secure.toysfortots.org Open in urlscan Pro
18.66.147.36 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://secure.toysfortots.org/a/donatetoday
Submission: On December 19 via manual (December 19th 2023, 8:08:13 am UTC) from US — Scanned from DE

Summary HTTP 102 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 28 IPs in 4 countries across 25 domains to perform 102 HTTP transactions. The main IP is 18.66.147.36, located in United States and belongs to AMAZON-02, US. The main domain is secure.toysfortots.org. The Cisco Umbrella rank of the primary domain is 573422.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 31st 2023. Valid for: a year.

This is the only time secure.toysfortots.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	18.66.147.36 18.66.147.36	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:249... 2600:9000:2490:d200:3:1d53:4780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	20.60.58.97 20.60.58.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	108.157.1.118 108.157.1.118	16509 (AMAZON-02) (AMAZON-02)
23	108.157.4.105 108.157.4.105	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
5	45.60.33.183 45.60.33.183	19551 (INCAPSULA) (INCAPSULA)
2	2a00:1450:400... 2a00:1450:400c:c0b::9a	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
6	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 2	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
1	18.195.70.247 18.195.70.247	16509 (AMAZON-02) (AMAZON-02)
1 4	52.2.17.73 52.2.17.73	14618 (AMAZON-AES) (AMAZON-AES)
1 5	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
1	52.0.209.48 52.0.209.48	14618 (AMAZON-AES) (AMAZON-AES)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	18.209.81.235 18.209.81.235	14618 (AMAZON-AES) (AMAZON-AES)
5	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2	13.69.106.212 13.69.106.212	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
102	28

3 18.66.147.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-36.fra60.r.cloudfront.net

secure.toysfortots.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2490:d200:3:1d53:4780:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 20.60.58.97 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

nvlupin.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.1.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-1-118.dus51.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 108.157.4.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-105.dus51.r.cloudfront.net

js.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.60.33.183 (United States)

ASN19551 (INCAPSULA, US)

profile.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fastaction.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.141 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.70.247 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-70-247.eu-central-1.compute.amazonaws.com

pixel.mediaiqdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.2.17.73 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-17-73.compute-1.amazonaws.com

tags.wdsvc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.209.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-209-48.compute-1.amazonaws.com

arttrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.209.81.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-81-235.compute-1.amazonaws.com

vgs-collect-keeper.apps.verygood.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.69.106.212 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	verygoodvault.com js.verygoodvault.com — Cisco Umbrella Rank: 23665	712 KB
9	windows.net nvlupin.blob.core.windows.net — Cisco Umbrella Rank: 53030	792 KB
8	everyaction.com static.everyaction.com — Cisco Umbrella Rank: 77610 secure.everyaction.com — Cisco Umbrella Rank: 52138	284 KB
7	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	1 KB
7	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1355 insight.adsrvr.org — Cisco Umbrella Rank: 557 Failed	6 KB
6	bing.com bat.bing.com — Cisco Umbrella Rank: 329	30 KB
6	google.de www.google.de — Cisco Umbrella Rank: 6765	993 B
6	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	5 KB
4	wdsvc.net 1 redirects tags.wdsvc.net — Cisco Umbrella Rank: 38198	30 KB
3	ngpvan.com profile.ngpvan.com — Cisco Umbrella Rank: 48147 fastaction.ngpvan.com — Cisco Umbrella Rank: 104559	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	276 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	272 KB
3	toysfortots.org secure.toysfortots.org — Cisco Umbrella Rank: 573422	27 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 786	283 B
2	verygood.systems vgs-collect-keeper.apps.verygood.systems — Cisco Umbrella Rank: 61374	221 B
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 478	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	89 KB
2	gstatic.com fonts.gstatic.com	71 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	arttrk.com arttrk.com — Cisco Umbrella Rank: 5186	131 B
1	mediaiqdigital.com pixel.mediaiqdigital.com — Cisco Umbrella Rank: 11181	82 B
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 2370	47 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 735	30 KB
102	25

	Domain	Requested by
23	js.verygoodvault.com	secure.toysfortots.org js.verygoodvault.com
9	nvlupin.blob.core.windows.net	secure.toysfortots.org nvlupin.blob.core.windows.net
6	bat.bing.com	www.googletagmanager.com bat.bing.com secure.toysfortots.org az416426.vo.msecnd.net
6	www.google.de	secure.toysfortots.org
6	static.everyaction.com	secure.toysfortots.org static.everyaction.com
5	insight.adsrvr.org	js.adsrvr.org
5	www.google.com	1 redirects secure.toysfortots.org
4	tags.wdsvc.net	1 redirects secure.toysfortots.org tags.wdsvc.net az416426.vo.msecnd.net
4	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
3	www.googletagmanager.com	secure.toysfortots.org
3	cdnjs.cloudflare.com	secure.toysfortots.org cdnjs.cloudflare.com
3	secure.toysfortots.org	secure.toysfortots.org
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	vgs-collect-keeper.apps.verygood.systems	js.verygoodvault.com
2	secure.adnxs.com	2 redirects
2	connect.facebook.net	secure.toysfortots.org connect.facebook.net
2	region1.analytics.google.com	www.googletagmanager.com
2	stats.g.doubleclick.net	az416426.vo.msecnd.net www.googletagmanager.com
2	secure.everyaction.com	az416426.vo.msecnd.net secure.toysfortots.org
2	profile.ngpvan.com	static.everyaction.com az416426.vo.msecnd.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	secure.toysfortots.org www.google-analytics.com
2	js.adsrvr.org	secure.toysfortots.org www.googletagmanager.com
1	fastaction.ngpvan.com	az416426.vo.msecnd.net
1	www.facebook.com	secure.toysfortots.org
1	arttrk.com	secure.toysfortots.org
1	pixel.mediaiqdigital.com	secure.toysfortots.org
1	az416426.vo.msecnd.net	secure.toysfortots.org
1	fonts.googleapis.com	secure.toysfortots.org
1	code.jquery.com	secure.toysfortots.org
102	30

This site contains links to these domains. Also see Links.

Domain
www.toysfortots.org
fastaction.ngpvan.com
privacy.toysfortots.org
www.facebook.com
twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
marine-toys-for-tots-oa.edge.targetedaction.net Amazon RSA 2048 M02	`2023-05-31` - `2024-06-28`	a year	crt.sh
static.everyaction.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-06`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.blob.core.windows.net Microsoft Azure TLS Issuing CA 05	`2023-11-16` - `2024-06-27`	7 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.verygoodvault.com Amazon RSA 2048 M02	`2023-12-19` - `2025-01-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2023-05-05` - `2024-04-28`	a year	crt.sh
*.ngpvan.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-11-07` - `2024-11-06`	a year	crt.sh
*.everyaction.com RapidSSL TLS ECC CA G1	`2023-03-17` - `2024-04-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-27` - `2023-12-26`	3 months	crt.sh
adxcel-ec2.com Amazon RSA 2048 M01	`2023-09-18` - `2024-10-17`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tags.wdsvc.net Go Daddy Secure Certificate Authority - G2	`2023-10-18` - `2024-11-01`	a year	crt.sh
*.apps.verygood.systems Amazon RSA 2048 M01	`2023-06-23` - `2024-07-21`	a year	crt.sh
in.applicationinsights.azure.com Microsoft Azure RSA TLS Issuing CA 07	`2023-09-02` - `2024-08-27`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://secure.toysfortots.org/a/donatetoday
Frame ID: 9631AB98DB20206F620048E3E6BEED7B
Requests: 75 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Frame ID: 48AB22E107A6867B5313D9C6C4E7796B
Requests: 4 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Frame ID: 9F23AD1E27B3BE7F2B92A06792A4F175
Requests: 17 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Frame ID: EC34ECC82B48DDA79E2329977D46C0A1
Requests: 2 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Frame ID: 64493124584EF00148D249280A08E4DC
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=mcly68p&ref=https%3A%2F%2Fsecure.toysfortots.org%2Fa%2Fdonatetoday&upid=xq1iggz&upv=1.1.0
Frame ID: CAA89B33FF4CB12D98291FC9795B47AD
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=mcly68p&ref=https%3A%2F%2Fsecure.toysfortots.org%2Fa%2Fdonatetoday&upid=xq1iggz&upv=1.1.0
Frame ID: BA597322AF62B3F8B9292DF9A1EF362B
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=mcly68p&ref=https%3A%2F%2Fsecure.toysfortots.org%2Fa%2Fdonatetoday&upid=xq1iggz&upv=1.1.0
Frame ID: CF1DA6AFA1859D87FB5E1170A40E0E45
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Marine Toys for Tots

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

102
Requests

96 %
HTTPS

57 %
IPv6

25
Domains

30
Subdomains

28
IPs

4
Countries

2699 kB
Transfer

6026 kB
Size

25
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.toysfortots.org/

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/##whats-this
Title: ?

Search URL Search Domain Scan URL

URL: https://privacy.toysfortots.org/
Title: Click Here

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid_signup
Title: Sign up with your email address

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/terms
Title: terms of service

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/privacy
Title: privacy policy.

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid
Title: Log in with your email address

Search URL Search Domain Scan URL

URL: https://www.facebook.com/toysfortots/
Title: Marine Toys for Tots on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/ToysForTots_USA
Title: Marine Toys for Tots on Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/marine-toys-for-tots-foundation
Title: Marine Toys for Tots on YouTube

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://secure.adnxs.com/px?id=1177542&seg=19591457&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3F%26u3%3D%26u4%3D%26pixel_id%3D1177542%26uid%3D%24%7BUID%7D&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1177542%26seg%3D19591457%26redir%3Dhttps%253A%252F%252Fpixel.mediaiqdigital.com%252Fpixel%253F%2526u3%253D%2526u4%253D%2526pixel_id%253D1177542%2526uid%253D%2524%257BUID%257D%26t%3D2 HTTP 302
https://pixel.mediaiqdigital.com/pixel?&u3=&u4=&pixel_id=1177542&uid=3610139884721024240

Request Chain 39

https://tags.wdsvc.net/controller.js?id=100450 HTTP 302
https://tags.wdsvc.net/container.js?id=100450&v=4.10&t=1702973288266

Request Chain 40

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-781855251/?random=1702973287928&cv=11&fst=1702973287928&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v810001730&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.toysfortots.org%2Fa%2Fdonatetoday&hn=www.googleadservices.com&frm=0&tiba=Marine%20Toys%20for%20Tots&auid=1408263841.1702973288&uamb=0&uaw=0 HTTP 302
https://www.google.com/pagead/1p-user-list/AW-781855251/?random=1702973287928&cv=11&fst=1702972800000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v810001730&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.toysfortots.org%2Fa%2Fdonatetoday&frm=0&tiba=Marine%20Toys%20for%20Tots&is_vtc=1&cid=CAQSGwAvHhf_w_oKKrH1Oj5iRBIdXSgGdlHQ07S1CQ&random=4207291647 HTTP 302
https://www.google.de/pagead/1p-user-list/AW-781855251/?random=1702973287928&cv=11&fst=1702972800000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v810001730&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.toysfortots.org%2Fa%2Fdonatetoday&frm=0&tiba=Marine%20Toys%20for%20Tots&is_vtc=1&cid=CAQSGwAvHhf_w_oKKrH1Oj5iRBIdXSgGdlHQ07S1CQ&random=4207291647&ipr=y

