urlscan.io logo urlscan.io
SecurityTrails logo

www.marchofdimes.org Open in urlscan Pro
2606:4700:10::6816:4245  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadO...
Effective URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_...
Submission: On January 02 via manual from MX — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 111 IPs in 10 countries across 89 domains to perform 481 HTTP transactions. The main IP is 2606:4700:10::6816:4245, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.marchofdimes.org. The Cisco Umbrella rank of the primary domain is 689120.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 15th 2023. Valid for: a year.
This is the only time www.marchofdimes.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.17.70.206 13335 (CLOUDFLAR...)
17 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
10 2606:4700::68... 13335 (CLOUDFLAR...)
18 172.67.72.38 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 108.157.1.118 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 151.101.129.44 54113 (FASTLY)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
12 2620:1ec:c11:... 8068 (MICROSOFT...)
3 8 172.217.18.102 15169 (GOOGLE)
8 2620:116:800d... 16509 (AMAZON-02)
2 23.213.165.149 16625 (AKAMAI-AS)
6 2a03:2880:f08... 32934 (FACEBOOK)
1 104.18.13.242 13335 (CLOUDFLAR...)
2 5 142.250.181.230 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2.16.110.66 20940 (AKAMAI-ASN1)
1 18.66.112.13 16509 (AMAZON-02)
1 37.157.5.71 198622 (ADFORM)
2 188.114.97.3 13335 (CLOUDFLAR...)
4 2600:9000:223... 16509 (AMAZON-02)
5 6 2620:1ec:21::14 8068 (MICROSOFT...)
2 13.107.42.14 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.74.194 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
2 5 2a00:1450:400... 15169 (GOOGLE)
2 52.223.40.198 16509 (AMAZON-02)
3 52.71.145.154 14618 (AMAZON-AES)
48 104.26.5.251 13335 (CLOUDFLAR...)
3 2a03:2880:f17... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 185.167.164.39 198622 (ADFORM)
57 99.86.4.76 16509 (AMAZON-02)
1 40.160.4.235 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 154.59.122.94 174 (COGENT-174)
2 3.217.69.99 14618 (AMAZON-AES)
2 2a02:2638:3::e 44788 (ASN-CRITE...)
6 11 37.252.171.52 29990 (ASN-APPNEX)
8 18.197.30.128 16509 (AMAZON-02)
22 54.186.23.98 16509 (AMAZON-02)
6 151.101.193.21 54113 (FASTLY)
5 64.202.112.127 23352 (SERVERCEN...)
4 2600:9000:224... 16509 (AMAZON-02)
4 8 178.250.1.11 44788 (ASN-CRITE...)
3 188.114.96.3 13335 (CLOUDFLAR...)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
32 54.187.159.182 16509 (AMAZON-02)
2 12 37.157.4.29 198622 (ADFORM)
1 37.157.5.84 198622 (ADFORM)
3 192.229.221.25 15133 (EDGECAST)
3 151.101.65.35 54113 (FASTLY)
4 54.201.135.255 16509 (AMAZON-02)
3 34.241.183.25 16509 (AMAZON-02)
2 23.213.165.82 16625 (AKAMAI-AS)
1 69.173.144.139 26667 (RUBICONPR...)
1 18.197.27.255 16509 (AMAZON-02)
3 164.132.25.185 16276 (OVH)
1 2607:ae80:4::26 26558 (FREEWHEEL)
3 18.184.201.106 16509 (AMAZON-02)
1 4 172.64.151.101 13335 (CLOUDFLAR...)
6 7 77.243.51.122 42697 (NETIC-AS)
3 3 85.114.159.93 24961 (MYLOC-AS ...)
6 6 142.250.186.66 15169 (GOOGLE)
1 52.57.150.20 16509 (AMAZON-02)
2 2 54.78.254.47 16509 (AMAZON-02)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 35.244.174.68 396982 (GOOGLE-CL...)
1 34.248.85.3 16509 (AMAZON-02)
2 72.246.169.24 16625 (AKAMAI-AS)
1 35.244.159.8 15169 (GOOGLE)
1 1 54.194.99.174 16509 (AMAZON-02)
1 52.218.45.168 16509 (AMAZON-02)
4 5 217.79.178.233 24961 (MYLOC-AS ...)
1 1 91.210.226.74 48314 (IP-PROJECTS)
1 1 80.85.85.173 63949 (AKAMAI-LI...)
3 34.240.241.48 16509 (AMAZON-02)
3 198.47.127.205 3257 (GTT-BACKB...)
1 18.66.248.31 16509 (AMAZON-02)
2 3 54.217.36.38 16509 (AMAZON-02)
2 4 108.129.21.249 16509 (AMAZON-02)
1 1 52.17.242.240 16509 (AMAZON-02)
2 2 52.28.24.250 16509 (AMAZON-02)
1 216.46.185.182 13649 (ASN-FLEXE...)
3 162.19.138.119 16276 (OVH)
2 2 35.190.24.218 15169 (GOOGLE)
3 23.32.185.35 16625 (AKAMAI-AS)
1 2600:9000:211... 16509 (AMAZON-02)
1 46.19.11.36 51790 (SIEL)
3 13.248.245.213 16509 (AMAZON-02)
2 52.57.138.113 16509 (AMAZON-02)
1 198.202.176.201 16509 (AMAZON-02)
2 6 178.250.1.9 44788 (ASN-CRITE...)
2 74.119.119.150 19750 (AS-CRITEO)
3 216.137.52.57 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
6 104.19.219.90 13335 (CLOUDFLAR...)
2 95.101.148.20 16625 (AKAMAI-AS)
2 69.173.144.138 26667 (RUBICONPR...)
4 141.226.228.48 200478 (TABOOLA-AS)
4 3.75.62.37 16509 (AMAZON-02)
2 23.48.23.185 20940 (AKAMAI-ASN1)
2 37.157.6.233 198622 (ADFORM)
2 34.248.250.162 16509 (AMAZON-02)
2 34.117.157.22 396982 (GOOGLE-CL...)
2 18.185.145.57 16509 (AMAZON-02)
2 54.165.111.121 14618 (AMAZON-AES)
2 18.153.246.175 16509 (AMAZON-02)
2 2600:1f18:612... 14618 (AMAZON-AES)
2 85.215.5.31 6786 (CRONON-BE...)
1 18.202.209.33 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 188.65.124.66 41690 (DAILYMOTI...)
12 2a00:1450:400... 15169 (GOOGLE)
481 111
1    104.17.70.206 (None, )

ASN13335 (CLOUDFLARENET, US)
go.marchofdimes.org
17    2606:4700:10::6816:4245 (United States)

ASN13335 (CLOUDFLARENET, US)
www.marchofdimes.org
give.marchofdimes.org
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
10    2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
18    172.67.72.38 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.fundraiseup.com
static.fundraiseup.com
api.fundraiseup.com
5    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    108.157.1.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-1-118.dus51.r.cloudfront.net
js.adsrvr.org
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
2    2a02:26f0:3500:16::215:1490 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
12    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
8    172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f6.1e100.net
8832015.fls.doubleclick.net
8    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
2    23.213.165.149 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-149.deploy.static.akamaitechnologies.com
amplify.outbrain.com
wave.outbrain.com
6    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    104.18.13.242 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.resonate.com
5    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
ad.doubleclick.net
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
6    2.16.110.66 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-110-66.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    18.66.112.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-13.fra56.r.cloudfront.net
js.ipredictive.com
1    37.157.5.71 (Denmark)

ASN198622 (ADFORM, DK)
s2.adform.net
2    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
fndrsp.net
4    2600:9000:223c:b000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
6    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    142.250.74.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
googleads4.g.doubleclick.net
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
5    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
adservice.google.de
2    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
3    52.71.145.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-145-154.compute-1.amazonaws.com
ad.ipredictive.com
48    104.26.5.251 (None, )

ASN13335 (CLOUDFLARENET, US)
static.fundraiseup.com
api.fundraiseup.com
3    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
a2.adform.net
57    99.86.4.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-76.fra6.r.cloudfront.net
js.stripe.com
1    40.160.4.235 (United States)

ASN16276 (OVH, FR)
sentry.fundraiseup.com
2    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    154.59.122.94 (Schiphol, Netherlands)

ASN174 (COGENT-174, US)
e.acuityplatform.com
2    3.217.69.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-69-99.compute-1.amazonaws.com
px.adentifi.com
2    2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dynamic.criteo.com
11    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
ib.adnxs.com
8    18.197.30.128 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-30-128.eu-central-1.compute.amazonaws.com
tags.srv.stackadapt.com
22    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
6    151.101.193.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
5    64.202.112.127 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
tr.outbrain.com
sync.outbrain.com
4    2600:9000:224a:ee00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
8    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
fndrsp-checkout.net
2    2a02:26f0:3500:11::215:14dc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ucarecdn.com
32    54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com
r.stripe.com
12    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
1    37.157.5.84 (Denmark)

ASN198622 (ADFORM, DK)
a1.seadform.net
3    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
3    151.101.65.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
4    54.201.135.255 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-201-135-255.us-west-2.compute.amazonaws.com
m.stripe.com
3    34.241.183.25 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-183-25.eu-west-1.compute.amazonaws.com
ad.360yield.com
2    23.213.165.82 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-82.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    18.197.27.255 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-27-255.eu-central-1.compute.amazonaws.com
ih.adscale.de
3    164.132.25.185 (France)

ASN16276 (OVH, FR)
PTR: ip185.ip-164-132-25.eu
rtb-csync.smartadserver.com
1    2607:ae80:4::26 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
3    18.184.201.106 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-201-106.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
r.casalemedia.com
7    77.243.51.122 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
se.semasio.net
3    85.114.159.93 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
6    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
1    52.57.150.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
ps.eyeota.net
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadm.exelator.com
1    2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
load77.exelator.com
1    35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    34.248.85.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-85-3.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    72.246.169.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
eu-u.openx.net
1    54.194.99.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-99-174.eu-west-1.compute.amazonaws.com
api.adrtx.net
1    52.218.45.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com
s3-eu-west-1.amazonaws.com
5    217.79.178.233 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm48.as.net
cm.adsafety.net
1    91.210.226.74 (Germany)

ASN48314 (IP-PROJECTS, DE)
ads.smartstream.tv
1    80.85.85.173 (London, United Kingdom)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li749-173.members.linode.com
cm.smartstream.tv
3    34.240.241.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-241-48.eu-west-1.compute.amazonaws.com
beacon.krxd.net
3    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
1    18.66.248.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-31.dus51.r.cloudfront.net
pdw-adf.userreport.com
3    54.217.36.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-36-38.eu-west-1.compute.amazonaws.com
a.audrte.com
4    108.129.21.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-129-21-249.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    52.17.242.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-242-240.eu-west-1.compute.amazonaws.com
aa.agkn.com
2    52.28.24.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-24-250.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    216.46.185.182 (Highlands Ranch, United States)

ASN13649 (ASN-FLEXENTIAL, US)
global.ib-ibi.com
3    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
2    35.190.24.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com
redirect.frontend.weborama.fr
3    23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com
sync.teads.tv
criteo-sync.teads.tv
1    2600:9000:211e:1200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si
match.contentexchange.me
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    52.57.138.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-138-113.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
1    198.202.176.201 (United States)

ASN16509 (AMAZON-02, US)
merchant-ui-api.stripe.com
6    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
dis.criteo.com
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
widget.us.criteo.com
3    216.137.52.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-216-137-52-57.mrs52.r.cloudfront.net
b.stripecdn.com
4    2a00:1450:400c:c0c::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
pay.google.com
6    104.19.219.90 (None, )

ASN13335 (CLOUDFLARENET, US)
hcaptcha.com
newassets.hcaptcha.com
api.hcaptcha.com
2    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
trc-events.taboola.com
4    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    23.48.23.185 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-185.deploy.static.akamaitechnologies.com
hb.yahoo.net
2    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    34.248.250.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-250-162.eu-west-1.compute.amazonaws.com
visitor.omnitagjs.com
2    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com
2    18.185.145.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-145-57.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
2    54.165.111.121 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-111-121.compute-1.amazonaws.com
jadserve.postrelease.com
2    18.153.246.175 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-153-246-175.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    2600:1f18:612b:4264:b711:868:5175:f82d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com
2    85.215.5.31 (Germany)

