag
W/"32d-PMQqpnz40X9egKeMySv6USNvw40"
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame C1A1 		824 B
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?components=buttons,funding-eligibility&currency=USD&client-id=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&intent=tokenize&vault=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9ad150db86be57344c7c315c526d1ca2e9e2aedd16f67add2d1c24349e11fbe8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://www.paypal.com/smart/buttons?fundingSource=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&components.0=buttons&components.1=funding-eligibility&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsZnVuZGluZy1lbGlnaWJpbGl0eSZjdXJyZW5jeT1VU0QmY2xpZW50LWlkPUFmdW44d1lrazgwRlljeV9QWEpVVlVNS2pVc3ZpbWN4cGtKN3NCSkxsUGpfR3VudE5TdVZLLVd5Z3BuYVlUcmc4T3Y3S0drYzljYkZvWVB5JmludGVudD10b2tlbml6ZSZ2YXVsdD10cnVlIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfdXRobmR6bHp0cWNtZ2pyam5jaWpyc29mdGpmdmx5In19&clientID=Afun8wYkk80FYcy_PXJUVUMKjUsvimcxpkJ7sBJLlPj_GuntNSuVK-WygpnaYTrg8Ov7KGkc9cbFoYPy&sdkCorrelationID=f312126797ac9&storageID=uid_1e6744abf7_mte6ndg6ntg&sessionID=uid_49a2e987d5_mte6ndg6ntg&buttonSessionID=uid_4ffb326479_mte6ndg6ntg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiMmU3NjAyNDA5YWRhZWVlMWEzYWFlYzM1NWQyZWQ4YzRhZDAzNWU4OSIsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjp0cnVlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type
application/json

Response headers

date
Thu, 03 Mar 2022 11:48:59 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
MISS, MISS
paypal-debug-id
f16665857f215
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-iad-kiad7000150-IAD, cache-lga21944-LGA
x-timer
S1646308139.380213,VS0,VE83
etag
W/"338-v7/cl3go2uB8Jvz0tv0fmaOq5UI"
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
content-encoding
br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
none
x-cache-hits
0, 0
tap.php
pixel.rubiconproject.com/ Frame 9A24
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YiCrKQAAAFOPYARA&expires=90
42 B
753 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YiCrKQAAAFOPYARA&expires=90
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://thesalvationarmy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
ad49a0f18e050afeb6359164ab3bd56e
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:59 GMT
via
1.1 varnish
server
Varnish
x-timer
S1646308139.380140,VS0,VE0
x-served-by
cache-lga21953-LGA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YiCrKQAAAFOPYARA&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 9A24
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YiCrKQAAAFOPYARA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YiCrKQAAAFOPYARA&C=1
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YiCrKQAAAFOPYARA&C=1
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://thesalvationarmy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Mar 2022 11:48:59 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 03 Mar 2022 11:48:59 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 03 Mar 2022 11:48:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YiCrKQAAAFOPYARA&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
279
Expires
Thu, 03 Mar 2022 11:48:59 GMT
setuid
ib.adnxs.com/ Frame 9A24
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=YiCrKQAAAFOPYARA
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=YiCrKQAAAFOPYARA
Protocol
HTTP/1.1
Server
68.67.161.205 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
799.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://thesalvationarmy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Mar 2022 11:48:59 GMT
X-Proxy-Origin
37.120.138.195; 37.120.138.195; 799.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
5779beee-6f9a-4f86-b862-e5d61314e485
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:59 GMT
via
1.1 varnish
server
Varnish
x-timer
S1646308140.599933,VS0,VE0
x-served-by
cache-lga21953-LGA
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=YiCrKQAAAFOPYARA
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame 9A24