102 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request donatetoday Show response
secure.toysfortots.org/a/ 13 KB
5 KB 508ms
203ms Document
text/html 18.66.147.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.toysfortots.org/a/donatetoday

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-36.fra60.r.cloudfront.net

Software

Resource Hash

fff7124c89f4d3a995093aab4e0a4478553647e33f7ab226f2ca3abf8e081cb5

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: Request-Context
cache-control: public, max-age=10
content-encoding: gzip
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type: text/html; charset=utf-8
date: Tue, 19 Dec 2023 08:08:05 GMT
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-amz-cf-id: O6f-sY5-o26R4Aq1D45Tog6gua8n7akDZJ7Pudt9DHJRuR01BMObzg==
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
x-cdn: Imperva
x-content-type-options: nosniff
x-iinfo: 7-35142677-35139934 2NNN RT(1702973286054 1) q(0 0 0 0) r(2 2)
x-xss-protection: 1; mode=block

GET
H2 200 at.js Show response
static.everyaction.com/ea-actiontag/ 849 KB
238 KB 106ms
22ms Script
application/javascript 2600:9000:2490:d200:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/at.js
Requested by: Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:d200:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b5c1c667d1a068532435f622a1a17b9b602c3070b9e2d0385d07d902c43d1ed5

Request headers

Referer: https://secure.toysfortots.org/
Origin: https://secure.toysfortots.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:35:13 GMT
content-encoding: gzip
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1975
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 243230
last-modified: Tue, 12 Dec 2023 15:36:25 GMT
server: AmazonS3
etag: "d29b2a3ac282eead7c320de30c197ab0"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: C_q-WUgb0DD0dLlrE7sgdsfWGz_9SqyjMntN-twZdkE_uFWTJOjhZg==

GET
H2 200 at.min.css
static.everyaction.com/ea-actiontag/ 59 KB
12 KB 102ms
20ms Stylesheet
text/css 2600:9000:2490:d200:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/at.min.css
Requested by: Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:d200:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0efe0d3bf1e7b5198f3f084bfa7e2ccf862eadcf0de2da82f14636ce32c531ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:51:05 GMT
content-encoding: gzip
via: 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1023
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 11610
last-modified: Tue, 12 Dec 2023 15:36:25 GMT
server: AmazonS3
etag: "a2ea56f146051238c5a3e3f239af4b1d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: Hi-6k47OMK8fWtUGKWNN3HyQQ2E36XxB7asxBltjL31rCa89e93AOg==

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 58ms
18ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://secure.toysfortots.org/
Origin: https://secure.toysfortots.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:08:07 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2370670
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-fra-eddf8230088-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1702973287.143560,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 4, 1404556

GET
H2 200 css2
fonts.googleapis.com/ 16 KB
1 KB 72ms
29ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Rubik:ital,wght@0,400;0,500;0,700;0,900;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9c22e06f1c863942929c0a7240ceb66692916f90f53e3803c7b488cbd55eafff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Dec 2023 08:08:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 08:08:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Dec 2023 08:08:07 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/ 99 KB
19 KB 66ms
28ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css

Requested by

Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01b035efb5dfa529c512f82962ed633328222da6f33c224244806d4798c67349

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 489726
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18688
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "630e6e62-4900"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmsk0W2udX9K28PkjRxsCt%2FHNZ3leKqoroltaD4yk4KiywigAuo8s77VuRLj9IFcRdeRw4QN2PvHVhjiQ4iCDYY3MU%2Fz%2FDh0xfUXPreWtCQMvQKElWcucwUMRUG4b0wtHWjfPC3Mr5vszvYpXVoHZTG2"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 837e27e4ae931c3c-FRA
expires: Sun, 08 Dec 2024 08:08:07 GMT

GET
H/1.1 200
OK theme-scripts.js Show response
nvlupin.blob.core.windows.net/images/van/MT4T/MT4T/1/104085/images/themes/ 8 KB
8 KB 507ms
119ms Script
application/x-javascript 20.60.58.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlupin.blob.core.windows.net/images/van/MT4T/MT4T/1/104085/images/themes/theme-scripts.js?2023-10-11
Requested by: Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: fcf457735f78628bbc9e21ffc9822607ff5f0e8fb2f6d82c5830ccaee69e7d41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 19 Dec 2023 08:08:06 GMT
Last-Modified: Wed, 11 Oct 2023 14:52:27 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DBCA69B02EA57B
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
x-ms-request-id: 2333dc56-301e-004e-0f52-3269d9000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 7822

GET
H/1.1 200
OK theme-styles.css
nvlupin.blob.core.windows.net/images/van/MT4T/MT4T/1/104085/images/themes/ 51 KB
51 KB 502ms
118ms Stylesheet
text/css 20.60.58.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlupin.blob.core.windows.net/images/van/MT4T/MT4T/1/104085/images/themes/theme-styles.css?2023-10-30
Requested by: Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 410bd5c606c18e1192e22ad8a4ff9b76b2ea2c9bf73abf2349e2032a7ff46f9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 19 Dec 2023 08:08:06 GMT
Last-Modified: Mon, 30 Oct 2023 14:07:19 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DBD95187DD94B0
Content-Type: text/css
Access-Control-Allow-Origin: *
x-ms-request-id: b19d631f-a01e-002e-2052-321546000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 52138

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
92 KB 83ms
36ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4SS7PGWH6L

Requested by

Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf5bf8a8d4f34a0bed5958c4ba6bb8b8801c90f05b565faeccaadcb273cd07c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:08:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93489
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 19 Dec 2023 08:08:07 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 71ms
22ms Script
application/x-javascript 108.157.1.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.1.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-1-118.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 19 Dec 2023 06:08:28 GMT
Content-Encoding: gzip
Via: 1.1 3ac8e795602d9d156b63546d3d0aaad0.cloudfront.net (CloudFront)
Last-Modified: Thu, 30 Nov 2023 03:37:28 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-P2
Age: 7190
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: FBNZmQM1wp_oIxXV18It5IG_E8FtqAhP_pOWdVyHWNXwKvJIZLmZ_g==

GET
H/1.1 200
OK logo.svg
nvlupin.blob.core.windows.net/images/van/MT4T/MT4T/1/104085/images/themes/ 15 KB
16 KB 534ms
131ms Image
image/svg+xml 20.60.58.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/MT4T/MT4T/1/104085/images/themes/logo.svg
Requested by: Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0f75bc2485991d8896d16fd03466df188cb7746550ec78ac2461d9d117b8f3b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 19 Dec 2023 08:08:07 GMT
Last-Modified: Wed, 03 May 2023 21:26:31 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DB4C1D1020FB94
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
x-ms-request-id: a3568c0b-c01e-0028-3252-3226f9000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 15348

GET
H/1.1 200
OK logo-white.svg
nvlupin.blob.core.windows.net/images/van/MT4T/MT4T/1/104085/images/themes/ 15 KB
16 KB 533ms
127ms Image
image/svg+xml 20.60.58.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/MT4T/MT4T/1/104085/images/themes/logo-white.svg
Requested by: Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 22aa2abbbfec88cee6d4165358dec78c4d9c8932decaf1897d33c70c48c7adfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 19 Dec 2023 08:08:07 GMT
Last-Modified: Wed, 03 May 2023 21:26:31 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DB4C1D105327CD
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
x-ms-request-id: a5c05977-e01e-002f-0152-324a9a000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 15327

GET
H/1.1 200
OK vgs-collect.js Show response
js.verygoodvault.com/vgs-collect/2.18.4/ 134 KB
44 KB 116ms
28ms Script
application/javascript 108.157.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
Requested by: Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda

Request headers

Referer: https://secure.toysfortots.org/
Origin: https://secure.toysfortots.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: jfBMjoXBTwBLxrf4sD.h_N_F9QJn5gdY
Content-Encoding: gzip
Via: 1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
Date: Tue, 19 Dec 2023 08:08:07 GMT
X-Amz-Cf-Pop: DUS51-P2
Age: 13
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 10:29:55 GMT
Server: AmazonS3
ETag: W/"156be461dd96d02fce3792c020f7748a"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
Vary: Accept-Encoding
X-Amz-Cf-Id: BjT-2DzWXxHFWgF08GL-0kecatDikxHVwNzWMa9bcKc1fkq-1b9cgQ==

GET
H2 200 _Incapsula_Resource Show response
secure.toysfortots.org/ 149 KB
22 KB 47ms
47ms Script
application/javascript 18.66.147.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.toysfortots.org/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=877844590
Requested by: Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-36.fra60.r.cloudfront.net
Software: /
Resource Hash: 449678576b21584135b6ab8d0ccb82e5bb1c0cdea98b191594f33d55e14f9885

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/a/donatetoday
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:08:07 GMT
content-encoding: gzip
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 21552
x-amz-cf-id: AsBjoWG0awL-5VW9Jz_B8bxvunVJs-jHFQaVWZF8dSee-kAZLRt2AA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 280 KB
94 KB 109ms
64ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PNP7JWH

Requested by

Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

01b571a4fcfcbd899c641aeaa2bdb73b89e4b905c88121dc395d461c069a6267

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:08:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96463
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 19 Dec 2023 08:08:07 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 257 KB
90 KB 133ms
88ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MTRHTV4

Requested by

Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

607a6d97801d7045362e570822552b674c38d4d1286f9101be1a30e1a63e38a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:08:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92065
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 19 Dec 2023 08:08:07 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 63ms
20ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 19 Dec 2023 07:48:14 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1193
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 19 Dec 2023 09:48:14 GMT

GET
H/1.1 200
OK logo.svg
nvlupin.blob.core.windows.net/images/van/MT4T/MT4T/1/104085/images/themes/ 15 KB
16 KB 119ms
118ms Image
image/svg+xml 20.60.58.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/MT4T/MT4T/1/104085/images/themes/logo.svg
Requested by: Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0f75bc2485991d8896d16fd03466df188cb7746550ec78ac2461d9d117b8f3b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 19 Dec 2023 08:08:06 GMT
Last-Modified: Wed, 03 May 2023 21:26:31 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DB4C1D1020FB94
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
x-ms-request-id: b19d63dd-a01e-002e-5252-321546000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 15348

GET
H/1.1 200
OK logo-white.svg
nvlupin.blob.core.windows.net/images/van/MT4T/MT4T/1/104085/images/themes/ 15 KB
16 KB 134ms
133ms Image
image/svg+xml 20.60.58.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/MT4T/MT4T/1/104085/images/themes/logo-white.svg
Requested by: Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 22aa2abbbfec88cee6d4165358dec78c4d9c8932decaf1897d33c70c48c7adfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 19 Dec 2023 08:08:07 GMT
Last-Modified: Wed, 03 May 2023 21:26:31 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DB4C1D105327CD
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
x-ms-request-id: a3568c76-c01e-0028-1a52-3226f9000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 15327