ASN6786 (CRONON-BERLIN-AS, DE)
a.twiago.com
1    18.202.209.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-209-33.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com
4    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    188.65.124.66 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-03-pub-prod-ix7.vip.dailymotion.com
public-prod-dspcookiematching.dmxleo.com
12    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
Apex Domain
Subdomains		 Transfer
116 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2656
q.stripe.com — Cisco Umbrella Rank: 13887
r.stripe.com — Cisco Umbrella Rank: 6573
m.stripe.com — Cisco Umbrella Rank: 2365
merchant-ui-api.stripe.com — Cisco Umbrella Rank: 12870
2 MB
67 fundraiseup.com
cdn.fundraiseup.com — Cisco Umbrella Rank: 59411
static.fundraiseup.com — Cisco Umbrella Rank: 54477
api.fundraiseup.com — Cisco Umbrella Rank: 179449
sentry.fundraiseup.com — Cisco Umbrella Rank: 202515
1 MB
22 doubleclick.net
8832015.fls.doubleclick.net — Cisco Umbrella Rank: 921481
ad.doubleclick.net — Cisco Umbrella Rank: 199
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 677
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
28 KB
21 google.com
adservice.google.com — Cisco Umbrella Rank: 189
www.google.com — Cisco Umbrella Rank: 6
pay.google.com — Cisco Umbrella Rank: 3910
play.google.com — Cisco Umbrella Rank: 95
426 KB
18 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 4009
gum.criteo.com — Cisco Umbrella Rank: 597
sslwidget.criteo.com — Cisco Umbrella Rank: 2480
widget.us.criteo.com — Cisco Umbrella Rank: 27168
dis.criteo.com — Cisco Umbrella Rank: 943
66 KB
18 marchofdimes.org
go.marchofdimes.org — Cisco Umbrella Rank: 581801
www.marchofdimes.org — Cisco Umbrella Rank: 689120
give.marchofdimes.org
390 KB
17 adform.net
s2.adform.net — Cisco Umbrella Rank: 7751
a2.adform.net — Cisco Umbrella Rank: 12667
c1.adform.net — Cisco Umbrella Rank: 1001
dmp.adform.net — Cisco Umbrella Rank: 4001
cm.adform.net — Cisco Umbrella Rank: 1664
42 KB
12 bing.com
bat.bing.com — Cisco Umbrella Rank: 692
54 KB
11 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 793
ib.adnxs.com — Cisco Umbrella Rank: 356
8 KB
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 625
172 KB
9 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3050
t.paypal.com — Cisco Umbrella Rank: 3583
89 KB
8 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 4796
17 KB
8 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 778
www.linkedin.com — Cisco Umbrella Rank: 944
px4.ads.linkedin.com — Cisco Umbrella Rank: 7294
7 KB
8 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 2137
pixel.quantserve.com — Cisco Umbrella Rank: 1736
39 KB
7 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 2396
se.semasio.net — Cisco Umbrella Rank: 19184
4 KB
7 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 3674
tr.outbrain.com — Cisco Umbrella Rank: 3336
wave.outbrain.com — Cisco Umbrella Rank: 3465
sync.outbrain.com — Cisco Umbrella Rank: 1287
9 KB
6 hcaptcha.com
hcaptcha.com — Cisco Umbrella Rank: 6229
newassets.hcaptcha.com — Cisco Umbrella Rank: 7636
api.hcaptcha.com — Cisco Umbrella Rank: 7827
405 KB
6 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 818
151 KB
6 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 240
266 KB
6 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1255
trc.taboola.com — Cisco Umbrella Rank: 960
sync-t1.taboola.com — Cisco Umbrella Rank: 2152
trc-events.taboola.com — Cisco Umbrella Rank: 2320
23 KB
5 adsafety.net
cm.adsafety.net — Cisco Umbrella Rank: 17119
8 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
region1.google-analytics.com — Cisco Umbrella Rank: 1695
21 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
410 KB
4 gstatic.com
www.gstatic.com
101 KB
4 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 505
170 B
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 313
3 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194
r.casalemedia.com — Cisco Umbrella Rank: 2571
2 KB
4 stripe.network
m.stripe.network — Cisco Umbrella Rank: 2891
32 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 9341
www.google.de — Cisco Umbrella Rank: 4002
2 KB
4 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1945
7 KB
4 ipredictive.com
js.ipredictive.com — Cisco Umbrella Rank: 29469
ad.ipredictive.com — Cisco Umbrella Rank: 8095
3 KB
3 stripecdn.com
b.stripecdn.com — Cisco Umbrella Rank: 18058
45 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 731
418 B
3 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 2019
criteo-sync.teads.tv — Cisco Umbrella Rank: 3178
489 B
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 658
3 KB
3 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3399
2 KB
3 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 1499
373 B
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 1173
1011 B
3 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 3106
load77.exelator.com — Cisco Umbrella Rank: 6128
2 KB
3 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2052
1 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 590
436 B
3 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1004
489 B
3 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 744
pixel.rubiconproject.com — Cisco Umbrella Rank: 620
692 B
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 995
595 B
3 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2512
33 KB
3 fndrsp-checkout.net
fndrsp-checkout.net — Cisco Umbrella Rank: 196518
1 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
257 B
3 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 2259
insight.adsrvr.org — Cisco Umbrella Rank: 1095
match.adsrvr.org — Cisco Umbrella Rank: 594
3 KB
2 twiago.com
a.twiago.com — Cisco Umbrella Rank: 28126
306 B
2 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 3791
796 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 797
69 B
2 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1607
843 B
2 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1753
2 KB
2 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 9290
359 B
2 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1124
767 B
2 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 1385
638 B
2 media.net
contextual.media.net — Cisco Umbrella Rank: 1093
1 KB
2 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 3028
87 B
2 weborama.fr
redirect.frontend.weborama.fr — Cisco Umbrella Rank: 14378
630 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1620
1 KB
2 smartstream.tv
ads.smartstream.tv — Cisco Umbrella Rank: 19705
cm.smartstream.tv — Cisco Umbrella Rank: 326109
1 KB
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 1261
646 B
2 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4236
470 B
2 ucarecdn.com
ucarecdn.com — Cisco Umbrella Rank: 24308
14 KB
2 adentifi.com
px.adentifi.com — Cisco Umbrella Rank: 16453
69 B
2 acuityplatform.com
e.acuityplatform.com — Cisco Umbrella Rank: 33546
374 B
2 fndrsp.net
fndrsp.net — Cisco Umbrella Rank: 55640
782 B
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1877
31 KB
1 dmxleo.com
public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 3735
123 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 3522
38 B
1 contentexchange.me
match.contentexchange.me — Cisco Umbrella Rank: 40489
49 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1035
237 B
1 ib-ibi.com
global.ib-ibi.com — Cisco Umbrella Rank: 3432
72 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 973
494 B
1 userreport.com
pdw-adf.userreport.com — Cisco Umbrella Rank: 39122
444 B
1 amazonaws.com
s3-eu-west-1.amazonaws.com
390 B
1 adrtx.net
api.adrtx.net — Cisco Umbrella Rank: 48841
407 B
1 openx.net
eu-u.openx.net — Cisco Umbrella Rank: 3669
264 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1419
266 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 764
98 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1645
344 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 958
640 B
1 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 5432
38 B
1 seadform.net
a1.seadform.net — Cisco Umbrella Rank: 44866
466 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
5 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 3722
50 KB
1 resonate.com
cdn.resonate.com — Cisco Umbrella Rank: 21734
96 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1429
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
1 KB
481 89
Domain Requested by
62 static.fundraiseup.com cdn.fundraiseup.com
static.fundraiseup.com
www.marchofdimes.org
57 js.stripe.com static.fundraiseup.com
js.stripe.com
32 r.stripe.com js.stripe.com
22 q.stripe.com go.marchofdimes.org
js.stripe.com
16 www.marchofdimes.org go.marchofdimes.org
www.marchofdimes.org
static.cloudflareinsights.com
12 play.google.com www.gstatic.com
12 bat.bing.com www.googletagmanager.com
bat.bing.com
8832015.fls.doubleclick.net
10 cdn.cookielaw.org www.marchofdimes.org
cdn.cookielaw.org
9 c1.adform.net 2 redirects a2.adform.net
c1.adform.net
8 gum.criteo.com 4 redirects dynamic.criteo.com
gum.criteo.com
8 tags.srv.stackadapt.com 8832015.fls.doubleclick.net
tags.srv.stackadapt.com
8 8832015.fls.doubleclick.net 3 redirects www.googletagmanager.com
adservice.google.com
7 ib.adnxs.com 4 redirects 8832015.fls.doubleclick.net
go.marchofdimes.org
6 cm.g.doubleclick.net 6 redirects
6 www.paypal.com static.fundraiseup.com
www.paypal.com
www.paypalobjects.com
6 analytics.tiktok.com go.marchofdimes.org
analytics.tiktok.com
6 connect.facebook.net go.marchofdimes.org
connect.facebook.net
8832015.fls.doubleclick.net
5 cm.adsafety.net 4 redirects c1.adform.net
5 px.ads.linkedin.com 4 redirects static.fundraiseup.com
5 ad.doubleclick.net 2 redirects go.marchofdimes.org
5 www.googletagmanager.com www.marchofdimes.org
www.googletagmanager.com
4 www.gstatic.com pay.google.com
www.gstatic.com
4 ups.analytics.yahoo.com
4 dis.criteo.com
4 pay.google.com static.fundraiseup.com
pay.google.com
go.marchofdimes.org
www.gstatic.com
4 dpm.demdex.net 2 redirects
4 se.semasio.net 3 redirects c1.adform.net
4 m.stripe.com m.stripe.network
4 m.stripe.network js.stripe.com
m.stripe.network
4 secure.adnxs.com 2 redirects 8832015.fls.doubleclick.net
c1.adform.net
4 pixel.quantserve.com 8832015.fls.doubleclick.net
4 rules.quantcount.com secure.quantserve.com
4 secure.quantserve.com www.googletagmanager.com
8832015.fls.doubleclick.net
3 newassets.hcaptcha.com hcaptcha.com
newassets.hcaptcha.com
3 b.stripecdn.com js.stripe.com
b.stripecdn.com
3 eb2.3lift.com c1.adform.net
go.marchofdimes.org
3 id5-sync.com c1.adform.net
go.marchofdimes.org
3 dmp.adform.net c1.adform.net
3 a.audrte.com 2 redirects c1.adform.net
3 simage2.pubmatic.com c1.adform.net
3 beacon.krxd.net c1.adform.net
3 dsp.adfarm1.adition.com 3 redirects
3 uipglob.semasio.net 3 redirects
3 x.bidswitch.net c1.adform.net
go.marchofdimes.org
3 rtb-csync.smartadserver.com c1.adform.net
go.marchofdimes.org
3 ad.360yield.com c1.adform.net
go.marchofdimes.org
3 t.paypal.com www.marchofdimes.org
3 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
3 fndrsp-checkout.net cdn.fundraiseup.com
3 tr.outbrain.com amplify.outbrain.com
3 www.facebook.com 8832015.fls.doubleclick.net
3 ad.ipredictive.com js.ipredictive.com
8832015.fls.doubleclick.net
3 adservice.google.com 8832015.fls.doubleclick.net
3 region1.google-analytics.com www.googletagmanager.com
3 api.fundraiseup.com cdn.fundraiseup.com
static.fundraiseup.com
2 trc-events.taboola.com static.fundraiseup.com
2 a.twiago.com go.marchofdimes.org
2 criteo-partners.tremorhub.com go.marchofdimes.org
2 match.sharethrough.com
2 sync.outbrain.com go.marchofdimes.org
2 jadserve.postrelease.com go.marchofdimes.org
2 exchange.mediavine.com go.marchofdimes.org
2 matching.ivitrack.com go.marchofdimes.org
2 r.casalemedia.com go.marchofdimes.org
2 visitor.omnitagjs.com go.marchofdimes.org
2 cm.adform.net go.marchofdimes.org
2 hb.yahoo.net go.marchofdimes.org
2 criteo-sync.teads.tv go.marchofdimes.org
2 sync-t1.taboola.com
2 pixel.rubiconproject.com
2 contextual.media.net go.marchofdimes.org
2 api.hcaptcha.com newassets.hcaptcha.com
2 widget.us.criteo.com
2 sslwidget.criteo.com 2 redirects
2 e1.emxdgt.com c1.adform.net
2 redirect.frontend.weborama.fr 2 redirects
2 pm.w55c.net 2 redirects
2 tags.bluekai.com c1.adform.net
2 loadm.exelator.com 2 redirects
2 dsum-sec.casalemedia.com 1 redirects c1.adform.net
2 ad.yieldlab.net c1.adform.net
2 ucarecdn.com www.marchofdimes.org
2 dynamic.criteo.com 8832015.fls.doubleclick.net
2 px.adentifi.com 8832015.fls.doubleclick.net
2 e.acuityplatform.com 8832015.fls.doubleclick.net
2 www.google.de
2 www.google.com
2 adservice.google.de 2 redirects
2 a2.adform.net 1 redirects
2 googleads.g.doubleclick.net www.googletagmanager.com
2 px4.ads.linkedin.com 8832015.fls.doubleclick.net
2 fndrsp.net cdn.fundraiseup.com
2 snap.licdn.com www.googletagmanager.com
8832015.fls.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 public-prod-dspcookiematching.dmxleo.com
1 sync-criteo.ads.yieldmo.com
1 hcaptcha.com b.stripecdn.com
1 merchant-ui-api.stripe.com js.stripe.com
1 match.contentexchange.me c1.adform.net
1 s.ad.smaato.net c1.adform.net
1 sync.teads.tv c1.adform.net
1 global.ib-ibi.com c1.adform.net
1 match.adsrvr.org c1.adform.net
1 aa.agkn.com 1 redirects
1 pdw-adf.userreport.com c1.adform.net
1 cm.smartstream.tv 1 redirects
1 ads.smartstream.tv 1 redirects
1 s3-eu-west-1.amazonaws.com c1.adform.net
1 api.adrtx.net 1 redirects
1 eu-u.openx.net c1.adform.net
1 sync.crwdcntrl.net c1.adform.net
1 idsync.rlcdn.com c1.adform.net
1 load77.exelator.com c1.adform.net
1 ps.eyeota.net c1.adform.net
1 ads.stickyadstv.com c1.adform.net
1 ih.adscale.de c1.adform.net
1 token.rubiconproject.com c1.adform.net
1 a1.seadform.net
1 wave.outbrain.com amplify.outbrain.com
1 sentry.fundraiseup.com static.fundraiseup.com
1 trc.taboola.com cdn.taboola.com
1 insight.adsrvr.org js.adsrvr.org
1 googleads4.g.doubleclick.net ad.doubleclick.net
1 pagead2.googlesyndication.com ad.doubleclick.net
1 www.linkedin.com 1 redirects
1 s2.adform.net go.marchofdimes.org
1 js.ipredictive.com www.googletagmanager.com
1 www.googleoptimize.com www.googletagmanager.com
1 cdn.resonate.com go.marchofdimes.org
1 amplify.outbrain.com www.googletagmanager.com
1 cdn.taboola.com www.googletagmanager.com
1 js.adsrvr.org www.googletagmanager.com
1 cdn.fundraiseup.com go.marchofdimes.org
1 give.marchofdimes.org www.marchofdimes.org
1 static.cloudflareinsights.com www.marchofdimes.org
1 fonts.googleapis.com www.marchofdimes.org
1 go.marchofdimes.org
481 137
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-15 -
2024-04-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
fundraiseup.com
Cloudflare Inc ECC CA-3		 2023-05-22 -
2024-05-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-14 -
2024-12-14		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-11 -
2024-01-09		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.ipredictive.com
Amazon RSA 2048 M02		 2023-03-14 -
2024-04-11		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-30 -
2024-01-25		 3 months crt.sh
sentry.fundraiseup.com
R3		 2023-12-30 -
2024-03-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.acuityplatform.com
Go Daddy Secure Certificate Authority - G2		 2023-04-13 -
2024-05-14		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02		 2023-09-09 -
2024-10-07		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-12-20 -
2024-03-21		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-13 -
2024-08-20		 10 months crt.sh
cps3.ucarecdn.com
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
*.seadform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-08		 a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-09-21 -
2024-10-21		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-22 -
2024-03-21		 3 months crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-17 -
2024-09-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.adscale.de
Amazon RSA 2048 M02		 2023-07-18 -
2024-08-15		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
eyeota.net
GoGetSSL RSA DV CA		 2023-03-08 -
2024-04-07		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2023-10-08 -
2024-11-06		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-11 -
2024-12-11		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.userreport.com
Amazon RSA 2048 M02		 2023-11-20 -
2024-12-17		 a year crt.sh
*.ib-ibi.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-21 -
2024-04-02		 a year crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03		 2023-09-04 -
2024-10-02		 a year crt.sh
*.contentexchange.me
Sectigo RSA Domain Validation Secure Server CA		 2023-05-29 -
2024-06-04		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.emxdgt.com
Amazon RSA 2048 M01		 2023-05-03 -
2024-05-31		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-12-26 -
2024-06-19		 6 months crt.sh
hb.yahoo.net
R3		 2023-12-18 -
2024-03-17		 3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
itm.ivitrack.com
R3		 2023-12-14 -
2024-03-13		 3 months crt.sh
exchange.mediavine.com
Amazon RSA 2048 M02		 2023-06-06 -
2024-07-04		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
*.twiago.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-07 -
2025-01-06		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
public-prod-dspcookiematching.dmxleo.com
ZeroSSL RSA Domain Secure Site CA		 2023-12-13 -
2024-03-12		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh