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YiCrKQAAAFOPYARA
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YiCrKQAAAFOPYARA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YiCrKQAAAFOPYARA
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://thesalvationarmy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:59 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YiCrKQAAAFOPYARA
date
Thu, 03 Mar 2022 11:48:59 GMT
via
1.1 google
server
OXGW/17.1.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
Pug
image2.pubmatic.com/AdServer/ Frame 9A24
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YiCrKQAAAFOPYARA
1 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YiCrKQAAAFOPYARA
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://thesalvationarmy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 03:28:58 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug002:0:327
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:59 GMT
via
1.1 varnish
server
Varnish
x-timer
S1646308140.806194,VS0,VE0
x-served-by
cache-lga21953-LGA
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YiCrKQAAAFOPYARA
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame 9A24
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YiCrKQAAAFOPYARA&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YiCrKQAAAFOPYARA&img=1&__user_check__=1&sync_id=ea389318-9ae7-11ec-99db-1fd605430203
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YiCrKQAAAFOPYARA&img=1&__user_check__=1&sync_id=ea389318-9ae7-11ec-99db-1fd605430203
Protocol
HTTP/1.1
Server
192.35.249.120 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://thesalvationarmy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 11:48:59 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
364
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Thu, 03 Mar 2022 11:48:59 GMT
Server
nginx
Location
/partner?adv_id=6409&uid=YiCrKQAAAFOPYARA&img=1&__user_check__=1&sync_id=ea389318-9ae7-11ec-99db-1fd605430203
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
272
Connection
keep-alive
Content-Length
0
b.php
www.facebook.com/fr/ Frame 9A24
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YiCrKQAAAFOPYARA&t=2592000&o=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YiCrKQAAAFOPYARA&t=2592000&o=0
Protocol
H2
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://thesalvationarmy.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 03:49:00 PST
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
93Jr6VTNWyxMDF0FENPMbmttSFfVlVJB/Qg4RHakzVsK8cSUSiMec3wbNerm0QRy4Q0lUx8rg2iGssLhqrrIWQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
image/gif
vary
Accept-Encoding
cache-control
public, max-age=0
priority
u=3,i
expires
Thu, 03 Mar 2022 03:49:00 PST

Redirect headers

pragma
no-cache
date
Thu, 03 Mar 2022 11:48:59 GMT
via
1.1 varnish
server
Varnish
x-timer
S1646308140.965729,VS0,VE0
x-served-by
cache-lga21953-LGA
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YiCrKQAAAFOPYARA&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
collect
b.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://give.sawso.org/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://give.sawso.org
date
Thu, 03 Mar 2022 11:49:00 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
trusted-types-checker-79a96411cda1ad4b6763ce22787d473d.js
js.stripe.com/v3/fingerprinted/js/ 		172 B
293 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-79a96411cda1ad4b6763ce22787d473d.js
Requested by
Host: give.sawso.org
URL: https://give.sawso.org/give/393706/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
44817c16b84ba3d2522ea47f3b6c94758f334739fbe91443e0e3a2085f637022
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://give.sawso.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
57
x-cache
HIT
content-length
118
etag
"d2c1d1f45a2ae4aca2c4e7d33040ceb7"
x-request-id
fd57394d-3f70-40a9-94f1-74642e8b5926
x-served-by
cache-lga21920-LGA
access-control-allow-origin
*
last-modified
Mon, 07 Feb 2022 21:04:47 GMT
server
Fastly
date
Thu, 03 Mar 2022 11:49:02 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2