GET
H/1.1 200
OK marine-football.JPG
nvlupin.blob.core.windows.net/images/van/MT4T/MT4T/1/104085/images/Donation%20Form%20Headers/ 555 KB
555 KB 186ms
186ms Image
image/jpeg 20.60.58.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/MT4T/MT4T/1/104085/images/Donation%20Form%20Headers/marine-football.JPG
Requested by: Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 48c1eedd0663ef93282b9ea5d35e6c88fb0b8800641630746fc045f8663254f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 19 Dec 2023 08:08:07 GMT
Last-Modified: Wed, 07 Jun 2023 13:24:05 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DB675A777028AA
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
x-ms-request-id: a5c05a0c-e01e-002f-0f52-324a9a000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 568035

GET
H2 200 iJWEBXyIfDnIV7nEnX661A.woff2
fonts.gstatic.com/s/rubik/v28/ 36 KB
36 KB 83ms
39ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWEBXyIfDnIV7nEnX661A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik:ital,wght@0,400;0,500;0,700;0,900;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36791c7ed0c7ae2e4246246fcc002f0db8f238e8c53795bc305c32e2973b190e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.toysfortots.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 00:24:53 GMT
x-content-type-options: nosniff
age: 286994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36408
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Dec 2024 00:24:53 GMT

GET
H2 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 35 KB
35 KB 62ms
19ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik:ital,wght@0,400;0,500;0,700;0,900;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.toysfortots.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 21:01:59 GMT
x-content-type-options: nosniff
age: 471968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35448
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:14:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Dec 2024 21:01:59 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/webfonts/ 105 KB
106 KB 55ms
35ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa39e7f9d269d6f9452a125d0d96bdc93891ccfe4a6f16e4964ac4ce9d5c0115

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css
Origin: https://secure.toysfortots.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:08:07 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1836996
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 107460
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "630e6e62-1a3c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n8RJbee1XjYXgAAX%2FxiiTvPMxQtSFRhgI3M2KAxuLTeHsvBcsALz3K0GU6wU1lMnIl5S3KOZzW5boj%2F0eNJZNOf9Gvlgjj%2FRUVDhXLt9szO7k%2Fjti5uHUA8SRGtjo%2F35dwpNwgu2aouLV0AwmpF62mLA"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 837e27e868403723-FRA
expires: Sun, 08 Dec 2024 08:08:07 GMT

GET
H2 200 ai.2.min.js Show response
az416426.vo.msecnd.net/scripts/b/ 120 KB
47 KB 76ms
18ms Script
text/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by: Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CFD) /
Resource Hash: 6c14d731b13bcdec4325028eb0d8d2cb0190b3b1e65e0fcb52907fe6f55c2707

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 19 Dec 2023 08:08:07 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-07 00:07:47
content-md5: OTYl0s1WUyP5rZ8mTmvbyA==
age: 1608
x-cache: HIT
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.16.min.js
content-length: 47958
x-ms-lease-status: unlocked
last-modified: Wed, 20 Sep 2023 16:12:29 GMT
server: ECAcc (frc/4CFD)
x-ms-meta-aijssdkver: 2.8.16
etag: 0x8DBB9F46341BD96
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 1efec2f4-a01e-0040-6d4e-324b9a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-ms-version: 2009-09-19
expires: Tue, 19 Dec 2023 08:38:07 GMT

GET
H2 200 _Incapsula_Resource
secure.toysfortots.org/ 1 B
529 B 36ms
36ms Image
text/plain 18.66.147.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.toysfortots.org/_Incapsula_Resource?SWKMTFSR=1&e=0.958658780057217
Requested by: Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-36.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/a/donatetoday
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:08:07 GMT
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
content-type: text/plain
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
x-amz-cf-id: FHxdq5ew-etcXKbVOrTJxw5NWoQQ3xhwyqxBkviZqvpSSFB29qGtHg==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
213 B 25ms
25ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=982395585&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.toysfortots.org%2Fa%2Fdonatetoday&ul=en-us&de=UTF-8&dt=Marine%20Toys%20for%20Tots&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1390103062&gjid=538995857&cid=964998175.1702973288&tid=UA-69147524-1&_gid=1672633033.1702973288&_r=1&_slc=1&z=1592906180

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.toysfortots.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:08:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.toysfortots.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 extra.min.css
static.everyaction.com/ea-actiontag/ 78 KB
14 KB 21ms
21ms Stylesheet
text/css 2600:9000:2490:d200:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/extra.min.css
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:d200:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d7db03b2397b990d248fa9f6964ae8a1972489096889e20a4adaecc9b37e674

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 05:45:53 GMT
content-encoding: gzip
via: 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8536
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 14161
last-modified: Tue, 12 Dec 2023 15:36:25 GMT
server: AmazonS3
etag: "0c7e5a1230e1b5556da202779daa2d66"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: D8751Ceukb7RNFAO7rVktYr94zC-Mh4T0ccAWe4wZsUAeYJT-hAGTA==

GET
H2 200 identity Show response
profile.ngpvan.com/ 72 B
1 KB 486ms
416ms Script
text/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.ngpvan.com/identity?callback=_jqjsp

Requested by

Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Express, ASP.NET

Resource Hash

8c16c20de774dd8ad664982367ffa545b9c3bac03010db42814f3e3eedcc3e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: W/"48-BaFIvtsHG/uYPOTAzeBAa+gvEns"
x-powered-by: Express, ASP.NET
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
x-iinfo: 5-185559012-185559017 NNNN CT(86 185 0) RT(1702973287114 23) q(0 0 3 1) r(4 4) U24
x-incap-sess-cookie-hdr: htsuHXNSkSj9+quEQEJwB2dPgWUAAAAAQ20eF9juNgQNvyTmmaC7Tg==
content-length: 191
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 200 ck0WWYocJEyuLfbUxzlLRA2 Show response
secure.everyaction.com/v1/Forms/ 11 KB
5 KB 518ms
449ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/v1/Forms/ck0WWYocJEyuLfbUxzlLRA2

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f9af5d7d241f3f4446f53e48490db4d76a9c882cf50677cca1c9a2845753959b

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.toysfortots.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cdn: Imperva
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-iinfo: 7-108038059-108038062 NNNN CT(85 229 0) RT(1702973287142 22) q(0 0 3 0) r(4 4) U18
content-length: 3824
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
vary: Origin,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://secure.toysfortots.org
access-control-expose-headers: Request-Context
cache-control: public, max-age=10
access-control-allow-credentials: true
x-incap-sess-cookie-hdr: HR6/CXeyYzUH+6uEQEJwB2dPgWUAAAAANp4rAhun6xx95SMqv3XYZQ==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
353 B 78ms
26ms XHR
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-69147524-1&cid=964998175.1702973288&jid=1390103062&gjid=538995857&_gid=1672633033.1702973288&_u=IEBAAEAAAAAAACAAI~&z=702649526

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.toysfortots.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 19 Dec 2023 08:08:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.toysfortots.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
258 B 77ms
26ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4SS7PGWH6L&gtm=45je3bt0v9108181772&_p=1702973287712&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=964998175.1702973288&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702973287&sct=1&seg=0&dl=https%3A%2F%2Fsecure.toysfortots.org%2Fa%2Fdonatetoday&dt=Marine%20Toys%20for%20Tots&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1342
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4SS7PGWH6L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:08:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.toysfortots.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 53ms
27ms Ping
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4SS7PGWH6L&cid=964998175.1702973288&gtm=45je3bt0v9108181772&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4SS7PGWH6L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:08:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.toysfortots.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 76ms
30ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4SS7PGWH6L&cid=964998175.1702973288&gtm=45je3bt0v9108181772&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=2064848756

Requested by

Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:08:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 91ms
43ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNP7JWH

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 19 Dec 2023 08:08:07 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9785F47522104BFCA6AFC8D621FA7A1A Ref B: DUS30EDGE0914 Ref C: 2023-12-19T08:08:07Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071516356/ 3 KB
1 KB 112ms
59ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071516356/?random=1702973287901&cv=11&fst=1702973287901&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v811932933&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.toysfortots.org%2Fa%2Fdonatetoday&hn=www.googleadservices.com&frm=0&tiba=Marine%20Toys%20for%20Tots&auid=1408263841.1702973288&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNP7JWH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5746259b0af7422e8ea90dc24f2cd7a74ace32131bd76121df54e573c0642add

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1253
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 70ms
20ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 19 Dec 2023 08:08:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: CTisZrP5KoFQVmWVA8eSxrrq/8IuGs9IaROhpu5kPn31f54/Uno5MayOJRyTxlSY0xonwHnjGnGif4UX8id65Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 23ms
22ms Script
application/x-javascript 108.157.1.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PNP7JWH
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.1.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-1-118.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 19 Dec 2023 06:08:28 GMT
Content-Encoding: gzip
Via: 1.1 3ac8e795602d9d156b63546d3d0aaad0.cloudfront.net (CloudFront)
Last-Modified: Thu, 30 Nov 2023 03:37:28 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-P2
Age: 7190
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: pi3bdvbPBMGuN0b6BJVuHz2Y71SL6xASBqj3_r_eV1pjhqlR-cRx1A==

GET
H2

200

pixel
pixel.mediaiqdigital.com/
Redirect Chain

https://secure.adnxs.com/px?id=1177542&seg=19591457&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3F%26u3%3D%26u4%3D%26pixel_id%3D1177542%26uid%3D%24%7BUID%7D&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1177542%26seg%3D19591457%26redir%3Dhttps%253A%252F%252Fpixel.mediaiqdigital.com%252Fpixel%253F%2526u3%253D%2526u4%253D%2526pixel_id%253D1177542%2526uid%...
https://pixel.mediaiqdigital.com/pixel?&u3=&u4=&pixel_id=1177542&uid=3610139884721024240

2 B
82 B

68ms
20ms

Image
application/json

18.195.70.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mediaiqdigital.com/pixel?&u3=&u4=&pixel_id=1177542&uid=3610139884721024240
Requested by: Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday
Protocol: H2
Server: 18.195.70.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-70-247.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:08:08 GMT
content-length: 2
content-type: application/json; charset=utf-8

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:08:08 GMT
an-x-request-uuid: b460e922-2abc-40dd-8191-475d851f783f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://pixel.mediaiqdigital.com/pixel?&u3=&u4=&pixel_id=1177542&uid=3610139884721024240
x-proxy-origin: 217.114.215.132; 217.114.215.132; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/781855251/ 3 KB
1 KB 86ms
58ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/781855251/?random=1702973287925&cv=11&fst=1702973287925&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v810001730&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.toysfortots.org%2Fa%2Fdonatetoday&hn=www.googleadservices.com&frm=0&tiba=Marine%20Toys%20for%20Tots&auid=1408263841.1702973288&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTRHTV4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2eda267608aa74f7390af9b2d7c05bf5fdbf8bbeef86bd7327c2cb39cd22ee03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1253
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071516356/ 3 KB
1 KB 87ms
59ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071516356/?random=1702973287928&cv=11&fst=1702973287928&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v810001730&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.toysfortots.org%2Fa%2Fdonatetoday&hn=www.googleadservices.com&frm=0&tiba=Marine%20Toys%20for%20Tots&auid=1408263841.1702973288&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MTRHTV4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a99622071362e92aeb70f0ddd8a9fd933f2f5bc913e5a04abc41185a51b6ac21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:08:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1253
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

container.js Show response
tags.wdsvc.net/
Redirect Chain

https://tags.wdsvc.net/controller.js?id=100450
https://tags.wdsvc.net/container.js?id=100450&v=4.10&t=1702973288266

28 KB
29 KB

238ms
238ms

Script
text/javascript

52.2.17.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.wdsvc.net/container.js?id=100450&v=4.10&t=1702973288266
Requested by: Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday
Protocol: HTTP/1.1
Server: 52.2.17.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-17-73.compute-1.amazonaws.com
Software: /
Resource Hash: ec20b65ef33990820765cf656281d988ad048bc15e83472204e1ffa368f54bc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Dec 2023 08:08:08 GMT
Content-Type: text/javascript
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Content-length: 29172
Expires: Mon, 3 Jan 2005 13:00:00 GMT

Redirect headers

location: https://tags.wdsvc.net/container.js?id=100450&v=4.10&t=1702973288266
Date: Tue, 19 Dec 2023 08:08:08 GMT
Cache-Control: private, no-cache
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked

GET
H2

200

/
www.google.de/pagead/1p-user-list/AW-781855251/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-781855251/?random=1702973287928&cv=11&fst=1702973287928&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v810001730&gcd=11l1l1l1l1&dma...
https://www.google.com/pagead/1p-user-list/AW-781855251/?random=1702973287928&cv=11&fst=1702972800000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v810001730&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecu...
https://www.google.de/pagead/1p-user-list/AW-781855251/?random=1702973287928&cv=11&fst=1702972800000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v810001730&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecur...