This page contains 33 frames:

Primary Page: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Frame ID: CE5B40340EA5587FBF9F76CCCFFC87F2
Requests: 171 HTTP requests in this frame

Frame: https://8832015.fls.doubleclick.net/activityi;dc_pre=CP_-4v7xvoMDFV_uOwIdUxUI1g;src=8832015;type=rt;cat=rt_bs0;ord=340625481702;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Frame ID: E8C928A0B74760E5FB1C545ED4531D0A
Requests: 1 HTTP requests in this frame

Frame: https://8832015.fls.doubleclick.net/activityi;dc_pre=CPiC4_7xvoMDFYbHOwId52YJkg;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Frame ID: 7BBA050A7BE7DEF805367D81CD0E5239
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CP_-4v7xvoMDFV_uOwIdUxUI1g;src=8832015;type=rt;cat=rt_bs0;ord=340625481702;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Frame ID: 19EAA73222B2C30914FB0A746F723953
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPiC4_7xvoMDFYbHOwId52YJkg;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Frame ID: 18CC1686970C00A601050EA8B9B7DE90
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=2n62y3m&ref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&upid=b8lvzxo&upv=1.1.0
Frame ID: 9DC8BD07B59A69A929CFE7CE96D8A0BB
Requests: 1 HTTP requests in this frame

Frame: https://ad.ipredictive.com/d/track/event?upid=107549&cache_buster=1704204902&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&val=undefined&tn=undefined&p1=gtm.js
Frame ID: 21DD17AA74327196F035ECC34DED822D
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/
Frame ID: 43547A12806064268E7B5844302DE09F
Requests: 14 HTTP requests in this frame

Frame: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CPiC4_7xvoMDFYbHOwId52YJkg;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Frame ID: 4968C238767B8545DA2B8508CCBC0789
Requests: 19 HTTP requests in this frame

Frame: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CP_-4v7xvoMDFV_uOwIdUxUI1g;src=8832015;type=rt;cat=rt_bs0;ord=340625481702;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Frame ID: 419FBDC59FD462D4CEDEF5DA82B89F6C
Requests: 11 HTTP requests in this frame

Frame: https://static.fundraiseup.com/_/packages/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c9e466876957.woff2
Frame ID: 2E549EDC430D112125A37BCF7B924ED3
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: BE72E7CFF2951CDE4DD5588E07D16DC9
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 4CAB6EBAF8E2A6CAAF58F70FEF723D35
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Frame ID: 0340A1C208F3DA30E495EAB1504C0E12
Requests: 32 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Frame ID: B4311D52CBD063467849B24516C8E7A8
Requests: 11 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 94DDC1180044292A0A3A56BE9D06EEA3
Requests: 6 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 1ED744F681682E5989D0E991727FB569
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.marchofdimes.org&origin=onetag
Frame ID: 0928E5AD5A1216C1FAA6A2816485F998
Requests: 2 HTTP requests in this frame

Frame: https://8832015.fls.doubleclick.net/activityi;dc_pre=CLqwjP_xvoMDFVzJOwIdvowO-A;src=8832015;type=rt;cat=donforms;ord=5273680798760;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Frame ID: C2440B2AB0A1CB639F334DE21D893884
Requests: 20 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Frame ID: 7DF0569A81A4A163D927404566D60F3C
Requests: 41 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Frame ID: F9BF4A2049BF9784E2228E77D36DFDA7
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Frame ID: 380B842E3AB5E8D3ED6C56ADBFCB158E
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Frame ID: B881143186F6BFDDA766E04692606BA6
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Frame ID: BB6F7537FE73F0A6DDF51E99BD3C1141
Requests: 10 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Frame ID: 1E4D7F6D0FB9D418416CC25BEB437D52
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.marchofdimes.org&origin=onetag
Frame ID: A547B8F22311A46D56D11263BFBB07AF
Requests: 2 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 5957D62056AD7D95FBEAC087A32744B5
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
Frame ID: 7B08A61AAAC13D26CA26F44221E71E8F
Requests: 5 HTTP requests in this frame

Frame: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=8a23637e-bbcc-4f34-810a-bad276f106a3&origin=https%3A%2F%2Fjs.stripe.com
Frame ID: B33EEF37B2129558F76A5F6C5FDBC2EC
Requests: 5 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=3cs2xthwsrg
Frame ID: 32A4FDBA26780D9F6C668D667C567F42
Requests: 5 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.marchofdimes.org&mid=
Frame ID: D1D5F3DAB2B24A4D243E55CE1E22DE94
Requests: 13 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-v9WdodCueer5CDAfakdvj6CgWKRbW4SzOt3zLA&google_gid=CAESEAQjHqp_YUpmDo6iNCpzE9g&google_cver=1&google_ula=913071,0
Frame ID: 3FBFD01A95BC6CE65B9DE9A798BFE0F0
Requests: 30 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-v9WdodCueer5CDAfakdvj6CgWKRbW4SzOt3zLA&google_gid=CAESEAQjHqp_YUpmDo6iNCpzE9g&google_cver=1&google_ula=913071,0
Frame ID: 8D62EC5F869B2FE77477B2773A375B57
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Donate Now | March of DimesCloseCloseCloseCloseCloseCloseCloseCloseBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8D... Page URL
  2. https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&u... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https://hcaptcha.com/([\d]+?)/api.js