0
r.stripe.com/ Frame A74B 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-85fd1b545fd560e7f16b520f4aa11d1b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Thu, 03 Mar 2022 11:49:03 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain

Verdicts & Comments Add Verdict or Comment

287 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 function| structuredClone object| oncontextlost object| oncontextrestored object| __cfQR object| __cfBeacon object| NREUM object| newrelic function| __nr_require object| SC object| analyticsCallbacks function| triggerGaCallbacks boolean| gaDebug function| loadGA function| initializeGA string| GoogleAnalyticsObject function| ga object| ga4Callbacks function| triggerGA4Callbacks function| initializeGA4 boolean| ga4Debug string| heapId object| heap object| uiroutermetatags object| ngFileUpload function| factory object| _gsScope object| Modernizr object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| $ function| jQuery function| _ object| angular object| WebFont function| FastClick function| EvEmitter function| imagesLoaded string| output function| TimeSpan function| TimePeriod function| DeepDiff function| moment function| Spinner function| Picker object| ProgressBar function| getSlug function| createSlug object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| ExpoScaleEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| UAParser function| aesConvert function| bugsnag string| bugsnagTokenClient object| bugsnagClient object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| OptanonWrapper boolean| __cfRLUnblockHandlers object| dataLayer object| params string| ClassyObjectName object| Classy object| __webpackStripeJSv3Jsonp function| Stripe object| Plaid function| paypalLoadScript function| paypalLoadCustomScript object| TokenEx string| scriptPath undefined| scripts undefined| a undefined| c object| OneTrust object| Optanon string| OnetrustActiveGroups string| OptanonActiveGroups function| jsonFeed object| cartActions boolean| DEBUG_SYNC object| twttr function| onYouTubeIframeAPIReady boolean| prerenderReady object| google_tag_manager function| postscribe object| google_tag_manager_external function| e object| visitor object| adobe function| Visitor object| s_c_il number| s_c_in string| s_account object| s function| s_doPlugins function| s_getLoadTime function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_AudienceManagement function| AppMeasurement function| s_gi function| s_pgicq number| s_loadT function| DIL number| s_objectID number| s_giq undefined| ebUniqueDonorID undefined| ebZipCode string| ebNewDonor undefined| ebRevenue string| ebTerritory number| ebRand function| twq object| myTracker object| uetq function| getParam function| getExpiryRecord function| addGclid object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| __twttrll object| __twttr function| gtag function| UET function| UET_init function| UET_push object| ueto_3343115358 object| ueto_c44248b108 object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions string| ebPtcl function| ebDecode object| bsResponseObj string| ebAttId object| ebAttrConf object| __post_robot_10_0_46___uid_kldkgkqkanfvrggfvckwunbkqsupfi object| paypal object| __zoid_9_0_86___uid_kldkgkqkanfvrggfvckwunbkqsupfi function| iFrameResize function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| paypalDDL function| clarity object| ebAttribution object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| providersData object| __post_robot_10_0_46___uid_uthndzlztqcmgjrjncijrsoftjfvly object| paypalRecurring object| __zoid_9_0_86___uid_uthndzlztqcmgjrjncijrsoftjfvly undefined| s_code object| _qevents object| RB object| f object| EF function| rdt number| t number| r function| AdCloudEvent string| imsOrgId string| rsid object| adCloudCookieData object| cookieInstance string| ebUserIdGuid object| s_Obj string| s_PPVid function| s_PPVevent number| s_PPVi number| s_PPVt object| s_i_tsa.global object| $jscomp function| $jscomp$lookupPolyfilledValue object| __ql string| path string| host object| scriptTags object| ret object| configArgs number| pixelRatio number| width number| height object| screenSize boolean| isBetaAdvertiser object| labels function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| ju_init function| dap_tokenize function| dap_x1_membership function| dap_attributes object| config object| identity