42 B
108 B

30ms
30ms

Image
image/gif

2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/AW-781855251/?random=1702973287928&cv=11&fst=1702972800000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v810001730&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.toysfortots.org%2Fa%2Fdonatetoday&frm=0&tiba=Marine%20Toys%20for%20Tots&is_vtc=1&cid=CAQSGwAvHhf_w_oKKrH1Oj5iRBIdXSgGdlHQ07S1CQ&random=4207291647&ipr=y

Requested by

Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday

Protocol

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:08:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:08:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/AW-781855251/?random=1702973287928&cv=11&fst=1702972800000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v810001730&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.toysfortots.org%2Fa%2Fdonatetoday&frm=0&tiba=Marine%20Toys%20for%20Tots&is_vtc=1&cid=CAQSGwAvHhf_w_oKKrH1Oj5iRBIdXSgGdlHQ07S1CQ&random=4207291647&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
arttrk.com/pixel/ 43 B
131 B 453ms
112ms Image
image/gif 52.0.209.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arttrk.com/pixel/?ad_log=referer&action=lead&pixid=ce131479-098b-4503-aa40-19db6475e421
Requested by: Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.209.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-209-48.compute-1.amazonaws.com
Software: /
Resource Hash: 693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 73ms
29ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-69147524-1&cid=964998175.1702973288&jid=1390103062&_u=IEBAAEAAAAAAACAAI~&z=835546736

Requested by

Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:08:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
32ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-69147524-1&cid=964998175.1702973288&jid=1390103062&_u=IEBAAEAAAAAAACAAI~&z=835546736

Requested by

Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:08:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 23002762.js Show response
bat.bing.com/p/action/ 1 KB
840 B 43ms
43ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/23002762.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6559b319d265d1afe7593c5a0ce7431f05c210875f4145347784a157ffd85f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Tue, 19 Dec 2023 08:08:07 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C9440C33369D4B07960B5804F580AECB Ref B: DUS30EDGE0914 Ref C: 2023-12-19T08:08:08Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
287 B 62ms
62ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=23002762&Ver=2&mid=9f2c2584-eab9-48c5-992d-784ab29c648c&sid=be6f62209e4511eeb828d95f48a2ac61&vid=be6f83509e4511ee9f5e59bd1c99fd73&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Marine%20Toys%20for%20Tots&p=https%3A%2F%2Fsecure.toysfortots.org%2Fa%2Fdonatetoday&r=&lt=1265&evt=pageLoad&sv=1&rn=536154

Requested by

Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Dec 2023 08:08:07 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F3057457B5834FEE80F5B89CFE56ACCE Ref B: DUS30EDGE0914 Ref C: 2023-12-19T08:08:08Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/781855251/ 42 B
108 B 32ms
31ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/781855251/?random=1702973287925&cv=11&fst=1702972800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v810001730&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.toysfortots.org%2Fa%2Fdonatetoday&frm=0&tiba=Marine%20Toys%20for%20Tots&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_TTSG92UaOEG21IVPuBaZL19yteIPXg&random=204780369&rmt_tld=0&ipr=y

Requested by

Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:08:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/781855251/ 42 B
154 B 33ms
31ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/781855251/?random=1702973287925&cv=11&fst=1702972800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v810001730&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.toysfortots.org%2Fa%2Fdonatetoday&frm=0&tiba=Marine%20Toys%20for%20Tots&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_TTSG92UaOEG21IVPuBaZL19yteIPXg&random=204780369&rmt_tld=1&ipr=y

Requested by

Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:08:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1071516356/ 42 B
108 B 30ms
29ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1071516356/?random=1702973287928&cv=11&fst=1702972800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v810001730&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.toysfortots.org%2Fa%2Fdonatetoday&frm=0&tiba=Marine%20Toys%20for%20Tots&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_OB1ub8vIEZTDlU6Np8GyypxyWLJFNQ&random=1413728308&rmt_tld=0&ipr=y

Requested by

Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:08:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1071516356/ 42 B
108 B 36ms
35ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1071516356/?random=1702973287928&cv=11&fst=1702972800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v810001730&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.toysfortots.org%2Fa%2Fdonatetoday&frm=0&tiba=Marine%20Toys%20for%20Tots&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_OB1ub8vIEZTDlU6Np8GyypxyWLJFNQ&random=1413728308&rmt_tld=1&ipr=y

Requested by

Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:08:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1071516356/ 42 B
108 B 31ms
30ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1071516356/?random=1702973287901&cv=11&fst=1702972800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v811932933&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.toysfortots.org%2Fa%2Fdonatetoday&frm=0&tiba=Marine%20Toys%20for%20Tots&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_Kt70McJFsfd4D16Aicu6Gg8BXJXncw&random=525976647&rmt_tld=0&ipr=y

Requested by

Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:08:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1071516356/ 42 B
108 B 34ms
34ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1071516356/?random=1702973287901&cv=11&fst=1702972800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v811932933&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.toysfortots.org%2Fa%2Fdonatetoday&frm=0&tiba=Marine%20Toys%20for%20Tots&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_Kt70McJFsfd4D16Aicu6Gg8BXJXncw&random=525976647&rmt_tld=1&ipr=y

Requested by

Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:08:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2241937076093472 Show response
connect.facebook.net/signals/config/ 135 KB
35 KB 130ms
130ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2241937076093472?v=2.9.138&r=stable&domain=secure.toysfortots.org

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3671df8ecd99e288b81c321a9c10ab6555b90d0757818a1d7a11bcffd39f3231

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 19 Dec 2023 08:08:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: mzDsldGDt/TXUZ6wCajA82/+y4DvXWFGx90kk0sSyVWAAUwR3x2Dvzy7+Uz6HrhaBvNNFaxZMd4pZPW9w975fw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 23002762 Show response
bat.bing.com/p/insights/t/ 724 B
896 B 121ms
119ms Script
application/x-javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/t/23002762

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/action/23002762.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3be0dc08a66442a2840c66452c7aa59686ce991cddb7d1d6f55b90ab49fc5f53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: -1
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 19 Dec 2023 08:08:07 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FC425515EE544784821F49E98BF345AD Ref B: DUS30EDGE0914 Ref C: 2023-12-19T08:08:08Z
vary: Accept-Encoding
x-azure-ref: 20231219T080808Z-xbzkmm0rdp4hp2v8zvtf3xvmu400000005p0000000002rby
content-type: application/x-javascript
x-cache: CONFIG_NOCACHE
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 615
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2 200 0.7.20 Show response
bat.bing.com/p/insights/s/ 34 KB
15 KB 60ms
60ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/s/0.7.20

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/insights/t/23002762

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5ab142585097949ade33d1c1c15cf8df7423d78bd45747965c064882e72f83e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Tue, 19 Dec 2023 08:08:07 GMT
x-cache: CONFIG_NOCACHE
content-length: 14592
last-modified: Wed, 13 Dec 2023 19:58:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A724A9820A8A4065A599DEA2FC4DDD8D Ref B: DUS30EDGE0914 Ref C: 2023-12-19T08:08:08Z
etag: W/"0x8DBFC15D3D7323E"
vary: Accept-Encoding
x-azure-ref: 20231219T080808Z-up0we5eqc97qfekwfhtam29x90000000020000000000b7yy
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: ba735060-001e-0069-30cc-301797000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 60ms
20ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2241937076093472&ev=PageView&dl=https%3A%2F%2Fsecure.toysfortots.org%2Fa%2Fdonatetoday&rl=&if=false&ts=1702973288171&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702973288171.36599608&ler=empty&it=1702973288027&coo=false&rqm=GET

Requested by

Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 19 Dec 2023 08:08:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 nvtag Show response
profile.ngpvan.com/v2/data/I2OsLW6Zlo19N61JvFAxaztP/ 2 B
835 B 481ms
436ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://profile.ngpvan.com/v2/data/I2OsLW6Zlo19N61JvFAxaztP/nvtag
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.toysfortots.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:08:08 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-powered-by: Express, ASP.NET
vary: Origin,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://secure.toysfortots.org
x-iinfo: 1-71946114-71946119 NNNN CT(85 186 0) RT(1702973287574 25) q(0 1 3 -1) r(5 5) U24
access-control-allow-credentials: true
x-incap-sess-cookie-hdr: 9uacCM1rtmr9+quEQEJwB2hPgWUAAAAAGwS26aijguiJzvVU5o0pEw==
content-length: 123
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

POST
H2 204 v Show response
bat.bing.com/p/insights/c/ 0
214 B 115ms
115ms XHR
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/c/v

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/x-webinsights-gzip
Referer: https://secure.toysfortots.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Dec 2023 08:08:07 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2108DC287AB04F7C985FCA9E76646326 Ref B: DUS30EDGE0914 Ref C: 2023-12-19T08:08:08Z
vary: Origin
x-cache: CONFIG_NOCACHE
access-control-allow-origin: https://secure.toysfortots.org
access-control-allow-credentials: true
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 identity Show response
fastaction.ngpvan.com/api/v2/ 136 B
878 B 189ms
154ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://fastaction.ngpvan.com/api/v2/identity

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Express, ASP.NET

Resource Hash

8d8f10ffab8182fa8257eca6529e6f4e1f7916f8c923d44dc4f234dceecd65e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.toysfortots.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:08:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubdomains
x-cdn: Imperva
x-powered-by: Express, ASP.NET
p3p: CP="NOI ADM DEV COM NAV OUR STP"
x-iinfo: 5-185559012-185559077 NNNY CT(85 186 0) RT(1702973287114 539) q(0 0 0 1) r(0 1) U4
content-length: 256
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
server: Microsoft-IIS/10.0
etag: W/"88-/Z94echxQEGIN+LrN/hVQq9wh0I"
vary: Accept-Encoding,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://secure.toysfortots.org
access-control-allow-credentials: true
x-incap-sess-cookie-hdr: +xPyNxNcMVLq+6uEQEJwB2dPgWUAAAAAqr2B1n56uNnehtQ2nxCHlQ==