Page Statistics

481
Requests

94 %
HTTPS

25 %
IPv6

89
Domains

137
Subdomains

111
IPs

10
Countries

6226 kB
Transfer

21221 kB
Size

97
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM= Page URL
  2. https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51
  • https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=rt_bs0;ord=340625481702;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic HTTP 302
  • https://8832015.fls.doubleclick.net/activityi;dc_pre=CP_-4v7xvoMDFV_uOwIdUxUI1g;src=8832015;type=rt;cat=rt_bs0;ord=340625481702;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Request Chain 52
  • https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic HTTP 302
  • https://8832015.fls.doubleclick.net/activityi;dc_pre=CPiC4_7xvoMDFYbHOwId52YJkg;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Request Chain 62
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.237971066;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.237971066;dc_pre=CKri4_7xvoMDFbbtEQgd5EYJDw;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Request Chain 63
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_pre=CLre4_7xvoMDFYqk_QcdjFwGLA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Request Chain 90
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204902760&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204902760&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3446297%26time%3D1704204902760%26url%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fdonate-now%253Fform%253Ddonatenow%2526srcCode%253DGGGEOYEM2312CMR00130001%2526utm_medium%253Demail%2526utm_source%253Dmandr%2526utm_campaign%253D2023eoy%2526utm_content%253Dem-nat-mandr-2023eoy-2023-12-30-email-7%2526mkto%253Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%2526mkt_tok%253DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204902760&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204902760&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&cookiesTest=true&liSync=true&e_ipv6=AQIE7hJyE4_h6wAAAYzKhyOpJ3FeBEjVN09_nH_oue6QZocBocuhjJ5Ag-hR-tFxpSJxr1tt_we7FCcDlw3zcfUpE3ALPQ
Request Chain 110
  • https://a2.adform.net/Serving/TrackPoint/?pm=3179125&ADFdivider=%7C&ord=915872407622&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&CPref=http%3A%2F%2Fgo.marchofdimes.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
  • https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3179125&ADFdivider=%7C&ord=915872407622&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&CPref=http%3A%2F%2Fgo.marchofdimes.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Request Chain 113
  • https://adservice.google.de/ddm/fls/i/dc_pre=CPiC4_7xvoMDFYbHOwId52YJkg;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic HTTP 302
  • https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CPiC4_7xvoMDFYbHOwId52YJkg;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Request Chain 114
  • https://adservice.google.de/ddm/fls/i/dc_pre=CP_-4v7xvoMDFV_uOwIdUxUI1g;src=8832015;type=rt;cat=rt_bs0;ord=340625481702;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic HTTP 302
  • https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CP_-4v7xvoMDFV_uOwIdUxUI1g;src=8832015;type=rt;cat=rt_bs0;ord=340625481702;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Request Chain 132
  • https://secure.adnxs.com/px?id=1282070&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1282070%26t%3D2
Request Chain 133
  • https://ib.adnxs.com/seg?add=22494154 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D22494154
Request Chain 168
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204903167&url=https%3A%2F%2Fadservice.google.com%2F HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204903167&url=https%3A%2F%2Fadservice.google.com%2F&e_ipv6=AQI77rE531KZvgAAAYzKhyNMWFLhwrTwOA3KoTpFlJlJYv5kwIo-L5nl6rRSe4H_v214EF8EdOOQzb-4BEa2gOjwKjNeKQ
Request Chain 181
  • https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=donforms;ord=5273680798760;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic HTTP 302
  • https://8832015.fls.doubleclick.net/activityi;dc_pre=CLqwjP_xvoMDFVzJOwIdvowO-A;src=8832015;type=rt;cat=donforms;ord=5273680798760;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Request Chain 311
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2680502003153585213&expiration=1705414503 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2680502003153585213&expiration=1705414503&C=1
Request Chain 312
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=2680502003153585213&sInitiator=external HTTP 302
  • https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=2680502003153585213&sInitiator=external HTTP 302
  • https://se.semasio.net/sync/1/16266044?sExtCookieId=2680502003153585213&gdpr=&sInitiator=external HTTP 302
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr= HTTP 302
  • https://se.semasio.net/sync/1/647471?sExtCookieId=7319504324094195870&sInitiator=internal&gdpr= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr= HTTP 302
  • https://se.semasio.net/sync/1/4354957?sExtCookieId=960055153409176929&sInitiator=internal&gdpr= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=MUE1QTA4RTQxNTlFN0QwMA&gdpr= HTTP 302
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEAtw7FbKck-U4oa3lr8lD1A&sInitiator=internal&google_cver=1&gdpr=&google_cver=1 HTTP 302
  • https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEAtw7FbKck-U4oa3lr8lD1A&sInitiator=internal&google_cver=1&gdpr=
Request Chain 314
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2680502003153585213 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2680502003153585213&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 319
  • https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
  • https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Request Chain 320
  • https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=2680502003153585213 HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12024010214d23713366280bda83c8&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
  • https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=a989536f9d2f29fd04999ad733a62062&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyNDAxMDIxNGQyMzcxMzM2NjI4MGJkYTgzYzg&gdpr_consent=&gdpr=0 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEOyWGWZTF-IQHy5Y0ElDiJs&gdpr_consent=&gdpr=0&google_cver=1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=28&cid=CM12024010214d23713366280bda83c8 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=2680502003153585213 HTTP 302
  • https://dsp.adfarm1.adition.com/cookie/?ssp=6 HTTP 302
  • https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7319504324094195870 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=7319504324094195870
Request Chain 322
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MjY4MDUwMjAwMzE1MzU4NTIxMw HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJeRmRPFSw3Jivk7Vccuoro&google_cver=1&google_ula=1641347,0
Request Chain 324
  • https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=3&id=960055153409176929&redirect=1 HTTP 302
  • https://secure.adnxs.com/setuid?entity=91&code=2680502003153585213
Request Chain 327
  • https://a.audrte.com/a?adform_uid=2680502003153585213 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YmQ2LUJuRGYyeEpRQnVWNmd3WGJpV3VSZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 328
  • https://dpm.demdex.net/ibs:dpid=1586&dpuuid=2680502003153585213&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=2680502003153585213&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1007&cid=91193110074607064314433725358967348715&noredirect=1
Request Chain 329
  • https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=2680502003153585213 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219763204749002753418
Request Chain 330
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7319504324094195870
Request Chain 332
  • https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1084&cid=tyv4gR9o1RkFxR5
Request Chain 336
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=3229075261 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1145&cid=zvsHfHkFQE/WkZb4G8H2de
Request Chain 380
  • https://sslwidget.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fadservice.google.com&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=gGhf2l9lT1U0WkdhbmozQkp5MkszRWN2NktENHZFZ09YYkN6Nmd2anc3ZVhlbFI4UEFvTm0zdmxsbUtFTUUxTkFUUGZQcXFXR2sxdG9GWnpxNzZkc0dZJTJGY0VaNzZTMEJXWlVYZiUyQmYzN2RDMWlIUEpSY0lNWXV1cTNEQ1E5OEZ1ZDA4ck1kWm1Cc09XRjBwUnh2UDVTRzN2WU5Eb1RmS0x0Q1BqN05LVzFXRTZFc2NjJTNE&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=fef0ed89-c11f-4a0c-8767-091f95cd2d7a&dtycbr=84458 HTTP 302
  • https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fadservice.google.com&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=gGhf2l9lT1U0WkdhbmozQkp5MkszRWN2NktENHZFZ09YYkN6Nmd2anc3ZVhlbFI4UEFvTm0zdmxsbUtFTUUxTkFUUGZQcXFXR2sxdG9GWnpxNzZkc0dZJTJGY0VaNzZTMEJXWlVYZiUyQmYzN2RDMWlIUEpSY0lNWXV1cTNEQ1E5OEZ1ZDA4ck1kWm1Cc09XRjBwUnh2UDVTRzN2WU5Eb1RmS0x0Q1BqN05LVzFXRTZFc2NjJTNE&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=fef0ed89-c11f-4a0c-8767-091f95cd2d7a&dtycbr=84458
Request Chain 381
  • https://sslwidget.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=uBkjzF80YjJ4cmVYQ05pOTBMeHB0JTJCMUVUYnhDQThNVElJcSUyRnFhblhZUHRMTzJxRFlLNVRUVko2eHdObkVTbjg0djJmQXYzWmxxRHZKWVIxV0Y1emdkczZHY0U5VHdaZGJ0alI3VWFQVVBLYVZMa0tMNWkzZlpSSm12SldIY0lSOTlRMGtZRG1jWmNSdERjaWtmUDRPcSUyRjdCb0xpWmt1cGFzc3lzd0lDVXE4MnUlMkZpNCUzRA&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=ae9be2dd-3c2b-4979-816e-e4c69aa4fc39&dtycbr=30361 HTTP 302
  • https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=uBkjzF80YjJ4cmVYQ05pOTBMeHB0JTJCMUVUYnhDQThNVElJcSUyRnFhblhZUHRMTzJxRFlLNVRUVko2eHdObkVTbjg0djJmQXYzWmxxRHZKWVIxV0Y1emdkczZHY0U5VHdaZGJ0alI3VWFQVVBLYVZMa0tMNWkzZlpSSm12SldIY0lSOTlRMGtZRG1jWmNSdERjaWtmUDRPcSUyRjdCb0xpWmt1cGFzc3lzd0lDVXE4MnUlMkZpNCUzRA&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=ae9be2dd-3c2b-4979-816e-e4c69aa4fc39&dtycbr=30361
Request Chain 409
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-v9WdodCueer5CDAfakdvj6CgWKRbW4SzOt3zLA&google_cm&google_hm=ay12OVdkb2RDdWVlcjVDREFmYWtkdmo2Q2dXS1JiVzRTek90M3pMQQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-v9WdodCueer5CDAfakdvj6CgWKRbW4SzOt3zLA&google_gid=CAESEAQjHqp_YUpmDo6iNCpzE9g&google_cver=1&google_ula=913071,0
Request Chain 411
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=960055153409176929
Request Chain 423
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=vWXe57LIebvdfbwduHkmkTMKO3DUGg3K
Request Chain 439
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-v9WdodCueer5CDAfakdvj6CgWKRbW4SzOt3zLA&google_cm&google_hm=ay12OVdkb2RDdWVlcjVDREFmYWtkdmo2Q2dXS1JiVzRTek90M3pMQQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-v9WdodCueer5CDAfakdvj6CgWKRbW4SzOt3zLA&google_gid=CAESEAQjHqp_YUpmDo6iNCpzE9g&google_cver=1&google_ula=913071,0
Request Chain 441
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=960055153409176929
Request Chain 450
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=2wXAcFB80aM45RtYHNbB2_HfGZvuhy_k
Request Chain 470
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=N8hE5-49EmO1qTy_7LApv3tuivAGZubN
Request Chain 487
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=0PP7GJXOaDcCjZAbbVLxr7ylPgXlf2Yz

481 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0F... 		754 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
HTTP/1.1
Server
104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-9XMjxb8jPgcBlA8xWL627M+LkEHKTdAzfKYr7k15aMg=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
83f39c91adf51c07-FRA
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Tue, 02 Jan 2024 14:15:00 GMT
Server
cloudflare
Transfer-Encoding
chunked
cache-control
private, no-cache, no-store, max-age=0
content-security-policy
default-src 'self'; img-src 'self';script-src 'self' 'sha256-9XMjxb8jPgcBlA8xWL627M+LkEHKTdAzfKYr7k15aMg=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
referrer-policy
strict-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-request-id
c8f7cb4c230611dc
Primary Request donate-now
www.marchofdimes.org/ 		39 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33be45627e0bda644a1d0643a7280f360a19ea9828bb42cce194242c82d83067
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://go.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
must-revalidate, no-cache, private
cf-cache-status
DYNAMIC
cf-ray
83f39c9308102c3a-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 14:15:01 GMT
expires
Sun, 19 Nov 1978 05:00:00 GMT
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-drupal-cache
MISS
x-drupal-dynamic-cache
UNCACHEABLE
x-frame-options
SAMEORIGIN
x-generator
Drupal 9 (https://www.drupal.org)
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
css_i_IAUTuyaYflulzov9QOquZ0DRt2fYtf1VYDyYjfHo8.css
www.marchofdimes.org/sites/default/files/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/sites/default/files/css/css_i_IAUTuyaYflulzov9QOquZ0DRt2fYtf1VYDyYjfHo8.css
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3c193a2e64fe803deba1f8c52fbec46e6a2089c546d8b18dc1f9a56ec4ca692
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 21 Dec 2023 23:19:52 GMT
server
cloudflare
content-encoding
br
cf-polished
origSize=8629
etag
W/"94f-60d0d56313bb8"
vary
Accept-encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
83f39c9cbd3c2c3a-FRA
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/ 		19 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600;1,700&display=swap
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eefe1e7d99ab4810bfb479ff54c275efb459b6ae9abfebfd221c4a518ead27d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 14:15:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 14:15:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 14:15:01 GMT
css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
www.marchofdimes.org/sites/default/files/css/ 		172 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26dd3e70c1aa731ac4c5a27ac65c200ceb2756eca0ae5862e8fab8b7d4985dd0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 21 Dec 2023 23:19:52 GMT
server
cloudflare
content-encoding
br
cf-polished
origSize=177163
etag
W/"7d61-60d0d563bea18"
vary
Accept-encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
83f39c9cbd3e2c3a-FRA
x-xss-protection
1; mode=block
rocket-loader.min.js
www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Dec 2023 14:09:38 GMT
server
cloudflare
etag
W/"6581a422-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
83f39c9ccd4d2c3a-FRA
expires
Thu, 04 Jan 2024 14:15:01 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:01 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
83f39c9ce93a65cb-FRA
sprite.artifact.svg
www.marchofdimes.org/themes/gesso/dist/images/ 		6 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/images/sprite.artifact.svg
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a03c785037ad1b5e421dd7d4335f1f697c0ab24f71aa14e49e632679b4112299
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
content-encoding
br
etag
W/"19d4-60d0d34b0c580"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
83f39c9ccd4f2c3a-FRA
x-xss-protection
1; mode=block
js_3zKdJjwbnH4zY-ZXfGrKTGbJMU4AUVlFIlJ8EY1UCvA.js
www.marchofdimes.org/sites/default/files/js/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/sites/default/files/js/js_3zKdJjwbnH4zY-ZXfGrKTGbJMU4AUVlFIlJ8EY1UCvA.js
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f55809ae21d5dcfb8a6e01596d12eb88c0630f7e0aeff4c285b981df7864aed5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 30 Nov 2023 23:17:54 GMT
server
cloudflare
content-encoding
br
cf-polished
origSize=24764
etag
W/"19b1-60b66dc85ec70"
vary
Accept-encoding
content-type
text/javascript
cache-control
max-age=14400
cf-ray
83f39c9f48432c3a-FRA
x-xss-protection
1; mode=block
reminder.js
give.marchofdimes.org/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://give.marchofdimes.org/reminder.js
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
183d1f7f458dfc35496d9eb446598b1b96658ab4dc316b23cea4cd7bfcd4c8ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 02 Oct 2023 16:39:53 GMT
server
cloudflare
cf-polished
origSize=6204
etag
W/"e6ce93114ff5d91:0"
vary
Accept-Encoding
x-powered-by
ASP.NET
content-type
application/javascript
cache-control
max-age=14400
permissions-policy
interest-cohort=()
cf-ray
83f39c9f48482c3a-FRA
js_-DDrB9INXKSpUh7RYEGn3k9Ww_ejwreIkMGDLsxqfB4.js
www.marchofdimes.org/sites/default/files/js/ 		160 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/sites/default/files/js/js_-DDrB9INXKSpUh7RYEGn3k9Ww_ejwreIkMGDLsxqfB4.js
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c09f9bc171c32544001b130b5ed1f7f2e2b8c1ac817823452288bc678afc57e6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 21 Dec 2023 23:19:56 GMT
server
cloudflare
content-encoding
br
cf-polished
origSize=165577
etag
W/"f117-60d0d567acfa8"
vary
Accept-encoding
content-type
text/javascript
cache-control
max-age=14400
cf-ray
83f39c9f48462c3a-FRA
x-xss-protection
1; mode=block
google_tag.script.js
www.marchofdimes.org/sites/default/files/google_tag/march_of_dimes/ 		348 B
327 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/sites/default/files/google_tag/march_of_dimes/google_tag.script.js?s6mzfy
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2717d806962fe1e4c9810ca869fb82c8bbd86638ca6787d01ff8c947c20df3c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 02 Jan 2024 13:43:11 GMT
server
cloudflare
content-encoding
br
etag
W/"15c-60df6adf03f18-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=14400
cf-ray
83f39c9f48472c3a-FRA
x-xss-protection
1; mode=block
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d72fa0f78c80b1874d3ee4aadf43d973edc442a65fef83d37e684ac559893b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
5rel+BW+cbOCNkEJ4C4NBQ==
age
14159
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6841
x-ms-lease-status
unlocked
last-modified
Thu, 21 Dec 2023 21:19:55 GMT
server
cloudflare
etag
0x8DC026A943751A5
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d530a67f-201e-0007-3283-3455e0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f39c9f5af8365f-FRA
fcdafeaf549fc682810d.svg
www.marchofdimes.org/themes/gesso/dist/images/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.marchofdimes.org/themes/gesso/dist/images/fcdafeaf549fc682810d.svg
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c73ae3eda72c7eef8b13c75031180df1d81626dec2a68a846094d697fec3546
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:07:43 GMT
server
cloudflare
content-encoding
br
etag
W/"1fb9-60d0d2abc8dc0"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
83f39c9f484e2c3a-FRA
x-xss-protection
1; mode=block
truncated
/ 		200 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5fbdec47eb761902c4f7d14ccd5a3b97bbaca6a18d485482157fff7f97684d3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		743 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5cc76e7f5b027b2566d97e2701af7b605a376c4a0487302d2634bbceb67eb349