96 Cookies

Domain/Path Name / Value
.salarmy.us/ Name: _bit
Value: m23bMT-c90c408dd0d068a7a8-00v
give.sawso.org/ Name: connect.sid
Value: s%3A5Avxlrtu6nBcxuUX9UdSyK4FqI0J80qh.mAtJX%2B3V%2BLripelPUAS%2B2%2B1gp00YYhRTmEbLJrardv0
.give.sawso.org/ Name: __cf_bm
Value: X8lPj9CAIgYsQmIAwr5cxD7znE30fIEAq9_0AhVsQS8-1646308136-0-AV0rZGYYQvIH5iNST7eSRpraQ7a2ZLrLr8wiskPl3m9smZRQqYrt2b49MtKWWzmP5r5T5VpBsMgHr1oTGmzZWAQ=
.give.sawso.org/ Name: __cfruid
Value: 4eab9bf3f130f1505b8fe3bcf9cc2273d46b442d-1646308136
.classy.org/ Name: __cf_bm
Value: 72No9amoJM3m9BOtfTqwTrkWDRu0dQdN5InPBGjg7xk-1646308136-0-AdzNsZtyclM9x9ZemdFW4oqd7Nx4TU19sfmOweZqS70DkKbS/GZ8EbvGuoAlLew2FTqYOWSFfc2PCesURTrtMUg=
.sawso.org/ Name: _ga
Value: GA1.2.641797413.1646308137
.sawso.org/ Name: _gid
Value: GA1.2.623306121.1646308137
.sawso.org/ Name: _hp2_id.1566116007
Value: %7B%22userId%22%3A%221841682043291337%22%2C%22pageviewId%22%3A%222665113827604000%22%2C%22sessionId%22%3A%225223150494018539%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
give.sawso.org/ Name: c_src
Value: %7B%22393706%22%3A%5B%7B%22c_src%22%3A%22URLShortener%22%2C%22c_src2%22%3A%22ukrainecrisis%22%2C%22referrer%22%3A%22%22%2C%22timestamp%22%3A1646308136971%7D%5D%7D
.youtube.com/ Name: YSC
Value: Ze2uRNxGdpw
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 37s9Mh9Ts-A
.sawso.org/ Name: _gat_classyTrack
Value: 1
.sawso.org/ Name: _hp2_props.1566116007
Value: %7B%22environment%22%3A%22prod%22%2C%22organization_id%22%3A49501%2C%22payment_processor%22%3Anull%2C%22campaign%22%3A393706%2C%22campaign_type%22%3A%22donation%22%2C%22duplicate_fundraisers%22%3Afalse%2C%22existing_fundraiser%22%3Afalse%7D
.sawso.org/ Name: _hp2_ses_props.1566116007
Value: %7B%22ts%22%3A1646308136897%2C%22d%22%3A%22give.sawso.org%22%2C%22h%22%3A%22%2Fgive%2F393706%2F%22%2C%22g%22%3A%22%23!%2Fdonation%2Fcheckout%3Fc_src%3DURLShortener%26c_src2%3Dukrainecrisis%22%7D
.give.sawso.org/ Name: OptanonConsent
Value: landingPath=https%3A%2F%2Fgive.sawso.org%2Fgive%2F393706%2F%23!%2Fdonation%2Fcheckout%3Fc_src%3DURLShortener%26c_src2%3Dukrainecrisis&datestamp=Thu+Mar+03+2022+11%3A48%3A57+GMT%2B0000+(GMT)&version=3.6.25&EuOnly=false
.sawso.org/ Name: _gcl_au
Value: 1.1.617112300.1646308137
.sawso.org/ Name: _gat_UA-51388709-1
Value: 1
give.sawso.org/ Name: CSRF-TOKEN
Value: HCPWLGh2-E8ZDJ3eeqNbMzKV5UQio3-rqLWQ
.bing.com/ Name: MUID
Value: 34E063E27C196CD5316A72BE7D7B6D5A
.bat.bing.com/ Name: MR
Value: 0
.demdex.net/ Name: demdex
Value: 83338073149347130610678269272526832418
.sawso.org/ Name: AMCVS_20A0289659302A7E0A495D28%40AdobeOrg
Value: 1
.nr-data.net/ Name: JSESSIONID
Value: fd7442643b3a413
.sawso.org/ Name: _uetsid
Value: e8e895a09ae711ec901ee9a52311e8c5
.sawso.org/ Name: _uetvid
Value: e8e97f509ae711ecb0e8414dce1132ca
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YiCrKQAAAFOPYARA
.twitter.com/ Name: personalization_id
Value: "v1_zJDgi6zMwl4br+r7Eeje2A=="
.t.co/ Name: muc_ads
Value: 23ce7c9d-84b3-4120-b065-b04f07c37586
.google.com/ Name: NID
Value: 511=mGw0XpdU163-IdG0MdMYxbvhxeE1az6xEDtUPgXhiZk64sVDqbrQDI6S1dvxX9nf76hv0jRZhUC5eICgW11gaNEKvGXJ1YczYr64GCANrOa-2Xy7JqYK7W_uaowkTGloY2rB3jn8Jo_HdMO5fJSavOcqHQKf59iKAyzqSZ8ZUUE
.dpm.demdex.net/ Name: dpm
Value: 83338073149347130610678269272526832418
.sawso.org/ Name: AMCV_20A0289659302A7E0A495D28%40AdobeOrg
Value: 1585540135%7CMCIDTS%7C19055%7CMCMID%7C83179975797187033120693947332517638423%7CMCAAMLH-1646912937%7C7%7CMCAAMB-1646912937%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1646315338s%7CNONE%7CMCSYNCSOP%7C411-19062%7CMCAID%7CNONE%7CvVersion%7C4.4.0
give.sawso.org/ Name: acceptCookies
Value: eyJpdiI6ImJWMU9tUXlcL2k1T3VrZWpxSkxRdWFnPT0iLCJ2YWx1ZSI6IlBMc2Z6U1crY2JadVo4MFhIREpuZlE9PSIsIm1hYyI6ImQ1MmM3NWM4MjIxNjJjZmUzZTU3NmM3M2RiYmNjNzU4ZjIwZjQxYjA0YjdhN2JhNThhZWNkMGQyZThlOGMzOTMifQ%3D%3D