GET
H/1.1 200
OK index.html Show response
js.verygoodvault.com/vgs-collect/2.18.4/lib/ Frame 48AB 158 KB
51 KB 78ms
29ms Document
text/html 108.157.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 50ee636f13b74948c3b143ad598ebc57ff83c19f57faa6365ab01de0641cd632

Request headers

Referer: https://secure.toysfortots.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 58
Cache-Control: max-age=60
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 19 Dec 2023 08:08:08 GMT
ETag: W/"891d22e58a2927b43f5ab135e7bdaa88"
Last-Modified: Thu, 16 Mar 2023 10:29:57 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront), 1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
X-Amz-Cf-Id: CV28zlRVj5HALiiX5XR4chBf6mIfHmXhL1UqqLD1Y2LGXJehI1_HTA==
X-Amz-Cf-Pop: FRA60-P3 DUS51-P2
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256
x-amz-version-id: D5Am0ac.4Bfz1LEHZRvgk67rZFGuM9PD

GET
H/1.1 200
OK check-mark.svg
nvlupin.blob.core.windows.net/images/van/MT4T/MT4T/1/104085/images/themes/ 425 B
996 B 124ms
124ms Image
image/svg+xml 20.60.58.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/MT4T/MT4T/1/104085/images/themes/check-mark.svg
Requested by: Host: nvlupin.blob.core.windows.net
URL: https://nvlupin.blob.core.windows.net/images/van/MT4T/MT4T/1/104085/images/themes/theme-styles.css?2023-10-30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ee6268add264bfddc03a317f89550c9fcc88acf2aa3f822e5b140ca3c7eca57b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlupin.blob.core.windows.net/images/van/MT4T/MT4T/1/104085/images/themes/theme-styles.css?2023-10-30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 19 Dec 2023 08:08:08 GMT
Last-Modified: Wed, 03 May 2023 21:25:48 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DB4C1CF69851DC
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
x-ms-request-id: a3568deb-c01e-0028-7652-3226f9000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 425

GET
DATA 200
OK truncated
/ 784 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/webfonts/ 147 KB
148 KB 32ms
32ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9a438a1d3a109908882ad66e9cb5c42d446741f36177159a8f8a7a6b6b37d6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css
Origin: https://secure.toysfortots.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:08:08 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1573817
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 150472
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "630e6e62-24bc8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZJOhxLT52W5PxqjmOkgIYw7mSdOr4zz%2Bk4kOXysnle4Lot7Cygz67OkwYk6g4K%2BENzU6nfeEr9Ynv%2BrNlw2suPthYeMoQeIKDq1a%2Fga3y5wW0A8wWmErnNgMwC03lgjEO03ZRuHc6OtW%2B1E6JofFiqP"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 837e27ecac433723-FRA
expires: Sun, 08 Dec 2024 08:08:08 GMT

GET
H2 200 cc.png
static.everyaction.com/ea-actiontag/assets/images/ 3 KB
4 KB 19ms
19ms Image
image/png 2600:9000:2490:d200:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.everyaction.com/ea-actiontag/assets/images/cc.png
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/extra.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:d200:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c57eeba2aae51f847e739a3eb70428490dec74fea781b653cb8b5e345cc7b3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.everyaction.com/ea-actiontag/extra.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 11:51:56 GMT
via: 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 14069773
x-cache: Hit from cloudfront
content-length: 3392
last-modified: Tue, 07 Dec 2021 15:33:44 GMT
server: AmazonS3
etag: "294b44fc8703a45684537d51e363c045"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-amz-cf-id: HN7Tbx89EPuy0m25EMJ3fLegfD4Wrcz3LJ95FBbO835_qVcH1xlh2Q==

GET
H2 200 cvc.png
static.everyaction.com/ea-actiontag/assets/images/ 981 B
1 KB 20ms
19ms Image
image/png 2600:9000:2490:d200:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.everyaction.com/ea-actiontag/assets/images/cvc.png
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/extra.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:d200:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d9edca3a59561cab73eaefd66e6a6a55bee69c13a4c69c2e53899aac2a4b76e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.everyaction.com/ea-actiontag/extra.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 09:00:37 GMT
via: 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 29891252
x-cache: Hit from cloudfront
content-length: 981
last-modified: Tue, 07 Dec 2021 15:33:44 GMT
server: AmazonS3
etag: "7ee4350c3563a8bdfe4cd2c185d6e6c3"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-amz-cf-id: OC1iL-EGvCoH6VnbTWDoOLZvQNZ5rbv4tTl0EPJLLbEKcI9R777VGw==

GET
H/1.1 200
OK ratio-pie-chart-vertical.png
nvlupin.blob.core.windows.net/images/van/MT4T/MT4T/1/104085/images/Pie%20Chart/ 113 KB
113 KB 120ms
119ms Image
image/png 20.60.58.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/MT4T/MT4T/1/104085/images/Pie%20Chart/ratio-pie-chart-vertical.png
Requested by: Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 604b9c606e80368c333ef5298502b1f237807f54220cc40f9f3e943d6fe83295

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 19 Dec 2023 08:08:07 GMT
Last-Modified: Wed, 07 Jun 2023 13:30:33 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DB675B5EDDCC1E
Content-Type: image/png
Access-Control-Allow-Origin: *
x-ms-request-id: b19d6616-a01e-002e-6052-321546000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 115642

GET
H2 200 ck0WWYocJEyuLfbUxzlLRA2
secure.everyaction.com/v1/Track/ 0
193 B 143ms
143ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.everyaction.com/v1/Track/ck0WWYocJEyuLfbUxzlLRA2?formSessionId=9844e3cd-328d-45d2-9086-b02ab4ce1c90&bName=chrome&dType=desktop&formVersion=10/11/2023%202:38:18%20PM|10/30/2023%202:07:29%20PM&fUrl=aHR0cHM6Ly9zZWN1cmUudG95c2ZvcnRvdHMub3JnL2EvZG9uYXRldG9kYXk%3D&fRef=

Requested by

Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: -1
pragma: no-cache
date: Tue, 19 Dec 2023 08:08:08 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
x-frame-options: SAMEORIGIN
x-iinfo: 7-108038059-108038062 PNNN RT(1702973287142 520) q(0 0 0 -1) r(1 1) U2
access-control-expose-headers: Request-Context
cache-control: no-cache
x-incap-sess-cookie-hdr: xqgOA7DpDj8H+6uEQEJwB2dPgWUAAAAArwSy+yFjK2CmZK/6VdeB0Q==
content-length: 0
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 200 fast-action.svg
static.everyaction.com/ea-actiontag/assets/images/ 9 KB
9 KB 20ms
19ms Image
image/svg+xml 2600:9000:2490:d200:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.everyaction.com/ea-actiontag/assets/images/fast-action.svg
Requested by: Host: secure.toysfortots.org
URL: https://secure.toysfortots.org/a/donatetoday
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:d200:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:37:53 GMT
via: 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 23416
x-cache: Hit from cloudfront
content-length: 9203
last-modified: Tue, 07 Dec 2021 15:33:44 GMT
server: AmazonS3
etag: "babd47dc25531a9faeadc04f1afa1910"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: qwY_T0MXI521L1ojh_O8lX_6WN_kKjlhNfrv56Xgt8M-dyk7qBuIIg==

GET
H/1.1 200
OK index.html Show response
js.verygoodvault.com/vgs-collect/2.18.4/lib/ Frame 9F23 158 KB
51 KB 77ms
29ms Document
text/html 108.157.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 50ee636f13b74948c3b143ad598ebc57ff83c19f57faa6365ab01de0641cd632

Request headers

Referer: https://secure.toysfortots.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 58
Cache-Control: max-age=60
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 19 Dec 2023 08:08:08 GMT
ETag: W/"891d22e58a2927b43f5ab135e7bdaa88"
Last-Modified: Thu, 16 Mar 2023 10:29:57 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront), 1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
X-Amz-Cf-Id: L4fxfb07bnvKk8iDlWiUL0jedswgF7zzm3ldLYW1hFyg6cTFHNSKwA==
X-Amz-Cf-Pop: FRA60-P3 DUS51-P2
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256
x-amz-version-id: D5Am0ac.4Bfz1LEHZRvgk67rZFGuM9PD

GET
H/1.1 200
OK index.html Show response
js.verygoodvault.com/vgs-collect/2.18.4/lib/ Frame EC34 158 KB
51 KB 77ms
29ms Document
text/html 108.157.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 50ee636f13b74948c3b143ad598ebc57ff83c19f57faa6365ab01de0641cd632

Request headers

Referer: https://secure.toysfortots.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 58
Cache-Control: max-age=60
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 19 Dec 2023 08:08:08 GMT
ETag: W/"891d22e58a2927b43f5ab135e7bdaa88"
Last-Modified: Thu, 16 Mar 2023 10:29:57 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront), 1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
X-Amz-Cf-Id: PE6epMnYphoc9FbH_wDL-PIZ212H7k8NbGkk7I3Lwtkv8x15mLf3Fw==
X-Amz-Cf-Pop: FRA60-P3 DUS51-P2
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256
x-amz-version-id: D5Am0ac.4Bfz1LEHZRvgk67rZFGuM9PD

GET
H/1.1 200
OK index.html Show response
js.verygoodvault.com/vgs-collect/2.18.4/lib/ Frame 6449 158 KB
51 KB 75ms
28ms Document
text/html 108.157.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 50ee636f13b74948c3b143ad598ebc57ff83c19f57faa6365ab01de0641cd632

Request headers

Referer: https://secure.toysfortots.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 58
Cache-Control: max-age=60
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 19 Dec 2023 08:08:08 GMT
ETag: W/"891d22e58a2927b43f5ab135e7bdaa88"
Last-Modified: Thu, 16 Mar 2023 10:29:57 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront), 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 3mV6v2LF7p1Nkf_gVLjm9kTzP3fyJXwlynw_kff96FTQNuYrewwnVQ==
X-Amz-Cf-Pop: FRA60-P3 DUS51-P2
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256
x-amz-version-id: D5Am0ac.4Bfz1LEHZRvgk67rZFGuM9PD

GET
H/1.1 200
OK / Show response
tags.wdsvc.net/tpc-eval/ 21 B
284 B 119ms
119ms Script
text/javascript 52.2.17.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.wdsvc.net/tpc-eval/?lid=18c811e2fc4-tags3-fb75ad7452318
Requested by: Host: tags.wdsvc.net
URL: https://tags.wdsvc.net/controller.js?id=100450
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.2.17.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-17-73.compute-1.amazonaws.com
Software: /
Resource Hash: b0e70b299ab9c122ad93531fa8e5309833baecd53dd55c992c538f8b33bfa22d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Dec 2023 08:08:08 GMT
Content-Type: text/javascript
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Content-length: 21
Expires: Mon, 3 Jan 2005 13:00:00 GMT