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		538 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4471ccb98d7627f19e1fd997e5562b4be936baf86b6597eb63330c6843fc59c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
019696b175f8558a9f629b596b30b4715bf1219fbee3e3588dbacfb1582df84c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		328 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e944de09b6e048d89b1dff57baf718b2ac1dc0d273e55560decb4c82cc828c8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		325 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52142e0671ba7294da28434e2a92636b8848c1fe284fe09543c4e8f7e4716d11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
116448ff3191f74560d6d91c76cebc18ec741564aa62d5c6f8bdf8f611e8a2b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
218b91569ad8f0a5cf1aba89f3957966ecffb7b5852ca25b709bd8f887a00c90

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		521 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7176a2935514018f4c12a99dccc108407f9f4bdd7c1be1a097cbec7a90fb7542

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		518 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4aa2fdddfcb25552a1713673a954bc864de1a7b22dc0ebe664fe8ddb6bcb21ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		392 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
420a436e0e9e1c48a2f9ce50b59fdb2b805d0274cc20fa569fd1726c4dbf90e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		389 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b73c2239b5b0ae6e051cb135734dc2101aeaf9032dd6b2c29ce9679330fc0bd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		583 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b81f50d6d819dd6d6aaf0cb6402329f0479c734ad2f0918eb9f8366b66f78c83

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		580 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a79623b8606d1583bada494ecdaac61b10440ba7a0da23185892f9d86f172dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		535 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24049fb41335d87d82a9faea10cf9aa2a0ef868037667b029d2953a940cdf67b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		532 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b410913850321efd333e39ddf1a5d49a433b29721126ec6d785f8f039e98bc32