give.sawso.org/ Name: XSRF-TOKEN
Value: eyJpdiI6Ijhlc2ZNYzFuXC9WVE9FUUJTYytnWFwvdz09IiwidmFsdWUiOiJRb29cL1I0akJucnFyZzI4MjBObWFyM3lHaHJ6T0ljSzk3MXpsWEdxSmlZR1dcLzNnd3BDa1hNYnBxNlVXVEVSbTlKV1hZQVdmaGtZa2NsWHBUTlAzbExRPT0iLCJtYWMiOiI3ZjY2ZmIxMTg1MDhhZWY0MGExNzRjZGFhOWI0ZTZjZmI1MzYwNjEwMjM5OTRiMDFiNDJjOGM4MzI1ZGE4YWUxIn0%3D
give.sawso.org/ Name: sid
Value: eyJpdiI6IldwY1BkM0NrQ1BZb0lmcnVjQ1ljK0E9PSIsInZhbHVlIjoiUWFkTnJJVEthd1RqdVlhQzhTakFBTkVuZEVSNVhsYlh0bVwvWll1YUdQK1g2WUM4cWYyNlJibURBZVlwOFBidHpmZjQ0dHNraWU3cTVTUFJDMHRRcFZBPT0iLCJtYWMiOiIwZTM0NWM5YjBiZTU5ODU3MGRmYmY5NWU5ZTYyYjBhNDk3Y2Y4MTY5YjU3N2NkMTE4N2EzODJjZmI2YTJjNzBjIn0%3D
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 34E063E27C196CD5316A72BE7D7B6D5A
.serving-sys.com/ Name: u2
Value: 9b545b9c-fe1b-4564-b25b-c5890ccb2d3b4FK09g
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 34E063E27C196CD5316A72BE7D7B6D5A
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.paypal.com/ Name: l7_az
Value: dcg13.slc
.doubleclick.net/ Name: IDE
Value: AHWqTUnp2J4rwkwz3aJxNbrOXnrPxl2E6hwoKCwmuko8WcNkuIt57e-DHfZQTb9z
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnJwZHHmX-eQgDX9SHDXM4nYqyJ7sKOUVtcA7C0P_K5Bqt5vBXJWr28xhzB5QC4TM1
.adsrvr.org/ Name: TDID
Value: 14592955-fd9d-4a52-95dd-654fd0ed5b4b
.sawso.org/ Name: _gat_clientTrack
Value: 1
.paypal.com/ Name: ts_c
Value: vr%3D4f9c9d4b17f0a7a0995edecffbe57f52%26vt%3D4f9c9d4b17f0a7a0995edecffbe57f51
.sawso.org/ Name: adcloud
Value: {%22_les_v%22:%22y%2Csawso.org%2C1646309938%22}
.sawso.org/ Name: s_ppvl
Value: %5B%5BB%5D%5D
.sawso.org/ Name: s_ppv
Value: undefined%257C393706%257CCampaign%2520Donate%2C76%2C76%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.sawso.org/ Name: s_ppn
Value: undefined%7C393706%7CCampaign%20Donate
.sawso.org/ Name: gpv_v9
Value: undefined%7C393706%7CCampaign%20Donate
.sawso.org/ Name: s_ptc
Value: %5B%5BB%5D%5D
.sawso.org/ Name: s_cc
Value: true
.serving-sys.com/ Name: ActivityInfo2
Value: 0022ndARZ0_002jaXARZ0_
.sawso.org/ Name: _rdt_uuid
Value: 1646308138620.530de5e5-70fe-46ed-919c-d4e4f586b94d
.sawso.org/ Name: _clck
Value: 1oge857|1|ezg|0
m.stripe.com/ Name: m
Value: a748b91b-f495-42a7-ada9-0fe49ebf7f4b46b61b
.getrockerbox.com/ Name: uuid
Value: rbos-c1cbf3a5-7dbb-4cbd-9ea9-cb437376e1df
.quantserve.com/ Name: d
Value: EIYBDAHJJbmvYA
.quantserve.com/ Name: mc
Value: 6220ab2a-c5c50-cb28d-2b483
.give.sawso.org/ Name: __stripe_mid
Value: f61942c2-6adc-45f6-b42d-9bab44beb6e361c46f
.give.sawso.org/ Name: __stripe_sid
Value: 376c7f65-f733-46e8-8cc9-41cc456315995e1a47
.sawso.org/ Name: AAMC_thesalvationarmy_0
Value: REGION%7C7
.give.sawso.org/ Name: aam_uuid
Value: 83338073149347130610678269272526832418
.sawso.org/ Name: rbuid
Value: rbos-c1cbf3a5-7dbb-4cbd-9ea9-cb437376e1df
.everesttech.net/ Name: everest_session_v2
Value: YiCrKgAABPtNgzEf
.turn.com/ Name: uid
Value: 4020377871843843627
.sawso.org/ Name: _clsk
Value: 600qdd|1646308139028|1|1|b.clarity.ms/collect
.yahoo.com/ Name: A3
Value: d=AQABBCurIGICENb6vLH3M11ml3wPnuBLLl4FEgEBAQH8IWIqYgAAAAAA_eMAAA&S=AQAAAoOzsTBKR9-0H22WvuEMw4c
.paypal.com/ Name: tsrce
Value: loggernodeweb
.paypal.com/ Name: ts
Value: vreXpYrS%3D1741002539%26vteXpYrS%3D1646309939%26vr%3D4f9c9d4b17f0a7a0995edecffbe57f52%26vt%3D4f9c9d4b17f0a7a0995edecffbe57f51%26vtyp%3Dnew
.everesttech.net/ Name: ev_sync_ax
Value: 20220303
.bluekai.com/ Name: bkdc
Value: phx
.bluekai.com/ Name: bkpa
Value: KJy5iaLvQp9x9WXEdbnVjvU8YvPxF/qWfvgOIZYpf4AqYL11EJmED9wZlMXuIoLaNpA9wSBeqxB6tQsifLcmtOnYjv53yR+2IXXRp0wE/q8iyLHIaqZ01AdPeRD2uapgQJZdUJIXkYDzTkRS2fkTGR1THVDsWH0FC13XoFKc+oOIXz6h/9==
.bluekai.com/ Name: bku
Value: YCD99Yrg/s/GDt6A
.adsrvr.org/ Name: TDCPM
Value: CAESEgoDYWFtEgsI5MGU_oCTszoQBRIWCgdibHVla2FpEgsI6v_B37rFvjoQBRIZCgpyaWdodG1lZGlhEgsIhNvg47rFvjoQBRgFIAIoATILCOS57YrRxb46EAU4AUIEIgIIAVoHOXZ1czN2N2ABcgpyaWdodG1lZGlh
.adnxs.com/ Name: uuid2
Value: 4909297711335052398
.sawso.org/ Name: __qca
Value: P0-1502130799-1646308139036
.analytics.yahoo.com/ Name: IDSYNC
Value: 1769~23jn
.c.paypal.com/ Name: sc_f
Value: 3RtyDbjjgNvc1eDGkSSrwpagV9NFooV-b4bltvp_-81-wFxQYUKY5Cxd1zfJcuVj8SmviGA5uu8-LNjeXnnkk3mcPW4mflR-zqQuBm