GET
H/1.1 200
OK application.909e2f5f9100accd006e.modern.js Show response
js.verygoodvault.com/vgs-collect/2.18.4/lib/ Frame EC34 331 KB
107 KB 28ms
28ms Script
application/javascript 108.157.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b5b8d9d9ffa6c2cc34b2bc6188cb900a6f1490983d0f16276ae7073978f1a5f

Request headers

Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Origin: https://js.verygoodvault.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: bFbwHKJMSq_P8gXZB7NkRn9e60aeznRH
Content-Encoding: gzip
Via: 1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
Date: Tue, 19 Dec 2023 08:08:08 GMT
X-Amz-Cf-Pop: DUS51-P2
Age: 42
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 10:29:57 GMT
Server: AmazonS3
ETag: W/"55ba8f4f8f5789d1d6f863f100a30e86"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
Vary: Accept-Encoding
X-Amz-Cf-Id: crRCah16C3fOSaD_jh3EMtj9qua7fOETKsyf8Lmn1yyYjeU3Vzxa4A==

GET
H/1.1 200
OK application.909e2f5f9100accd006e.modern.js Show response
js.verygoodvault.com/vgs-collect/2.18.4/lib/ Frame 48AB 331 KB
107 KB 22ms
22ms Script
application/javascript 108.157.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b5b8d9d9ffa6c2cc34b2bc6188cb900a6f1490983d0f16276ae7073978f1a5f

Request headers

Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Origin: https://js.verygoodvault.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: bFbwHKJMSq_P8gXZB7NkRn9e60aeznRH
Content-Encoding: gzip
Via: 1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
Date: Tue, 19 Dec 2023 08:08:08 GMT
X-Amz-Cf-Pop: DUS51-P2
Age: 42
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 10:29:57 GMT
Server: AmazonS3
ETag: W/"55ba8f4f8f5789d1d6f863f100a30e86"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
Vary: Accept-Encoding
X-Amz-Cf-Id: eoYOzYpgiXH7G3GTbV3bAfUfYIDaHLVC5SVA5pp2zLy37krMmKMCVg==

GET
H/1.1 200
OK application.909e2f5f9100accd006e.modern.js Show response
js.verygoodvault.com/vgs-collect/2.18.4/lib/ Frame 9F23 331 KB
107 KB 22ms
22ms Script
application/javascript 108.157.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b5b8d9d9ffa6c2cc34b2bc6188cb900a6f1490983d0f16276ae7073978f1a5f

Request headers

Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Origin: https://js.verygoodvault.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: bFbwHKJMSq_P8gXZB7NkRn9e60aeznRH
Content-Encoding: gzip
Via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
Date: Tue, 19 Dec 2023 08:08:08 GMT
X-Amz-Cf-Pop: DUS51-P2
Age: 42
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 10:29:57 GMT
Server: AmazonS3
ETag: W/"55ba8f4f8f5789d1d6f863f100a30e86"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
Vary: Accept-Encoding
X-Amz-Cf-Id: 271GnmVRGnQR68NH9YmASPm6kEdbYsehc-MCNaTEr8zKWTE3ESkmaA==

GET
H/1.1 200
OK application.909e2f5f9100accd006e.modern.js Show response
js.verygoodvault.com/vgs-collect/2.18.4/lib/ Frame 6449 331 KB
107 KB 22ms
22ms Script
application/javascript 108.157.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b5b8d9d9ffa6c2cc34b2bc6188cb900a6f1490983d0f16276ae7073978f1a5f

Request headers

Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Origin: https://js.verygoodvault.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: bFbwHKJMSq_P8gXZB7NkRn9e60aeznRH
Content-Encoding: gzip
Via: 1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
Date: Tue, 19 Dec 2023 08:08:08 GMT
X-Amz-Cf-Pop: DUS51-P2
Age: 42
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 10:29:57 GMT
Server: AmazonS3
ETag: W/"55ba8f4f8f5789d1d6f863f100a30e86"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
Vary: Accept-Encoding
X-Amz-Cf-Id: 8xsMMvlQ5j3f3W6v3suDmMGhWJcskZOI9Cgtn9nm7fsTvGyGxkNVvA==

POST
H2 200 vgs Show response
vgs-collect-keeper.apps.verygood.systems/ Frame 48AB 0
111 B 398ms
126ms XHR
text/plain 18.209.81.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vgs-collect-keeper.apps.verygood.systems/vgs
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.81.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-81-235.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.verygoodvault.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.verygoodvault.com
date: Tue, 19 Dec 2023 08:08:09 GMT
x-powered-by: Express
content-length: 0
vary: Origin

GET up
insight.adsrvr.org/track/ Frame CAA8 0
0

GET
DATA 200
OK truncated
/ Frame 9F23 557 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7cf4641497720eff15f2b923bdae3ffafe95044234ab5bf0028cb1f1e9e04186

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame BA59 0
59 B 143ms
45ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=mcly68p&ref=https%3A%2F%2Fsecure.toysfortots.org%2Fa%2Fdonatetoday&upid=xq1iggz&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.toysfortots.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Tue, 19 Dec 2023 08:08:08 GMT
server: Kestrel

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame CF1D 0
60 B 138ms
45ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=mcly68p&ref=https%3A%2F%2Fsecure.toysfortots.org%2Fa%2Fdonatetoday&upid=xq1iggz&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.toysfortots.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Tue, 19 Dec 2023 08:08:08 GMT
server: Kestrel

GET
H/1.1 200
OK visa.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 9F23 0
1 KB 24ms
22ms Other
image/svg+xml 108.157.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/visa.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: H.lNoG4vwL1ej33_03.Q4hw1WNRfkp4C
Content-Encoding: gzip
Via: 1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
Date: Tue, 19 Dec 2023 04:26:09 GMT
X-Amz-Cf-Pop: DUS51-P2
Age: 13975
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"bf0e3c7ebdd4f91c9ef36fefa89822e9"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: cMKw9L_vdJEq_LFQu-7mnrZoh2nAbpEeILrACdcs8rIM1OR6AbWiVw==

GET
H/1.1 200
OK visa-electron.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 9F23 0
2 KB 24ms
22ms Other
image/svg+xml 108.157.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/visa-electron.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: MgNF_FMVP1IvFHrPIq8AALFoZu_j7TtV
Content-Encoding: gzip
Via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
Date: Tue, 19 Dec 2023 04:01:20 GMT
X-Amz-Cf-Pop: DUS51-P2
Age: 16087
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"c962f159de73e843c20331630bc3cd07"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: Q2v97NMCufGMt7vXs1ts3_D0vomd0m0FEbzeCs5vMAbLZHtpt6BrJA==

GET
H/1.1 200
OK amex.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 9F23 0
1 KB 24ms
23ms Other
image/svg+xml 108.157.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/amex.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: ItVZhXC517ZMCtDQ0ErslqkZpDw4TP_K
Content-Encoding: gzip
Via: 1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
Date: Tue, 19 Dec 2023 04:01:20 GMT
X-Amz-Cf-Pop: DUS51-P2
Age: 20942
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"d76aac2504772a3c74494f11fd18d87f"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: xRUgOZ1h-QMSV1Jd8kh-_7lp3ZYdnpHVIs4SzY3pzM7LIU9UCTuIOA==

GET
H/1.1 200
OK maestro.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 9F23 0
4 KB 25ms
24ms Other
image/svg+xml 108.157.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/maestro.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 1_p31LpzRSjwSiLiTYV71TUVe9IpUn9e
Content-Encoding: gzip
Via: 1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
Date: Tue, 19 Dec 2023 04:01:20 GMT
X-Amz-Cf-Pop: DUS51-P2
Age: 18427
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"3625c25fe4e71c0daa524694d3b3d2e2"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: yyFEDYIvS3ExRe3K7BF5Vz0cNINJGxbf7iYfAQZIwHhNsOxUbwZKoQ==

GET
H/1.1 200
OK mastercard.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 9F23 0
1 KB 52ms
22ms Other
image/svg+xml 108.157.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/mastercard.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: PU9xtdz3b.d2kDLc5M1BB7mi5YpUwVDj
Content-Encoding: gzip
Via: 1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
Date: Tue, 19 Dec 2023 06:33:06 GMT
X-Amz-Cf-Pop: DUS51-P2
Age: 6700
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"8baef8cd0813bb42fe4bd99adf195035"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: PplhSMVK27gMsKi1LHqMbssTnwMR4pnp6TUmXK98PbR_elClQ0Zq1A==

GET
H/1.1 200
OK unionpay.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 9F23 0
5 KB 53ms
23ms Other
image/svg+xml 108.157.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/unionpay.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: G6Y4bx8_pMrmOjFIicD1hgmIdROiurIv
Content-Encoding: gzip
Via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
Date: Tue, 19 Dec 2023 07:10:29 GMT
X-Amz-Cf-Pop: DUS51-P2
Age: 3468
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"01249c1708efa3c5c18a35778f20207b"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: 2fKEx6FCiZqdAcaJ3lMXRg2JhEpF4TwNIr3itNo2lNpiWlGs2VbnZQ==

GET
H/1.1 200
OK meeza.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 9F23 0
7 KB 25ms
22ms Other
image/svg+xml 108.157.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/meeza.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: fIKvFE1HubfUWhiWGE6EdQYTnLAnJ9MH
Content-Encoding: gzip
Via: 1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
Date: Tue, 19 Dec 2023 01:48:50 GMT
X-Amz-Cf-Pop: DUS51-P2
Age: 23762
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"07e73ffeb1e07b87f158e34e9900bd96"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: S2DGl557H6SNOZZoNAGNzd-enAYShnskVd3hbmM0baG2qJP-WoKgfA==

GET
H/1.1 200
OK jcb.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 9F23 0
2 KB 24ms
23ms Other
image/svg+xml 108.157.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/jcb.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: QmKwMQRUu5GGnar6U1.XDYKwXr9GTt4E
Content-Encoding: gzip
Via: 1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
Date: Tue, 19 Dec 2023 04:56:31 GMT
X-Amz-Cf-Pop: DUS51-P2
Age: 12267
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"afc9c9bd9dd25718d84aa1b295e3cd4f"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: 7nH90J3uK3e9ISZPOGvN_1yQWNf3fN_ciO28bLy2G5OyxWTNv-4mMA==

GET
H/1.1 200
OK hipercard.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 9F23 0
3 KB 39ms
22ms Other
image/svg+xml 108.157.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/hipercard.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: wESZZuki93YD2Y88rRKC5LDYBxi8XywO
Content-Encoding: gzip
Via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
Date: Tue, 19 Dec 2023 06:33:07 GMT
X-Amz-Cf-Pop: DUS51-P2
Age: 5702
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"39424aebb87e84c688d70ebf51e5cec6"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: P7Fc5P3HTaTF-M7iEVackPiZv3WMnn3iZrqaR9KCiVL7TJJNAotZ_w==