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
329746577f94a4f1785e.otf
www.marchofdimes.org/themes/gesso/dist/fonts/ 		123 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/fonts/329746577f94a4f1785e.otf
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e758310065d56c81731fadefacd48f77fe962456070bcd42b4fab78e044a69d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
content-encoding
br
etag
W/"1eb4c-60d0d34b0c580"
vary
Accept-Encoding
content-type
font/otf
cache-control
max-age=14400
cf-ray
83f39c9f58682c3a-FRA
x-xss-protection
1; mode=block
7ef1e78abcb43e957eec.otf
www.marchofdimes.org/themes/gesso/dist/fonts/ 		130 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/fonts/7ef1e78abcb43e957eec.otf
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d663da5e7f6fe773fda5fe642d04a71cd988f1132b343edb5be914d44a1f534
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
age
2948
etag
W/"206b0-60d0d34b0c580"
vary
Accept-Encoding
content-type
font/otf
content-encoding
br
cache-control
max-age=14400
cf-ray
83f39c9f686b2c3a-FRA
x-xss-protection
1; mode=block
09a9e3080c1a5236f325.otf
www.marchofdimes.org/themes/gesso/dist/fonts/ 		131 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/fonts/09a9e3080c1a5236f325.otf
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1802297dea21b3e6a860ccb64dac092312598f1743b8b6b9dd6c30adb4bfe45
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
content-encoding
br
etag
W/"20b6c-60d0d34b0c580"
vary
Accept-Encoding
content-type
font/otf
cache-control
max-age=14400
cf-ray
83f39c9f686c2c3a-FRA
x-xss-protection
1; mode=block
f58d53eb72d7239d4ca8.otf
www.marchofdimes.org/themes/gesso/dist/fonts/ 		129 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/fonts/f58d53eb72d7239d4ca8.otf
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebd6d32400095fb406e63e748a6a8451eb6cdefc0f57d5f3217de10fdc57b416
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
content-encoding
br
etag
W/"20448-60d0d34b0c580"
vary
Accept-Encoding
content-type
font/otf
cache-control
max-age=14400
cf-ray
83f39c9f686e2c3a-FRA
x-xss-protection
1; mode=block
e78d3d4f87bc060c0a1a.otf
www.marchofdimes.org/themes/gesso/dist/fonts/ 		131 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/fonts/e78d3d4f87bc060c0a1a.otf
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75c911d121bdba9548b91e8a057bfae7edbebe988a7423821fc7d4c090c64b92
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
content-encoding
br
etag
W/"20a90-60d0d34b0c580"
vary
Accept-Encoding
content-type
font/otf
cache-control
max-age=14400
cf-ray
83f39c9f686f2c3a-FRA
x-xss-protection
1; mode=block
ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c.json
cdn.cookielaw.org/consent/ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c/ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31c9ef99aae6896ff764e44f3cc121359d2a42dc49389a16a8b236f6e8aacfca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
21953
content-md5
g/KZi3qFt3L2oPImJ/jgJw==
content-length
1475
x-ms-lease-status
unlocked
last-modified
Tue, 10 Oct 2023 13:15:27 GMT
server
cloudflare
etag
0x8DBC992F85E777F
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8f992677-501e-0040-2c55-143ebb000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f39ca07b273a4a-FRA
expires
Wed, 03 Jan 2024 14:15:02 GMT
AJPYNTWD
cdn.fundraiseup.com/widget/ 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fundraiseup.com/widget/AJPYNTWD
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c539677a5fa924b3f663fbe2026616c64bd4080701b43c04e6489f9d31ccb87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"700361656"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7%2Fzni3Z1ahYJeqlFKRZOghtGeFXVpehZTgJXhBiio4XLECDjly61U6kPw2OwRFKHTHxYnrl3Y0fDu8sm9rkByrx969p%2Bma82a4KNJcOYJEl5%2BkdCUMOhSnpqI4elmLnXhAURws%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
83f39ca07e004d9d-FRA
link
<https://static.fundraiseup.com/8404ac38d731.elementsApi.js>; rel=preload; as=script, <https://static.fundraiseup.com/embed-data/elements-global/AJPYNTWD.js>; rel=preload; as=script, <https://static.fundraiseup.com/3.5405c7d5a80b.async-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/2.f1965a53d878.elements-langs-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/0.a67f871726a0.elements-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-vendors.90571ef5681f68c03c51.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-styles.5314794eb173af8226ff.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-sentry-vendor.bbaab79af6ac4ae5c523.js>; rel=preload; as=script, <https://static.fundraiseup.com/sentry.46ead00774987992ad1f.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-modal-fiat-flow-factory.412db339158e6d1dd863.js>; rel=preload; as=script
alt-svc
h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		362 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/google_tag/march_of_dimes/google_tag.script.js?s6mzfy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d677a40759751e1183da07b77b0db15a2f93c18d576acee25de76ff0b5721b34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109273
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jan 2024 14:15:02 GMT
sprite.artifact.svg
www.marchofdimes.org/themes/gesso/dist/images/ 		6 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/images/sprite.artifact.svg
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/js/js_-DDrB9INXKSpUh7RYEGn3k9Ww_ejwreIkMGDLsxqfB4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a03c785037ad1b5e421dd7d4335f1f697c0ab24f71aa14e49e632679b4112299
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
age
0
etag
W/"19d4-60d0d34b0c580"
vary
Accept-Encoding
content-type
image/svg+xml
content-encoding
br
cache-control
max-age=14400
cf-ray
83f39ca06a122c3a-FRA
x-xss-protection
1; mode=block
rum
www.marchofdimes.org/cdn-cgi/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.marchofdimes.org
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
83f39ca06a192c3a-FRA
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202309.1.0/ 		424 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
803f9665533b781ac3abb157ba32b9a1f48d3b7a30bada354656d4b89be22610
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
wp4bduWb8cLN8oREjFODhQ==
age
14159
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
104423
x-ms-lease-status
unlocked
last-modified
Thu, 19 Oct 2023 03:29:28 GMT
server
cloudflare
etag
0x8DBD0539A07337D
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ebd2dd6e-701e-000a-56c3-139d34000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f39ca0acb8365f-FRA
en.json
cdn.cookielaw.org/consent/ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c/03dae8d3-1490-4973-98ef-e49e49eac3e6/ 		91 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c/03dae8d3-1490-4973-98ef-e49e49eac3e6/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db2fe02b994fdded9fe3acc3f595150e738f4a0c34d9a41e76a6627be26b5352
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
50949
content-md5
pmspCWhZwPW8+QqTyR8o7Q==
content-length
18521
x-ms-lease-status
unlocked
last-modified
Tue, 10 Oct 2023 13:14:55 GMT
server
cloudflare
etag
0x8DBC992E56CEEA8
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
196f8fa7-701e-0078-5644-149a7b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f39ca0dba43a4a-FRA
expires
Wed, 03 Jan 2024 14:15:02 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/202309.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Ku3O1VFWoltPW4n5m1lGVQ==
age
21906
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3017
x-ms-lease-status
unlocked
last-modified
Thu, 19 Oct 2023 03:29:22 GMT
server
cloudflare
etag
0x8DBD053964DC527
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
6e914481-501e-007f-5f93-0cf618000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f39ca10bd83a4a-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202309.1.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Xznrm5/jaKmHSjGeIIkHOA==
age
50948
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12708
x-ms-lease-status
unlocked
last-modified
Thu, 19 Oct 2023 03:29:24 GMT
server
cloudflare
etag
0x8DBD05397A0A023
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
3b583b4f-e01e-0055-63e6-1d2908000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f39ca10bda3a4a-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202309.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
x-ms-lease-status
unlocked
last-modified
Thu, 19 Oct 2023 03:29:33 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
d8b77f44-101e-00a5-15e6-116ff9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
83f39ca10bdc3a4a-FRA
js
www.googletagmanager.com/gtag/ 		244 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0DRBVSJJB1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6c6ce6a7e1bb9ada5c4a8b610ba65fc15909dc253e56ff1f1056dd1e337e1e38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86206
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:15:02 GMT
up_loader.1.1.0.js
js.adsrvr.org/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.157.1.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-1-118.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 05:33:58 GMT
Content-Encoding
gzip
Via
1.1 fa544a973edca8926f95609301f23b66.cloudfront.net (CloudFront)
Last-Modified
Wed, 20 Dec 2023 01:34:49 GMT
Server
AmazonS3
X-Amz-Cf-Pop
DUS51-P2
Age
31270
x-amz-server-side-encryption
AES256
ETag
W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
fTOn7eHR-AlcTonQLJHBxqRcEPNnKbgrxhTVKObO3XOylnhvpUqVug==
js
www.googletagmanager.com/gtag/ 		180 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-8832015
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bdfc2ef4424cdeae10371dfdc5a2b09e3ef452854a8592edf70c1e7e1466a3c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67456
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jan 2024 14:15:02 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 13:48:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1605
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 02 Jan 2024 15:48:17 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1335104/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1335104/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ceee682f306a64e8cf1b48d513f71a81dc852709cf2b36b3d9b3719fac0b0fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
CPjc27vK9QkggOQSCDqJ5FsgXBZJ9dxj
content-encoding
gzip
via
1.1 varnish
date
Tue, 02 Jan 2024 14:15:02 GMT
x-amz-request-id
MCBHMDAX4XV4X5K9
age
157
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
19973
x-amz-id-2
Gdh6a7kMxGRYIpWOuCzSFvhR4E3KDxWynrs2sa3oG9bRYceZhiCErA/obJzxc93k7Zusr8xziLA=
x-served-by
cache-fra-eddf8230119-FRA
last-modified
Sun, 31 Dec 2023 11:30:35 GMT
server
AmazonS3
x-timer
S1704204903.778320,VS0,VE2
etag
"4c28249a704a2eee05e8cffeb2135111"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
93
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
insight.min.js
snap.licdn.com/li.lms-analytics/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Dec 2023 13:09:33 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=75583
accept-ranges
bytes
content-length
15541
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 02 Jan 2024 14:15:01 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E92F77F72F944E8C82CCEB8C4D724088 Ref B: FRAEDGE1312 Ref C: 2024-01-02T14:15:02Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
activityi;dc_pre=CP_-4v7xvoMDFV_uOwIdUxUI1g;src=8832015;type=rt;cat=rt_bs0;ord=340625481702;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;...
8832015.fls.doubleclick.net/ Frame E8C9
Redirect Chain
  • https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=rt_bs0;ord=340625481702;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl...
  • https://8832015.fls.doubleclick.net/activityi;dc_pre=CP_-4v7xvoMDFV_uOwIdUxUI1g;src=8832015;type=rt;cat=rt_bs0;ord=340625481702;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dm...
986 B
794 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8832015.fls.doubleclick.net/activityi;dc_pre=CP_-4v7xvoMDFV_uOwIdUxUI1g;src=8832015;type=rt;cat=rt_bs0;ord=340625481702;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f6.1e100.net
Software
cafe /
Resource Hash
4a09785907e6dd874be6c58333d20ff33ee92af1b7ce619ce2d7b9689a3c34dd
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:15:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:15:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8832015.fls.doubleclick.net/activityi;dc_pre=CP_-4v7xvoMDFV_uOwIdUxUI1g;src=8832015;type=rt;cat=rt_bs0;ord=340625481702;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CPiC4_7xvoMDFYbHOwId52YJkg;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafv...
8832015.fls.doubleclick.net/ Frame 7BBA
Redirect Chain
  • https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;ua...
  • https://8832015.fls.doubleclick.net/activityi;dc_pre=CPiC4_7xvoMDFYbHOwId52YJkg;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1...
989 B
782 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8832015.fls.doubleclick.net/activityi;dc_pre=CPiC4_7xvoMDFYbHOwId52YJkg;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f6.1e100.net
Software
cafe /
Resource Hash
b8ed853b36c4dc92516cbfaf82950d74ae2f8759a7a90aae0ab94b5ed4bf813b
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
610
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:15:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:15:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8832015.fls.doubleclick.net/activityi;dc_pre=CPiC4_7xvoMDFYbHOwId52YJkg;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 09 Jan 2024 14:15:02 GMT
obtp.js
amplify.outbrain.com/cp/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c91d4a23e0001862471bd7f67ca563d90b10f95d32b6f0af3874ef27d399388f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:15:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Dec 2023 13:05:28 GMT
Server
AkamaiNetStorage
ETag
"928c0d1860f13b981036d5c18f950ac2:1703078882.762337"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-RG
EU
Cache-Control
max-age=1200
X-CC
DE
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7779
Expires
Tue, 02 Jan 2024 14:35:03 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 14:15:02 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
G5ljjCe9jOZbCZePkmklKRfZOaOVZWso+89BI/Zew3lPP9F1pQM1MVgng3E8o+rjKPX2Z6ny9Muhl8KnATf3YQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.min.js
cdn.resonate.com/analytics.js/v1/101125894/ 		0
96 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.resonate.com/analytics.js/v1/101125894/analytics.min.js
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
83f39ca17eaebb79-FRA
vary
Accept-Encoding
B21591273.227039140;sz=1x2;ord=283539858218
ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=283539858218?
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
6d306437df8643d2e681cd08ac00ce27fd97bed7bcd76162ce4ecbffc631ae57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14771
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
optimize.js
www.googleoptimize.com/ 		128 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=GTM-W2ZD7L3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8166e6a7d3fe9fdc26b2f8a0bff105a647c884e550c57225b9cc660d0be6b278
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50505
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jan 2024 14:15:02 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHD93M3C77U7KUN3M5L0&lib=ttq
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.110.66 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-110-66.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8ff1429e590e1fd99f09c3b527d524e18ea2abfd8aa8f01a052be5cd38942f1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id
45f14f91
date
Tue, 02 Jan 2024 14:15:03 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240102141503DFAD3B333F195E869D28-43F9A57E41DBDDB2-00
x-cache
TCP_MISS from a2-16-110-62.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=4, origin; dur=101
content-length
1940
pragma
no-cache
server
nginx
x-tt-logid
20240102141503DFAD3B333F195E869D28
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
101,2.16.110.62
x-tt-trace-host
01c2ac37b23a23fb2c828d6ccd283ff55ee59bd0570f76f346a1285675bfd73ecfb17d83bcf607d2d2121c2ae80db1cde5794ac9638e4b3489176f5d9a87a8884d9d5f25ac9fc9fb904ed5e8274536b124922f93f58811bec4f7bfcd4c4b010444
expires
Tue, 02 Jan 2024 14:15:03 GMT
adelphic_universal_pixel.js
js.ipredictive.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ipredictive.com/adelphic_universal_pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-13.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa4f6cfbf87befc125843523e2dfe029009376cb8f5d590cffbc1bb267dd69ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
via
1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified
Fri, 30 Sep 2022 15:42:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
216
etag
"83b469155694c51d4c5581028a6788bc"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2108
x-amz-cf-id
nCQDFtdPxIw4i4uGEAZEWdsdb8j01quGT9tzLbrL-VG9Rx-3UtOtvw==
trackpoint-async.js
s2.adform.net/banners/scripts/st/ 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
content-encoding
gzip
last-modified
Tue, 23 May 2023 09:56:34 GMT
server
nginx
x-amz-request-id
tx00000aa4f78c365c7aee5-00646c8ee1-32957f68-default
etag
W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
B21581475.237971066;dc_pre=CKri4_7xvoMDFbbtEQgd5EYJDw;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.237971066;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.237971066;dc_pre=CKri4_7xvoMDFbbtEQgd5EYJDw;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;ta...
43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.237971066;dc_pre=CKri4_7xvoMDFbbtEQgd5EYJDw;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:02 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.237971066;dc_pre=CKri4_7xvoMDFbbtEQgd5EYJDw;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B21581475.265419780;dc_pre=CLre4_7xvoMDFYqk_QcdjFwGLA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_pre=CLre4_7xvoMDFYqk_QcdjFwGLA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;ta...
43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_pre=CLre4_7xvoMDFYqk_QcdjFwGLA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:02 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_pre=CLre4_7xvoMDFYqk_QcdjFwGLA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8404ac38d731.elementsApi.js
static.fundraiseup.com/ 		122 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/8404ac38d731.elementsApi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3de7a0f6d4d192cc931ffc60dcd9c41cf823614d8fe3264c7553611853a2dc52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VA2FN8C5607QYKWS
age
18723
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
hq8/zlDkrBEn2/AGY65t4RE5RXDVyr2+gTd70YK15YAZpy1LxZGD8KffmX50kA9A0ikw5T/6Qf8=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"a1890ed56981ecf46c638b122d04247d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6hP8aKCL6Z2tn6HRkysaBKyKJT0Q1vDkpwE%2Binw9z3%2Fa5kzr5%2FQsGG1s7gB6XcGfpwkLmEpiSUgJmPh%2F3NwMtIOX10gN2tD2PoN3XHds1ZHa8BxhtUiu4dDxJ2RAyo8MRDW1NwM%2Fg%2BA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca15f4c4d9d-FRA
AJPYNTWD.js
static.fundraiseup.com/embed-data/elements-global/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements-global/AJPYNTWD.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c50703a9859028e070c5ba54517ac39c873fcfc5015907f5dac21c78648ccbdf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
PCTQFG6JD9MCG443
age
95
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
W50rBrNwSj8sxKsBNAkgsVM2kN9/sUSaMRhAdiq/1D0A217qNpEys+gBwhfTkuOyhtCL2D9qrxY=
last-modified
Tue, 02 Jan 2024 14:10:16 GMT
server
cloudflare
etag
W/"63cb5dadcb23c4e25551f1e7511c5365"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1YRjNXCPotnFCTWHeH7k3LWhNfa2%2BfBZ9T%2B%2BrghP%2F2XEDMt5sGvOiqPdxX%2FkLo9iuO6ce6ZYdIeg8R6tI3Up854OsURyEu8D%2BW4niDx5lMMPnOm9o9rHCRDr%2BGpRD0k9%2Fjzs%2BjV%2BgjY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
83f39ca15f4d4d9d-FRA
3.5405c7d5a80b.async-vendors.js
static.fundraiseup.com/ 		102 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3.5405c7d5a80b.async-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fda46ad6de82ed65908428f090ab3cb24da2b2ab22e3f19e2713e94eecdc907
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9BZ83A8VB1YCEY57
age
623109
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
fcmoURCjOT/Z7DP+9UM+18FXqM3sT1Q5RhykcvGXpx0qHFxggGw6CdaoKZ+SFJ7+S4QqV7oW2Fs=
last-modified
Tue, 26 Dec 2023 08:53:44 GMT
server
cloudflare
etag
W/"b78f8a914b2aac0785a820267d8712d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67KM4IPkmNhew6e1jLMjXpo0dWCdSJViUqcKhYnaZv%2BVfWjyVUXiLBUOeoSPQzlD%2B1%2BOfDgcmsqGm%2BPqiVvBxpUrSOnhUkDTDIT7ZSOV23%2BjHn81F0c4PfFyIIY63PJqJASAk0tttuU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca15f4e4d9d-FRA
2.f1965a53d878.elements-langs-vendors.js
static.fundraiseup.com/ 		295 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/2.f1965a53d878.elements-langs-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c963fd1212d60ca1c683bccb3c3ace830cdedc1dccf7256c112a9708f9e7cf88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
32V7ZV6V0C5TVCEB
age
362121
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
DEBeUDcbhBuNTGseMJG1V+YnEa+UPicJXs+gdsBoRvbf6GjmT9EoR4zp7THi/AkG0scDWxRzWCA=
last-modified
Fri, 29 Dec 2023 09:23:28 GMT
server
cloudflare
etag
W/"86230c72ced6be65504232d51156f84a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2S1FJJ%2FfLJh5iFrqpBgpZA1QJ5o3RG%2Bsb7HC5Q%2FvVgfeLCcYUkSPKpujXNlrXrS6xJ%2B77uzdj3CGZlfM4F1ulB8OFARMf5Hmo0x7ZfFrmVdCpaWsUGD9IFS2oDIDbHLqY7fN05IiY4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca15f504d9d-FRA
0.a67f871726a0.elements-vendors.js
static.fundraiseup.com/ 		62 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/0.a67f871726a0.elements-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
642d50bf95258a7181203326b05c08982dc5298ff21982594594a2ece141bed8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
32V6N0QFAKX4BFFV
age
362121
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Q7L0pxTNr0psgszyHQDcw4o8Fwzu4ZDbfLth3q69gRTh1sO2yp3ynzKMhgktQWL1UP09aNXP65M=
last-modified
Fri, 29 Dec 2023 09:23:27 GMT
server
cloudflare
etag
W/"dc6cd5ef97018916a1e5cc76f51b6029"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SWlSj0aL7VsceStJp4AkRX3T%2BjXj3pEv%2BY4EIzirRgrhwBiZjz2GUi3E2OmRbvqt8CVlIXcJUYZFYYPHOoijq3ByecvDdasdqEUKV7mKzslX%2ByFyRwFPKZBn5Y2UI0XqTaHCd45UEAQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca15f464d9d-FRA
checkout.677091bbeb21f0afc5db.js
static.fundraiseup.com/ 		311 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16b59918ab6733c57a8a7a9d6a1968d29e79df70c67909ddf241e029d0c15230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VA23S49AJXJ280CG
age
18722
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
XpjwJN+7GWpCQJur1wSOIRn7CtPAhGzAgKKrMZwBBY+MJTgmtajqQNaLFmDaPCyAlmyRhUUrNjU=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"52c4020f627c9a2863287f67e826bf65"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lC2grgk99JFm2YIeaCQGStbBBeM3NcHdJ6R1bjNi6JB%2BshhYDiFY2C8ZNdwS39xFRFk9EwiWVBZHAEueyYwYRwoTTCabSxTI9%2B%2BXLxfXAoW8dvT5v67yOI%2Bd2yECu9xOZzouCBnXKGA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca15f484d9d-FRA
checkout-vendors.90571ef5681f68c03c51.js
static.fundraiseup.com/ 		325 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout-vendors.90571ef5681f68c03c51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0ee34fcf7db9c8bc2412f47c264d8de575c2d477198cabc635ba538ddcd77f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CQYYB1WB1XF6X4CC
age
970957
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
pMOUC2kkzbzntFTzFntk176AwgIGXNLJsC4wJyUxNRGSgjypMm/TGoSDQ8Q7VcfdC0tBPgFdTUQ=
last-modified
Fri, 22 Dec 2023 08:14:34 GMT
server
cloudflare
etag
W/"aed625f3509871737d1044d3a87ee8b4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rv2nbu%2BgQmFs72GY0eOLa53rI9VUXo3Yl3A1JXahJLbtcicyKMDtBhny%2FScnS4seaTwWMWdnfCqx3qfJv9laMWPwcwJAEVXSTKmhi8zpqpO0BtkyI3KFxFJMOAUM%2FYu1t9DcwjY0swY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca15f494d9d-FRA
checkout-styles.5314794eb173af8226ff.js
static.fundraiseup.com/ 		118 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout-styles.5314794eb173af8226ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2a900b2a6524b9f6a640eddeda6e045bea4aff194c9203ea660e6db5743b69b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VA23GX1JW7ZTTZS2
age
18722
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
CkwxCFIWjlSTJXwFSnB+ElVgIw5wSifXB9DIDeZijW0Jcs5UT3nOHzWP4GG3ZRZSFb43ISYyPy8=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"7d4d7c4dcf370f6ba0a1600c8277782b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dpoQWIZRNZ1kerEYwdQiboJWoY9LnwVdRc3diTnLQnzuBpbQ6S%2F6DfCqr6xTMot5JoE3VE8T7xC7%2FIZUngTq8wCLzyuZlVPFauepDvicX7kRMyM9meEMU4PKdm9gy6h22lM9yr%2FMUKY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca15f4a4d9d-FRA
checkout-sentry-vendor.bbaab79af6ac4ae5c523.js
static.fundraiseup.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout-sentry-vendor.bbaab79af6ac4ae5c523.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46ffa27a716a55780501f5d6711c054bdb1772174f1076dc0e49dee9b00648e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HGGKTGCE1YZJMSDZ
age
1675872
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
M+w43jSCHQSas6McrOwuQwgzIUYcou3C9DSnhph0wEyr9HpWTu4JBe3lPiX6TEs4ht/esiZjbeY=
last-modified
Fri, 01 Dec 2023 08:27:18 GMT
server
cloudflare
etag
W/"e8cb215ba1bf6e188dcd93c7faa7d814"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDnYO3gRQyr2KJfRsxlen%2BTOEBpyJpLmXAGuZARQ75d4WIGLDBvZuVtDvVU7Gvs3DwG5ugNQlRNnUIxaQSrHcTl%2B9oUngBtaXR5CN3XHC%2Bk%2Bz6s2tUZjVdqokjTD2GaF9E39NIk8K6w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca15f4b4d9d-FRA
sentry.46ead00774987992ad1f.js
static.fundraiseup.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/sentry.46ead00774987992ad1f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f300f66c1304e23bfc15a23908129f0b10ff24c89f5a2727bc52735acda82d57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CQYG7TEAVBKC73TH
age
970957
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
pVPLpC4JYH/X4NVh1NlR4Ynj1dLH9PNpzsAZe5ReZLApdi2F6+xSNQJAZ//8zCP5Cb8+ukQxQqk=
last-modified
Fri, 22 Dec 2023 08:14:35 GMT
server
cloudflare
etag
W/"d325c5401c790cdad1125c429c0a3570"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cYm0V3st%2BUTSm2%2FYpzA5f0CPkbCmhaS6lDYmiCmt4tq%2FxmUb5CnJr8e8jzW%2FKVPLqpaqTaamMmZP%2B5cp%2FFcpSDSHQLgYKM9%2F%2BlQqO99teTV4zFc7T1kEBg5ZVW4akli3qiCN8EnbJ%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca16f574d9d-FRA
checkout-modal-fiat-flow-factory.412db339158e6d1dd863.js
static.fundraiseup.com/ 		193 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout-modal-fiat-flow-factory.412db339158e6d1dd863.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae885067159b6a4c7f153446d01bd1e0405d0acd180089840397091758a42695
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
32V1ZK6TEKGC2F71
age
362121
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
HsfujrA+k1UKvFlvFqNT9p5WwVToMwIMs8iwMccJuFCcSOnuyYW2F74ee6t5X1VIfj75hQb/aIs=
last-modified
Fri, 29 Dec 2023 09:23:32 GMT
server
cloudflare
etag
W/"a841186be43e9817bb06608166c38a47"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZUWkG78fS6jY5W8QcDPFJR%2Bv8TfheAwspsjzxMlJ8n8hB9DbxaLrx8xIsTkBrI3kxjWxyJMZ8B%2FrP%2Biqc43rKWg6MSoVvaZSSwqU55m%2FW2aNcTY%2BTl5hv66f1fO3V7IOSuocNL6oQE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca15f454d9d-FRA
tb
fndrsp.net/ 		2 B
497 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fndrsp.net/tb
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qb%2FptHLuMy0cSmJ%2F%2BnMjOwSrkn3%2B6G1U%2FoeTfb3gD4fENhPF%2BearEF3XI9qeLqatMjYGCgHaHjXolurL0SxoTKsDc92vrp%2B7jDJTK37yYeGvQXIdCUQd%2FcJjILqK"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.marchofdimes.org
access-control-allow-credentials
true
cf-ray
83f39ca23a421c0c-AMS
alt-svc
h3=":443"; ma=86400
resolve
api.fundraiseup.com/checkout/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.fundraiseup.com/checkout/resolve?key=AJPYNTWD&livemode=true&livemode=true
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82fc02af46ba3ab5b7bc46bc74c979c125eb281b4482036d29ce292c4981ca06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain; charset=utf-8