.paypal.com/ Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK
Value: ITI-l0lqFKyREUg3_nSdoL9S9jdQThGIFsKRFvjHi7fbyyJv50NtGu0gTDfg4Wx4962P9qm5JTfVdgnI
.rubiconproject.com/ Name: khaos
Value: L0AXCYJ2-11-ELUS
.rubiconproject.com/ Name: audit
Value: 1|dvncLIOeia0HarDt43gQ7T5aOioOAr4SpRC47QYYVvrKFx9GcZjMLkzsFB/gcpi7efoPdBkPLKiM1KxoLazIt8oW2SgbbjsrEOjxxX8e+bMKHJ42fuG5/GwjENlL0ZJVQcTj1BVhyBV/6K+MJaMXAo76/Gy8ewrDCOeqF/Dn4Co=
.casalemedia.com/ Name: CMID
Value: YiCrK9SM4nxib4ChLB.BrgAA
.casalemedia.com/ Name: CMPS
Value: 3791
.adnxs.com/ Name: anj
Value: dTM7k!M4.FErk#WF']wIg2E>>>%[zI!@wnfH)iR8PMp-v=0C#AabCp_iJ%Di8=WF2fELD@`ENix(j#iP(Md+uBZ.Nkx3I%>JHVIw0/rwze8php!!(mH*.F7e
.openx.net/ Name: i
Value: 3961980f-752f-43bc-80a8-f90d372a4df7|1646308139
.casalemedia.com/ Name: CMPRO
Value: 1004
.casalemedia.com/ Name: CMRUM3
Value: 586220ab2b2760YiCrKQAAAFOPYARA
.casalemedia.com/ Name: CMST
Value: YiCrK2IgqysA
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YiCrKQAAAFOPYARA&KRTB&22978-YiCrKQAAAFOPYARA&KRTB&23194-YiCrKQAAAFOPYARA&KRTB&23209-YiCrKQAAAFOPYARA
.pubmatic.com/ Name: PugT
Value: 1646278138
.pubmatic.com/ Name: PUBMDCID
Value: 2
.spotxchange.com/ Name: audience
Value: ea3892a3-9ae7-11ec-99db-1fd605430203
.demdex.net/ Name: dextp
Value: 470-1-1646308138584|1175-1-1646308138763|3462-1-1646308138876|30646-1-1646308138979|49276-1-1646308139122|144230-1-1646308139247|144231-1-1646308139349|144232-1-1646308139450|144233-1-1646308139551|144234-1-1646308139653|144235-1-1646308139754|144236-1-1646308139855|144237-1-1646308139957

3 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://www.googleadservices.com/pagead/conversion_async.js(Line 71)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
analytics.twitter.com
assets.classy.org
b.clarity.ms
b.stats.paypal.com
b.videoamp.com
bam-cell.nr-data.net
bat.bing.com
bid.g.doubleclick.net
bs.serving-sys.com
bttrack.com
c.bing.com
c.clarity.ms
c.paypal.com
c6.paypal.com
cdn.bttrack.com
cdn.heapanalytics.com
cdn.plaid.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
code.jquery.com
d.turn.com
dap-dist.akamaized.net
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
getrockerbox.com
give.sawso.org
googleads.g.doubleclick.net
heapanalytics.com
htp.tokenex.com
ib.adnxs.com
image2.pubmatic.com
insight.adsrvr.org
js-agent.newrelic.com
js.stripe.com
lasteventf-tm.everesttech.net
m.stripe.com
m.stripe.network
match.adsrvr.org
pay.classy.org
pay.google.com
pixel.everesttech.net
pixel.quantserve.com
pixel.rubiconproject.com
platform.twitter.com
play.google.com
prod-frs.content.classy.org
q.stripe.com
r.stripe.com
rtd-tm.everesttech.net
rules.quantcount.com
salarmy.us
salvationarmyusa.dap.akadns.net
secure-ds.serving-sys.com
secure.adnxs.com
secure.quantserve.com
sessions.bugsnag.com
slc.stats.paypal.com
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
syndication.twitter.com
t.co
t.paypal.com
tags.bluekai.com
thesalvationarmy.demdex.net
thesalvationarmy.sc.omtrdc.net
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
www.clarity.ms
www.everestjs.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.paypal.com
www.redditstatic.com
www.youtube.com
104.244.42.5
104.244.42.67
104.244.42.8
142.250.31.155
142.250.80.66
142.250.80.98
151.101.129.140
151.101.129.21
151.101.192.176
151.101.193.35
151.101.194.137
151.101.2.49
162.247.243.147
172.67.209.18
184.51.146.123
192.132.33.46
192.35.249.120
199.232.36.157
20.36.253.92
20.75.32.255
2001:4de0:ac18::1:a:2a
23.209.184.224
23.3.126.131
23.52.162.21
23.64.96.61
2600:141b:13::1732:35b9
2600:141b:13::17d7:82ca
2600:1901:0:7a0b::
2600:9000:2209:1800:6:44e3:f8c0:93a1
2600:9000:2209:9200:19:7d10:bd80:93a1
2606:2800:220:de:468:2285:c1:4a3
2606:4700:10::6814:b844
2606:4700::6810:5f41
2606:4700::6810:7eaf
2606:4700::6812:7115
2606:4700::6812:843c
2607:f8b0:4004:c09::9c
2607:f8b0:4006:80a::2004
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80d::200a
2607:f8b0:4006:80e::2003
2607:f8b0:4006:80e::2008
2607:f8b0:4006:816::2003
2607:f8b0:4006:81f::200e
2607:f8b0:4006:822::200e
2607:f8b0:4023:1407::5c