GET
H/1.1 200
OK forbrugsforeningen.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 9F23 0
2 KB 44ms
23ms Other
image/svg+xml 108.157.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/forbrugsforeningen.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: iffR3o1DDLBtfD6DUK07BGzKAQQ9SkB1
Content-Encoding: gzip
Via: 1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
Date: Tue, 19 Dec 2023 01:48:50 GMT
X-Amz-Cf-Pop: DUS51-P2
Age: 23620
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"0e30901c80583be81a54ad19e75340a7"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: sY_qwVaC7w1XiobF3XX9Da_9zS7pxeNp_O078Lz-xWh05DHsmfR9qQ==

GET
H/1.1 200
OK elo.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 9F23 0
2 KB 22ms
21ms Other
image/svg+xml 108.157.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/elo.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: SZ2jJtdJs0WLGiaIwIjXub4ID5pKkMH_
Content-Encoding: gzip
Via: 1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
Date: Tue, 19 Dec 2023 04:06:44 GMT
X-Amz-Cf-Pop: DUS51-P2
Age: 14514
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"2819c6f92cfc42b73058a840aba885a7"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: ozLrtT6H-voNmhWACVRrPjymHZvI1xvjtEsRMKOZTfu-tjs_R9nQ8A==

GET
H/1.1 200
OK discover.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 9F23 0
2 KB 22ms
22ms Other
image/svg+xml 108.157.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/discover.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 47gYKG16RG7X_h0fKEEIboeS2mmCMeYz
Content-Encoding: gzip
Via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
Date: Mon, 18 Dec 2023 16:25:25 GMT
X-Amz-Cf-Pop: DUS51-P2
Age: 57217
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"5bd5bab591da0ad8f328376e0f9ebe29"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: Ue8aduxY3HeW4PsaHvO2qmxVX9kTM26dn-8sAzc1h4OQ5L_gRamhqA==

GET
H/1.1 200
OK diners-club.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 9F23 0
1 KB 23ms
22ms Other
image/svg+xml 108.157.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/diners-club.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: GmZUrCmUOwT9x.EL1h3aTKcLFhZAn.Ls
Content-Encoding: gzip
Via: 1.1 3a42f75e219a9a44a54979112dcb25dc.cloudfront.net (CloudFront)
Date: Tue, 19 Dec 2023 04:01:20 GMT
X-Amz-Cf-Pop: DUS51-P2
Age: 16119
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"39a2c40eee9103f96fab5bc8d3dbbeb8"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: G0LRYGFysQzeJb1y88aai0IbEpuPSQYcpkCWUdjm9arxG6CMpLFmBg==

GET
H/1.1 200
OK dankort.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 9F23 0
1 KB 24ms
23ms Other
image/svg+xml 108.157.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/dankort.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: L7PgpoDJdtbcwmCNdHkqIlTpNlkZVtdK
Content-Encoding: gzip
Via: 1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
Date: Tue, 19 Dec 2023 04:56:31 GMT
X-Amz-Cf-Pop: DUS51-P2
Age: 12433
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"5a58f174478046c4d7105db80bb660f0"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: DEmJZC5cIzdYNhRfRBthmuZThCyc3ZuaFNdzHoKYg9GssH_ELI08qQ==

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 98 B
283 B 102ms
101ms XHR
application/json 13.69.106.212
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8deef07a5609f678e89f2354c5617c22165f03ead7e0bd3428b8e800b5667f6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.toysfortots.org/
accept-language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 4646E820-CBE1-4292-BF99-12B6F8FF7ECD
strict-transport-security: max-age=31536000
date: Tue, 19 Dec 2023 08:08:08 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 98

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 222ms
39ms Preflight 13.69.106.212
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://secure.toysfortots.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Tue, 19 Dec 2023 08:08:08 GMT
x-content-type-options: nosniff

POST
H2 200 vgs Show response
vgs-collect-keeper.apps.verygood.systems/ Frame 48AB 0
110 B 121ms
121ms XHR
text/plain 18.209.81.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vgs-collect-keeper.apps.verygood.systems/vgs
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.81.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-81-235.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.verygoodvault.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.verygoodvault.com
date: Tue, 19 Dec 2023 08:08:09 GMT
x-powered-by: Express
content-length: 0
vary: Origin

POST
H/1.1 200
OK post-log Show response
tags.wdsvc.net/ 0
441 B 123ms
122ms XHR
text/html 52.2.17.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.wdsvc.net/post-log?v=4.10&t=1702973288388
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.2.17.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-17-73.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.toysfortots.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://secure.toysfortots.org
Date: Tue, 19 Dec 2023 08:08:10 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=5
Content-length: 0
Content-Type: text/html

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
148 B 47ms
46ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=jci9yvg&ct=0:a5zxxfy&fmt=3&td1=18c811e2fc4-tags3-fb75ad7452318
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:08:10 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 /
insight.adsrvr.org/track/conv/ 70 B
148 B 45ms
45ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=jci9yvg&ct=0:f280u34&fmt=3&orderid=&vf=&v=&td1=18c811e2fc4-tags3-fb75ad7452318
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:08:10 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 /
insight.adsrvr.org/track/conv/ 70 B
148 B 46ms
46ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=jci9yvg&ct=0:p4u67aw&fmt=3&orderid=&vf=&v=&td1=18c811e2fc4-tags3-fb75ad7452318
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:08:10 GMT
server: Kestrel
content-length: 70
content-type: image/gif

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 27ms
26ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4SS7PGWH6L&gtm=45je3bt0v9108181772&_p=1702973287712&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=964998175.1702973288&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1702973287&sct=1&seg=0&dl=https%3A%2F%2Fsecure.toysfortots.org%2Fa%2Fdonatetoday&dt=Marine%20Toys%20for%20Tots&en=scroll&epn.percent_scrolled=90&_et=7&tfd=6350
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4SS7PGWH6L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.toysfortots.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 08:08:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.toysfortots.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=mcly68p&ref=https%3A%2F%2Fsecure.toysfortots.org%2Fa%2Fdonatetoday&upid=xq1iggz&upv=1.1.0

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
secure.toysfortots.org/	1970-01-20 17:03:22	Name: SessionKeyCookie Value:
secure.toysfortots.org/	1970-01-20 17:02:53	Name: ___utmvc Value: wxUnH5Hub2syXum6GphXoRYsTbzbWjCi3dq+5XnEtJ9Y5fCOSW8RJJ1oUGkgPvQ0VjLdghxoqiBtvJH3mQPMB4kOsA2+CXn840KQjdRF3hQR5H2z4pUUoJ1W/HQIJ8zWwcbAp3cV6ZZMEUUEY+S8hEwfCXaY8TpEfDykqDRPPjGhXABBI90Cqg80eWz50R0lfQ9rfEXRN9YsfbpGEM/KIklGAxMDjRkiQfbsArVjv9kNFUQjwvdkKSZeTQZ56KfwGGZzD1xgofUTaiQvE979BU6s420wUzjg0t8X9F2ZrDRg9ZJdB4sStNgdBNeSWb/y2xLinJKeOsy89PbLO8Bswz1OP8rlEmn61kXDPwAqZ1pbi02r3pb+j3Vli0d1pzlzAuRnP1X4UunCdlglIihs7g9Mo1GCOadcQJI6O2hyxJEzOUwGL8iz3a2SYaj3Tb3zitxt/vV1heLU7LsDcN/AkhsHTp3IUy8Qams/gi5zj1TRz+irewa4017Gq0n+Ok4CBQZf/bog+WnGncJF/fZh446o4yx345vmqsB7VdxLa44EmYe2nUMQab4sZUtbM/EiXVhPTmrHcLg0mgGFNGbpjJpnDtu+dqO9XMC9MroHAYETtMnNqGLU79c/tdV6rj8jIdm6+onxguAKB2inoHqQCxX1MfWnYDe1ghKK4gojW/B2OaXDqrLKUR0vynk51eaQi/4ROeYNq7xBI7NdeZpAMCMS4W0p1R7p1X5gnGYHM9m7jTK/i4zgCXMNPMhDgaGpvFQXcsGMbmjKDSJa0tOeNGLjY2kple/225a2SdCW7KoM2+73ve6L/0NOEurxGRuWbIaAA51eRfdA3n5rhoDtVGB7Cj8aBkZXwOs71/PfnMGfyDbjpkwau1l4sqKfBGuiuP46NRI9Hm3J4+4AQHY1bvSoFTopUGmwIV+/C7FEZrAAWgxYHTQguWFpGIvu0rlx+B4MJy8pYqP2vlo314F7o8sdGg5FL8v6kDViR+RPbDjG+mPR/oEwRtgJHcEqgfABHVuHwLQ0RQ/dezellTz9D9QfGob0/DE8F9JDxx2tnCeE2dUbyrvjYpoo2+qE6zY4yA3DKuspfM+N+I9P+kTW5S9TX0feco3/Mu/pYGwFSRPsxuo+qv1YsOuW/Bfn+DD73N85zjhPBKErIGbKIIipfDJfw2qwfjaqpRnIazoNDps+FagI/cBPxyhK1csQ9YJR5+u2byb938bxDuipYolJ9D0ppG30jVPmv02fCxqjELTMb7Ah//NHWvCvSBu8507zq53Whfl3RzJys8QM1myLIm801JzoGCPAlIwXigfUojuLiK0/fVqtXMbLB76VtAJhN+SFuoqLJPecH06KbHZUxzcZ5vnjeSav1/q1qMNoM7TSGMSybfajFu/k/iK0FMHPEo35hVbk5+EF1XXkRiFWyYKINYzhe/fqnHCoSd4NMIOTluMteE1HOKz1GAkYz6kGRHuLaffCkZwWk9HnFykJnilsSPxI1o9qTVd7hiyt5Upe2qQHUT26VRYLaC+Cg+5I7yPbcikwPjnJG59wf1RmzjV8se1Zd49wFX2xZQm22sS4Ym24EsEXOt66LILWrb/Ghpn7G0nJsGQAyu3/AEbVVpUGS4bOhy6LrMqdxTu4C0xgvBiFImgPfBmHOWKuyJDms25q9koX8uM/rZXtngZgoBeE8n7YS74JN/CSyGiY1rjxgC/qx9JKFyB2xw8CMu4z+KRiX/0vQBkXsFfVskJ6T09OZyBwnGyv2FNgwBRErnbv13nT6tjuxSZAEMfMCJonrLZyaEZYvJ7WE3J2iKrRnlS5PeE4euKnYbiNw8p7Kqj3NCzhR2anlBqcjJb75EnUOuM9FW8upweJe8lcUkF/A7KA10ytR6Q7/VujWyQ8pusFhxYdTv1g0WfYQwhh36IdRfRcLYXVTxv0RDfsB67wWK2pBnDsHcnBUv9gooWG8DPJpvcLkCVWop3RKCn32oMirWUhvQ5yowYzy9BQg9V5SMooRhCQ10n+UOdg3r5C6VJz7wtrSTMJPkhCaE1aSKV39DNda16p4jGIKFEY9i0ZPCFVIxq2lC/Gx9IQJKh4k5jozfAWcQo/dpeLv6ayTVtVqpzQMWgyiaEZE1w6WfVlcEeGcbnt5f7gzRF4pBPLgcclhAC5pD8lkjfTfc+FV9SqAhHSrLy6OjQVu5EDs/DCQrC6ATGi7y9IOpjkIFR7BOqqucJ+7ZtdtAY85dJk9Do5TRjTLvNwWrZo0IIMOXGyTABEVg0pgwJMyKFmxPYW/240JJqry0O6aVGeM2g7jgHt7Y+daZ3OtUB2PB/jchfQUPLcc2U/93tvkqBLeF+HP3z+zlc0MhaWqDGA4F8/NHXLi4dI9/ZJk96KWHXJc2UtVPIygroGy2ySDQb24yPeD96jGUV0q2U/glTemic1Z4z9aOY6l5Nzp8DW1KiQwpA9jukrm6nJp1t7ths4x7vSCM5VVDDPOgU1MoQvzJBSoIgra5PsT8V8XevQ82m8I8HNu8jMmnYtL+08VmQntu315WzWQ2leyTFDkNdpO+UXCanpfzACXMG+HMXaUwYQO4d62sjgmSn0SnarSje0upSCGZoTiMKTOezZv3E4pd+bTmTw4piiN3iNfg7EidhxBJcSxz9dDROWmMwxHuUuFujXSW3k/HWRHpMU4LqaC7L/tLIAENyyXjDhefeoUyDef/PtpbCc8i2sb9LlBN6yUShc3VciGa8Rxdo4Db3zLk698zTf+4jUl2AnCq07aC6l4m7NI6pLqXz018bMhQXzqr4JO7LALJrsDuWNUc54JOGcc0ZPixXqLGRpZ2VzdD0scz1OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU4=
.toysfortots.org/	1970-01-20 17:04:19	Name: _gid Value: GA1.2.1672633033.1702973288
.toysfortots.org/	1970-01-20 17:02:53	Name: _gat Value: 1
secure.toysfortots.org/	1970-01-21 01:48:29	Name: ai_user Value: niNphOnT0XoI7ZZkXpwUcP\|2023-12-19T08:08:07.841Z
.toysfortots.org/	1970-01-21 02:38:53	Name: _ga Value: GA1.1.964998175.1702973288
.toysfortots.org/	1970-01-21 02:38:53	Name: _ga_4SS7PGWH6L Value: GS1.1.1702973287.1.0.1702973287.60.0.0
.toysfortots.org/	1970-01-20 19:12:29	Name: _gcl_au Value: 1.1.1408263841.1702973288
secure.toysfortots.org/	1970-01-20 17:02:55	Name: ai_session Value: MNLBOhlteIRkjzayimi62N\|1702973287934\|1702973287934
.doubleclick.net/	1970-01-20 17:02:54	Name: test_cookie Value: CheckForPermission
.adnxs.com/	1970-01-20 19:12:29	Name: uuid2 Value: 3610139884721024240
.bing.com/	1970-01-21 02:24:29	Name: MUID Value: 02A4F636C230665F18EBE5DAC39A67C2
.adnxs.com/	1970-01-20 19:12:29	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2E>1HvBJB!@wnf-Te9(>wL5L!!'Pd$h:W'
.toysfortots.org/	1970-01-20 19:12:29	Name: _fbp Value: fb.1.1702973288171.36599608
.bat.bing.com/	1970-01-21 02:24:29	Name: MSPTC Value: Nr0dXnXwmZkBTHqUkDI6p5Uji76KCplBtt0CIYPKYKk
.toysfortots.org/	1970-01-20 17:04:19	Name: _uetsid Value: be6f62209e4511eeb828d95f48a2ac61\|6otx1s\|2\|fho\|0\|1448
profile.ngpvan.com/	1970-01-21 02:38:53	Name: ngpvanuser Value: I2OsLW6Zlo19N61JvFAxaztP
.wdsvc.net/	1970-01-20 17:02:53	Name: _wdTest Value: accept
.wdsvc.net/	1970-01-21 02:38:53	Name: wds_random Value: 2023-12-19T08:08:08.266Z~2023-12-19T08:08:08.266Z\|4423725437231896\|40\|
.everyaction.com/	1970-01-21 01:47:54	Name: visid_incap_823975 Value: qG4JHN9VQN6olEViGfCG6GdPgWUAAAAAQUIPAAAAAAB8nIDRLFHsNlGZN1f9A9ox
.everyaction.com/	1969-12-31 23:59:59	Name: nlbi_823975 Value: 3u8VXcpgeTu91UnCxwoUeQAAAACUbHT/RGx3GtQqPuEMJMxB
.everyaction.com/	1969-12-31 23:59:59	Name: incap_ses_536_823975 Value: lpB8a9sx5AwH+6uEQEJwB2dPgWUAAAAA/0/rxk6PNjxD4xqV4YWSsQ==
.toysfortots.org/	1970-01-21 02:24:29	Name: _uetvid Value: be6f83509e4511ee9f5e59bd1c99fd73\|1r1f6vf\|1702973288444\|1\|1\|bat.bing.com/p/insights/c/v
.toysfortots.org/	1970-01-21 02:38:53	Name: wds_random Value: 2023-12-19T08:08:08.266Z~2023-12-19T08:08:08.266Z\|4423725437231896\|40\|
.toysfortots.org/	1970-01-21 02:38:53	Name: __WDS1 Value: %7B%22da_100450%22%3A%7B%22hu%22%3A%222023-12-19T08%3A08%3A10.562Z%22%7D%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/2241937076093472?v=2.9.138&r=stable&domain=secure.toysfortots.org(Line 132) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