Response headers

fun_c_status
HIT
date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
fun_cp_status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
fun_c_ms
9
alt-svc
h3=":443"; ma=86400
fun_cp_ms
14
fun_t_status
HIT
server
cloudflare
fun_t_ms
32
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mk8R%2BRPZjlrFBmMM680affy8aqTYvLIzV7hcW7olugOGo2WC6DsfgII4%2FFja4DKBQw3h%2FTBsneNMfdjSniEyr8zQWromK2Hp2InwZNN%2BUdVgH8ddE%2BYhzAitAMEaHfLUoArY6MY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.marchofdimes.org
access-control-allow-credentials
true
cf-ray
83f39ca1f8274d9d-FRA
XTDESWHR.js
static.fundraiseup.com/embed-data/elements/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements/XTDESWHR.js
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
517aa5c6549c92ef5244d8e9df5d662310d50ca9419b12b9157e67ff640be3b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
A3819GG2J2PWCW2Y
age
95
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
LR8+SICLFbXG8a9ksYxtbR/BN6DcGzBW7kv38/Nsh2j3tymBsOzJrkTzU/mAnM+cvqB7YOYJJ48=
last-modified
Tue, 02 Jan 2024 14:10:14 GMT
server
cloudflare
etag
W/"88a40ec077d8e3a73aff5ba0a8ae0127"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgqDPnon4AoeWrGeIRzWD8JN4Iwt5uz63bt8WZasYhSljcj4XpNmeEUp8BZxFpmgie2bXBTsCnIfpB8D0BmbHxAKTkXmCWe7vhwiLVZfSMea7Nbzt%2BfwEyKWG5RJ0Cei1a4n%2BpbQvP8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
83f39ca1e80f4d9d-FRA
XKPELUWA.js
static.fundraiseup.com/embed-data/elements/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements/XKPELUWA.js
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bff4e5a01e8dd93a69abd5a5531d53cd891f65134c552718134e0adeda2be295
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
TMSQ0XNR5G3PMZQQ
age
95
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
wMy6XrMl3YsFXIjy3o9XtpQnZ2OCBJu5Ri+3n3KFuXO+/D0JgIYOi31j3obx2MIPirtkSDxOqGU=
last-modified
Tue, 02 Jan 2024 14:10:19 GMT
server
cloudflare
etag
W/"d9ccba06a738c5e01e9a85a29f1da6f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3KgQSjlc4iPZQUZuRUX5xjDJxoJhJFv9%2FqUWY783Y8UwzUwi6HM5n9wDigc4FqkkAsnur7af6eTrreHhrF0KClorp8JSvfueoG%2BzNco%2FyZ%2Bw1MesmcCHS%2FGxOnB%2BDa%2Btrl5TPfFVWA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
83f39ca1e8114d9d-FRA
XXTZBBEE.js
static.fundraiseup.com/embed-data/elements/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements/XXTZBBEE.js
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6109a9264c6bb75eaf69d45fd3fc6f193794adac940245584a014c10d334dda5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
68WCFG22F4P8T3JQ
age
95
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
/JEcokEK8Os4CkOsyIfxU+UsMIcH8/e+dthsGZnhXD2Q0caICYG+O68wcyiRYnV91GZofg9spDM=
last-modified
Tue, 02 Jan 2024 14:10:23 GMT
server
cloudflare
etag
W/"e6e67bdaa2cd00905d537372a5883457"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mujLZLdCdsSkQKi54E%2Beq%2BkkeFczPVfalyXAtR7hm8c1P7jk%2BzuD4%2BWBJT7Ss3et8PgH01DMjBt34ABa7lolX7FZidULIxxOfws1I%2B%2B4bFfLw1XkO%2BEgxT7XbdGel%2Ffqj5btQX5i%2Fro%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
83f39ca1e8124d9d-FRA
XPKFWDNY.js
static.fundraiseup.com/embed-data/elements/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements/XPKFWDNY.js
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fb218a2b6a039eaf89cbd37cd1555bc0f0398efdffde33a410990feda30a3c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CG3E81HYMN82VGAA
age
95
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
QZPlOFJaViOYCs2lvYR9Citf8iPfkhYPR7LDPkGRz22R7Q7lp3o034xTdj09me9hQrv5pZyxXXE=
last-modified
Tue, 02 Jan 2024 14:09:11 GMT
server
cloudflare
etag
W/"b6f45d082613bd164faa1972ab35be8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mq3M%2Bv0UmoB5wt%2F0YbPW7J7sURATPyEwMAk09R4J%2FJOcXru3c6Yf9V8Y5swZ%2Bc08mK55Em1iVQfsZ2cPY%2BxXne%2BCqkglbqmZQTs0kewIq0wJuGOq2m3x2Hob83EFlRjuI3As9pG4Qmg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
83f39ca1e8134d9d-FRA
XJLGKPSJ.js
static.fundraiseup.com/embed-data/elements/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements/XJLGKPSJ.js
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac93c14f7863cc7b7df8e279a534c4940cae9a66ae48192761c6b7c5986eee2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
PCTHJRRZ2ZKM4ZPN
age
95
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
8QJDrI1v242LeLVWKrbJiCFLXVnbaL1mmZFJ/A+XsyGVla88U0kNRPAPHZTKCQa6T0C4BSSei7E=
last-modified
Tue, 02 Jan 2024 14:10:16 GMT
server
cloudflare
etag
W/"d0e28a7707e3fe1515e6d50b834b1cdd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHiIPIRzW7q9Nf9RworOY3vigqnv60xCFPZrqIvLm5%2BFDNmMHJBcX7OLVKWvXLiDRB2V1bQixjxLzcGQw%2FgyiEn4NAcswFNTxifkDD3aBMpDPpgMgbZ8Oy7PpflvuX1t98GqEv1%2FAjY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
83f39ca1e8154d9d-FRA
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
494 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
86352
x-ms-lease-status
unlocked
last-modified
Thu, 21 Dec 2023 21:20:04 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
a9d61206-701e-0078-3ca2-349a7b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
83f39ca20d093a4a-FRA
MOD_Logo_Donation.png
cdn.cookielaw.org/logos/619fa1da-f983-4882-ba6d-40627ba6ce87/a03b80d6-3bea-4390-97a7-fc8fcf47da90/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/619fa1da-f983-4882-ba6d-40627ba6ce87/a03b80d6-3bea-4390-97a7-fc8fcf47da90/MOD_Logo_Donation.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b57a6d97fc4340e01339086713fe15bc8c6bace25a8fa8b8682558c953c444a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
OUtpBJgltqUBYxR5JoTCtQ==
age
60502
content-length
20107
x-ms-lease-status
unlocked
last-modified
Mon, 03 Feb 2020 15:42:50 GMT
server
cloudflare
etag
0x8D7A8BFB9C0ADEB
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
6e9418ab-501e-007f-6a94-0cf618000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f39ca20e77365f-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
14159
x-ms-lease-status
unlocked
last-modified
Thu, 21 Dec 2023 21:20:05 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
a220a8b7-a01e-006b-498a-34be77000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
83f39ca20e78365f-FRA
collect
www.google-analytics.com/j/ 		3 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=843722716&t=pageview&_s=1&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&dr=http%3A%2F%2Fgo.marchofdimes.org%2F&ul=en-us&de=UTF-8&dt=Donate%20Now%20%7C%20March%20of%20Dimes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1853159805&gjid=1844881763&cid=813083294.1704204903&tid=UA-219864-60&_gid=1819840969.1704204903&_r=1&_slc=1&gtm=45He3bt0n81WNJ3K3Pv894218235&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=472699964
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.marchofdimes.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-4LjrHyeV3QUW4.js
rules.quantcount.com/ 		160 B
641 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-4LjrHyeV3QUW4.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:b000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2aa9b0ccf31fe34e187c3b09bec7e9d8fccdeb48a5b2223d9f80df2a8790a6af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:02:58 GMT
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
752
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 23:45:31 GMT
server
AmazonS3
etag
"52b67ed0d6de08757c0affd0509ae576"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
O0WF3AmJvNT89ba9Up8T4n50BYaeq7we-ARoc8ersxSIoRdXP-V0HQ==
1621384747882069
connect.facebook.net/signals/config/ 		135 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1621384747882069?v=2.9.138&r=stable&domain=www.marchofdimes.org
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4bc9b49ae6ec81de78cb07234ba748e5f186b819079eca3e7e82db4690641275
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 14:15:02 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
36114
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
NEjkGDAy9RqdFwydIyOeEtBPkc5mpyNkATbkSaB4yjoQBVXZcn/9UXjE41C6cgB1nEcrAPTwduu9oJvPKaGJpA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		207 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-794610601&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5893e11c04dbbaf829f310b902a09471aec49d8ac6a87235835c50741ea3973f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75637
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jan 2024 14:15:02 GMT
js
www.googletagmanager.com/gtag/ 		228 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1071894384&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8a9b9ab0090d0af05a2d3de6403571e42901f63751cd69caf21fa3f5e51ddd69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80955
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jan 2024 14:15:02 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204902760&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204902760&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3446297%26time%3D1704204902760%26url%3Dhttps%253A%252F%252Fwww.marchofdimes.org%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204902760&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204902760&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_mediu...
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204902760&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&cookiesTest=true&liSync=true&e_ipv6=AQIE7hJyE4_h6wAAAYzKhyOpJ3FeBEjVN09_nH_oue6QZocBocuhjJ5Ag-hR-tFxpSJxr1tt_we7FCcDlw3zcfUpE3ALPQ
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 3428AC688D47446398EA7C4C971F6790 Ref B: FRAEDGE1205 Ref C: 2024-01-02T14:15:03Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN9x/lr4F6tu2jk0J72Q==