2620:112:f002:bbbb::23
2620:116:800b:21:f803:c51b:4d23:ce8c
2620:1ec:27::cafe:2008
2620:1ec:c11::200
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:400::396
3.218.90.66
3.219.107.245
3.33.220.150
34.106.92.18
34.197.92.210
34.98.64.218
44.237.139.252
52.10.86.168
52.143.247.24
52.85.61.81
52.85.61.85
54.145.23.213
54.162.65.228
54.187.159.182
54.211.181.31
54.212.155.93
54.236.94.205
67.199.248.12
68.67.161.205
68.67.179.135
69.16.175.42
76.13.32.147
8.28.7.83
8.43.72.97
002b2cf2b425335f6965c68c3d1d3aa45c24e8da9046330d4303e9d2f6b27376
03c177808925e534ed41863f25f8f7d62e962acff411af2738563d8b9c71145a
056a25fd3493379aba428c8c679b68a841060e54b9bab8c65361a573ba2305ae
0734a01ab47d2a5f1cdcba6b63df10a5604684a76db5a7ba6a70265c3d7ffcb8
08d4602a1000157a77fa2920bd43e22d0c7aefbd236ebb2e4c811eea45692076
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa
0c5ce540400b917b6aa995f875a562013ac61e93ecba1b8dd7a9b5bdd793ddf6
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0ecde91d88dbb2ac0fee3fd1fbb92977853f7e91ba1977c2c33b04d237165693
12722c9f5fabaa7b9bfc7bd1900cc46b73434bf728ed0e02cb6d1f7c51855b42
12b2cf6a1b18d22607d58a89b74c4f9276b7aacca733871d9f3883cb3fc00a98
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
172f760a1ca6ec0db87f090a6a566466bb901d8a570c6bffe2a1c2351e3eafe9
1d5ec60aee43382b99e854d9b0fdf3887554017d8ae588816fd6496598b81f08
1f72772abce62c53d64d8a6f0830f27d898b44d5ff87918fdaa1378d27957de9
206f8f9185f8126ddd7372af71d1662af462e12456744e1864e40c6cf7cb9172
21a86cb0c5b58963de9d2140e861edfbbd5445fd7358deb88badcd09ef6db3d9
2277fa90bcd2ea9e62a33e16a974903c84360b09a21060739cecb6627e2dd796
236a55d1369138eb71057e01381c1713a8f2e87887635e6c52c606507ade754a
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
25f6abc92aeb0c0f58e8a4c0a1f3d7565237b11319b2cb1313aeabc5d239429d
277def1230f5f7940f224b2b93adb04b1c116cf906adf030a74d64082eab4428
2816082c025f64540b613fde3096d814ae21ac75279461ec1d6bcb5c07099fdd
2d6017d0165dcaf6d7196aa44add160ae5a42830ff81d353102f551759e8af26
2e8438105103d9fa45ea35fa84ebbd53e0d425bb507f810cc8b316c91935419d
323077d5db342792d6cada4af2b7cfd297c0f415b39a2f383f8dbe312657cdf1
337c8507276f310305e27066531779c039ef82c1d93d178eb3cbb7db1e6fc008
33aa0827f30e39a9b5ce0378184af79906a3e31f283386c25615163e7f2d1c53
36fb889569aab047217a5f00d75452120ec9495d749fb8921e1c5f2f0bd66355
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65
373a259f7128f9b8f9ca552627f4986a05c4c081f6528b308ffb3dee358a5a74
3764bbc6c69437d04ecea588610e41505c16f8c10d642be08542ec46f8f82c58
39274d16fe03d66d8a425007eeb00f2d51496db71e847a0940a1b3ae12c42fed
3eb46ac51a19783fc2372951df04b02b639d6eacba2d6f6ef0c3fad9a1701c81
3eebe8ba77272ac8421d69c02592ba09b471a7c1c71a584de3810ec174785a39
3f4e805c9d1889034712238bd4c45a2f26c0d3e8904109eabcda4f1ff29f6614
3f5b45b810b836ed0af927382cb374ab7e23d58312e17b44560bdd419309810e
3fa9c7899ebf9d8885ab7169775a17bd9daeec34e9dbe541611f164de66e2f0f
42875a3fa8173f9022824569986c69e24060532533eb9262ae82194cce5d165f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44817c16b84ba3d2522ea47f3b6c94758f334739fbe91443e0e3a2085f637022
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4a8b42be2df7b31e11b442a965f4ee259ffac45e2643d39f47faedc219589fc5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5f38f83d2f6add817e3b6ecab157b7343293a658bc177e0cd89fb87fb79b92
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
503ca51df348c460e10a0c105a076ec247d4a85045133a934bb7f39060b1a9c9
53f02d29d8d4147a41c50b3ca5b7d3d1bd88b73df595a1f638634c464362c1c8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5548d23a1f4aceebe3832d5d9ef190af532a7022a584eb2e84b875c792c28e77
55d96d837c19ca2db4cbfc87b8bf80c299d24179af70a94b0de76d62c42b73c8
55f69a55e7c589e20181de0a16d8635780fa2301dc4ab519cb6c8e1397bbef39
5a9fe372bcff9fdc9196edad388df17256dda91a192654f4ec796bff77b1569c
5d876b6000c53e5342005918c9ffe3538e64ba0467bcb6191a697c9589590438
5ed01afec7a8885ac179d8946a1b9e8ea751051ec8495ba1c51c4b66367f69a3
5fa553b3ca22c21a48fb04341944ed72eff3fc14e3bee039d4f92dccfb270bda
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
643052defbfd732992d83bb697a4b05d4417ed1bf13e124979d301912805b395