arttrk.com
az416426.vo.msecnd.net
bat.bing.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
dc.services.visualstudio.com
fastaction.ngpvan.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
js.verygoodvault.com
nvlupin.blob.core.windows.net
pixel.mediaiqdigital.com
profile.ngpvan.com
region1.analytics.google.com
secure.adnxs.com
secure.everyaction.com
secure.toysfortots.org
static.everyaction.com
stats.g.doubleclick.net
tags.wdsvc.net
vgs-collect-keeper.apps.verygood.systems
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
insight.adsrvr.org
108.157.1.118
108.157.4.105
13.69.106.212
18.195.70.247
18.209.81.235
18.66.147.36
185.89.210.141
20.60.58.97
2001:4860:4802:34::36
2600:9000:2490:d200:3:1d53:4780:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700::6811:190e
2620:1ec:c11::200
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2004
2a00:1450:4001:81c::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2002
2a00:1450:400c:c0b::9a
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:600::649
45.60.33.183
52.0.209.48
52.2.17.73
52.223.40.198
01b035efb5dfa529c512f82962ed633328222da6f33c224244806d4798c67349
01b571a4fcfcbd899c641aeaa2bdb73b89e4b905c88121dc395d461c069a6267
0d7db03b2397b990d248fa9f6964ae8a1972489096889e20a4adaecc9b37e674
0efe0d3bf1e7b5198f3f084bfa7e2ccf862eadcf0de2da82f14636ce32c531ad
0f75bc2485991d8896d16fd03466df188cb7746550ec78ac2461d9d117b8f3b2
22aa2abbbfec88cee6d4165358dec78c4d9c8932decaf1897d33c70c48c7adfe
2eda267608aa74f7390af9b2d7c05bf5fdbf8bbeef86bd7327c2cb39cd22ee03
3671df8ecd99e288b81c321a9c10ab6555b90d0757818a1d7a11bcffd39f3231
36791c7ed0c7ae2e4246246fcc002f0db8f238e8c53795bc305c32e2973b190e
3be0dc08a66442a2840c66452c7aa59686ce991cddb7d1d6f55b90ab49fc5f53
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
410bd5c606c18e1192e22ad8a4ff9b76b2ea2c9bf73abf2349e2032a7ff46f9b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
449678576b21584135b6ab8d0ccb82e5bb1c0cdea98b191594f33d55e14f9885
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
48c1eedd0663ef93282b9ea5d35e6c88fb0b8800641630746fc045f8663254f6
50ee636f13b74948c3b143ad598ebc57ff83c19f57faa6365ab01de0641cd632
5746259b0af7422e8ea90dc24f2cd7a74ace32131bd76121df54e573c0642add
575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda
5ab142585097949ade33d1c1c15cf8df7423d78bd45747965c064882e72f83e6
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
604b9c606e80368c333ef5298502b1f237807f54220cc40f9f3e943d6fe83295
607a6d97801d7045362e570822552b674c38d4d1286f9101be1a30e1a63e38a0
6559b319d265d1afe7593c5a0ce7431f05c210875f4145347784a157ffd85f89
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75
6b5b8d9d9ffa6c2cc34b2bc6188cb900a6f1490983d0f16276ae7073978f1a5f
6c14d731b13bcdec4325028eb0d8d2cb0190b3b1e65e0fcb52907fe6f55c2707
7cf4641497720eff15f2b923bdae3ffafe95044234ab5bf0028cb1f1e9e04186
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
8c16c20de774dd8ad664982367ffa545b9c3bac03010db42814f3e3eedcc3e77
8c57eeba2aae51f847e739a3eb70428490dec74fea781b653cb8b5e345cc7b3a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d8f10ffab8182fa8257eca6529e6f4e1f7916f8c923d44dc4f234dceecd65e8
8d9edca3a59561cab73eaefd66e6a6a55bee69c13a4c69c2e53899aac2a4b76e
8deef07a5609f678e89f2354c5617c22165f03ead7e0bd3428b8e800b5667f6e
9c22e06f1c863942929c0a7240ceb66692916f90f53e3803c7b488cbd55eafff
a99622071362e92aeb70f0ddd8a9fd933f2f5bc913e5a04abc41185a51b6ac21
aa39e7f9d269d6f9452a125d0d96bdc93891ccfe4a6f16e4964ac4ce9d5c0115
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0e70b299ab9c122ad93531fa8e5309833baecd53dd55c992c538f8b33bfa22d
b5c1c667d1a068532435f622a1a17b9b602c3070b9e2d0385d07d902c43d1ed5
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985
bf5bf8a8d4f34a0bed5958c4ba6bb8b8801c90f05b565faeccaadcb273cd07c8
c9a438a1d3a109908882ad66e9cb5c42d446741f36177159a8f8a7a6b6b37d6b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec20b65ef33990820765cf656281d988ad048bc15e83472204e1ffa368f54bc7
ee6268add264bfddc03a317f89550c9fcc88acf2aa3f822e5b140ca3c7eca57b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9af5d7d241f3f4446f53e48490db4d76a9c882cf50677cca1c9a2845753959b
fcf457735f78628bbc9e21ffc9822607ff5f0e8fb2f6d82c5830ccaee69e7d41
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
fff7124c89f4d3a995093aab4e0a4478553647e33f7ab226f2ca3abf8e081cb5

secure.toysfortots.org Open in urlscan Pro 18.66.147.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

102 Requests

96 %HTTPS

57 %IPv6

25 Domains

30 Subdomains

28 IPs

4 Countries

2699 kBTransfer

6026 kBSize

25 Cookies

10 Outgoing links

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure.toysfortots.org Open in urlscan Pro
18.66.147.36 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

96 %
HTTPS

57 %
IPv6

25
Domains

30
Subdomains

28
IPs

4
Countries

2699 kB
Transfer

6026 kB
Size

25
Cookies

102 HTTP transactions
2 data transactions