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7363737e6085c8bccb21750e5b090025d8da016074812f889411f0de954bc5e6
74a177fc1af5246cc572eefeace79f1466d87bf27daf0f35aa2a601f15aac156
769254457b771e41802cfbc21371888c7b2485ad5baddaacae3b25cd428e428a
76c789f6e57eff56014aef6035e4982aab59e25f888dea0f959612d2c3598dfe
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f9d60bdf606abe6ef16c81e02ccd235a0d56daadc2fd475428de9b926e81ea
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
8558acd8a95e09a66156964628a643d9488245845d7d9e93b26fac23bd136bcd
86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27
89397a3eb88b067419cf551364ac1ea625db85b69bf400526588c7b36d84bde8
8f4aa756253912801a72d07a0233b9402e469d2a08d47b127f49759156aaf879
92799d9c60109152632b91f40fc8d24b3979a4f0c588e73d0849e267404c558d
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
95fd59d301ce000ce5dcc1de36e8b8078c9ddece1223ddc35076e8163ed3a8c6
987371454c1ad11929a412bd48f8ca28d2a951425e60023e9b1031575980ac9c
990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ad150db86be57344c7c315c526d1ca2e9e2aedd16f67add2d1c24349e11fbe8
9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745
9fa1f1dceac33f775634364cfd5f6f7ac199c8d8835584150fa3bfdb90c14c06
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e321f8b5d03a2bd04821e88115c1fe0ba9a65ee41216a318adae0ddd24a34c
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
a6e9e1722cffa254dc5061e3d89fc40a4faec0cd7d44819923657d498e8df822
a7b2e960f7628e2b6d292e1e5e51cedf3243dab1c9d7cafb9897ba05c8185ce4
a9e45b5a1fb5928520e632bbb26c60eac0f713ae9c1aa510c7caf2b952893817
abb45ae4b3a896ae99132c1786a9676218c119ea552d3fbb5ab6d40d9e05e43c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adf4afee15d307888f52c5c1b8649ba2ef593e9a04e1400b63f80774c0d20176
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c26706c63610fb486bfb104c4db875f1092178de4918074590436b4ab3b7d6
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
b32d8805bfd4482dc3edc40e4090b436cf1e52f3cb497bc09b6edf22a49f75df
b4535a58d0e477653d650ee55e59ee772faa0c0c034ab91b756ab6b5c1b8b9c7
b52824ec68c3e1c0d9e14d8489e53230b7b3d96388a511559157479d05efd0cc
b8e79771e48c91e1475afbd1122c2970abc652c4b540ad300b7d87aae1f75ba3
b9977aa286359b9d322d035dfeb9fa83d38c48e45256a7a1aff0ff1dfd5c54b7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc0371de245112c0df044195130d049305d9cbe1a5f61ebbfe1cea8973dc8490
bc1ecbfdb6723d25272ba8de0311879a3bacad85217cabe4cd8cf1b3b57557f3
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49
c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0
cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d25f83d0f7902281216e314e4c888ce0ee752f5fe59a16fcaacbac13744e5015
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
d6e8d344ff0a1adc7c83bdf0736a744fb5db794bd3b07cc3ddd2f4b2924b5518
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d92368b6b477aa5816b65de648b901b23638fbe5b4ee34a90314b4c142ce79a8
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965
dc3ccdb6a61671be4315a129fc7707e82d62669a65679d1b0b50bf82bfc5a28e
dc832faf8ca21fb791b9abb9a3ba334ef3e31914317791dd53510b8a24d0621d
dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfdee93b487ce959d0876f39e2808140fe5cc8ba88466c3ed9c00f20026f3a30
e2382c2e76b6d43f104bd8e7f7a91626b03e1ddcaadf9f6e9a8449ed3776c5a0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e581c5b4b6e28f6a83d0d1953f502c8f61d3ba1940c62c5a92c95f43737317ee
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ebacb8069ea13a513ec42f29ad43140bb58a53c7206f0d65dbdbfbff75d6befd
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc40ac03f23ad6424550a577d9cb70e7e425a4366357ae228053dbbc632fd37
f6654cdce4772c6e6d896c5ff548af91be2430caa8b1a8f6d60345fc15738bdb
f70b05c50d20b6044717b1a0f732d9f20958482d5391450af6a1cbce1eb2e514
f7d05d135b2376ea2d1570a3315652955c5ea3484422b4be31bbf2b61281d76d
f8cb4532c250333223a609fec280bb1ce0cd81deac162a5ebdf722b8d7ed5f79
f8de32eaddf6935168f5339f41de7c43dbfd1d0d33baedff4178331beba61d83
fb92a1ef1cf264bb8eea72c2931c0792c88263258e00e86de118bdd5f1aae997
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995