Redirect headers

date
Tue, 02 Jan 2024 14:15:03 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: F67F598C670D4FE5A6E5E1F7B0DA2CC6 Ref B: FRAEDGE1321 Ref C: 2024-01-02T14:15:03Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204902760&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&cookiesTest=true&liSync=true&e_ipv6=AQIE7hJyE4_h6wAAAYzKhyOpJ3FeBEjVN09_nH_oue6QZocBocuhjJ5Ag-hR-tFxpSJxr1tt_we7FCcDlw3zcfUpE3ALPQ
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN9x/jNi3VA4pEF3dtmw==
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=283539858218?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:44:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
59454
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 21:44:08 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOulKCnxhpAYi-XxUdE0CMnn2xrU88Zh5T6QyfMTkmB4SdsahjpYN2tips4UL8ziN9e2xXsRWnxp7zL9vTaqM7Rz6hrRs4K2TSkooiIyBmmJcipM_WVrznvJp2GaOu0f7plC3aTIW9iz0_sqxZfhbUPoZRrA&sai=AMfl-YT__Cv-Ur_BvaJxepo8bDWpSB7LyeApCI3xfC1TTt5TQb5tFAIM2EFs4ua1apE7Sr2A8r1hzUi0ME8x8jE&sig=Cg0ArKJSzAw06sjja-lzEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cisv=r20231207.65936&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=283539858218?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
25017097.js
bat.bing.com/p/action/ 		0
115 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/25017097.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 02 Jan 2024 14:15:01 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E9F76DE1C07D410195835F58F4C41108 Ref B: FRAEDGE1312 Ref C: 2024-01-02T14:15:02Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=25017097&tm=gtm002&Ver=2&mid=11533670-a55c-46b5-8418-4f4a6d232650&sid=520bc660a97911ee8b442f059cad8167&vid=520bfb80a97911ee8806e7f2b7df94eb&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20Now%20%7C%20March%20of%20Dimes&p=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&r=http%3A%2F%2Fgo.marchofdimes.org%2F&lt=2146&evt=pageLoad&sv=1&rn=629048
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 02 Jan 2024 14:15:01 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BC71E0759793459D8D856343BAC80606 Ref B: FRAEDGE1312 Ref C: 2024-01-02T14:15:02Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0DRBVSJJB1&gtm=45je3bt0v894839724z8894218235&_p=1704204902460&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=813083294.1704204903&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704204902&sct=1&seg=0&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&dr=http%3A%2F%2Fgo.marchofdimes.org%2F&dt=Donate%20Now%20%7C%20March%20of%20Dimes&en=page_view&_fv=1&_ss=1&tfd=2501
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DRBVSJJB1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.marchofdimes.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CP_-4v7xvoMDFV_uOwIdUxUI1g;src=8832015;type=rt;cat=rt_bs0;ord=340625481702;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam...
adservice.google.com/ddm/fls/i/ Frame 19EA 		985 B
674 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CP_-4v7xvoMDFV_uOwIdUxUI1g;src=8832015;type=rt;cat=rt_bs0;ord=340625481702;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CP_-4v7xvoMDFV_uOwIdUxUI1g;src=8832015;type=rt;cat=rt_bs0;ord=340625481702;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c59ef454d9efb9e84d00813b6fc66b4c57a5ad1a2c99e4a76a17bd016515afb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8832015.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
604
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:15:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CPiC4_7xvoMDFYbHOwId52YJkg;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;...
adservice.google.com/ddm/fls/i/ Frame 18CC 		988 B
985 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CPiC4_7xvoMDFYbHOwId52YJkg;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CPiC4_7xvoMDFYbHOwId52YJkg;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
94e1d0163862d77a8e2776d58ccdc2ea1ce6f7149af2bf0ec7091a027a7151ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8832015.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
611
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:15:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
up
insight.adsrvr.org/track/ Frame 9DC8 		0
60 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=2n62y3m&ref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&upid=b8lvzxo&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html
date
Tue, 02 Jan 2024 14:15:02 GMT
server
Kestrel
event
ad.ipredictive.com/d/track/ Frame 21DD 		0
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.ipredictive.com/d/track/event?upid=107549&cache_buster=1704204902&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&val=undefined&tn=undefined&p1=gtm.js
Requested by
Host: js.ipredictive.com
URL: https://js.ipredictive.com/adelphic_universal_pixel.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.145.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-145-154.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
0
Date
Tue, 02 Jan 2024 14:15:03 GMT
X-CI-RTID
b8c07213-f29b-4b78-ad22-bf24299c5b8d
1.5872cb4a8c7e.vendors~button-group-v2~debug-panel~donate-button-v2~donation-form-v2~donation-levels-v2~donor-map~f~e65c2349.js
static.fundraiseup.com/ 		30 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/1.5872cb4a8c7e.vendors~button-group-v2~debug-panel~donate-button-v2~donation-form-v2~donation-levels-v2~donor-map~f~e65c2349.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/8404ac38d731.elementsApi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9719b638317091bed0ab518c0ef99c5dbf1a3083d8b481673d376c47b3da124
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
0AAF602NEP314STH
age
2179870
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
GAZAeaRCADQ/DIW6gK/+G4gRxi1A1IXrSs0pb1x8wcBf067A6ugNWnRKymJK2KC69xznj1m8JUE=
last-modified
Fri, 08 Dec 2023 08:26:00 GMT
server
cloudflare
etag
W/"f57799c72cbd1c6941978c660aaa9f6a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2BJGR9UzLWgudasjtpMisLQK0PWPjiJW8aFot8BIHU%2FDhcN1yWflcNcqxccRBio9JT3Ny9TQNe4DRw8mhgsI7hJNn4w0G3pJeosiPmix4madSe68XJSXvpwiDe%2Bd7MyBjw0WJPhNKxY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca2eea22c2f-FRA
389.813e7f9b9882.text-link-v2.js
static.fundraiseup.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/389.813e7f9b9882.text-link-v2.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/8404ac38d731.elementsApi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ed0a4e695771f9903b95ac84166dbb8b89a5f6ead020bdba7fccce3d082e2f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
32V80D42BV5C29VN
age
361878
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
2xDHP48ufjvN6vA7Q/Wley56ZX9C7uhe3zRp5csA1noGm+RbHqzDCj4GafmzkbfAj0xVpWq5xpQ=
last-modified
Fri, 29 Dec 2023 09:23:30 GMT
server
cloudflare
etag
W/"ccadfbcf047d907051c579f0f7f797dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iBAYQRWGfYmfg53BF4PndJFMebVWL2x5IdLO6GmnOxYrUMV%2FbdGhKfderjLFsPSu1Do9tLgmsfaQh%2FAZyuz3GtABUKX%2FD7vqTb5Az2q5wd3aW%2BttY%2FfTN8qzTHfQvbQ4ITmApJBeXPA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca2eea62c2f-FRA
307.3df928c14096.donation-form-v2-styles.js
static.fundraiseup.com/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/307.3df928c14096.donation-form-v2-styles.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/8404ac38d731.elementsApi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81cde3f01b38120a310a1511896c42f68a46f83b6a5ea874ca447de65563cdc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
32V5X8YVAKN05DZH
age
362077
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
2EntU+ZCb786lYHNna/Hurz3XoVdGLj1JMFu4AYUDFeRbeVXtz9QwoAQ16JuYSMTF3re5MFBd7o=
last-modified
Fri, 29 Dec 2023 09:23:29 GMT
server
cloudflare
etag
W/"7b20bde1eae8635ea029b426c8f07f8a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=64IlwGjc0REMcpA7EAYtF5pGZMk5%2BV0w%2Be4IgISeKigTmnLI9YlYeEMmxyR84xbLvDQjBtbScBJW8dngfcGQCcaWLn18nkia%2BIh06CETmmLttFV5BLBkafNM4r3SoY8D%2B4dBvuj%2BshE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca2eeac2c2f-FRA
305.1b1d79659d99.donation-form-v2.js
static.fundraiseup.com/ 		84 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/305.1b1d79659d99.donation-form-v2.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/8404ac38d731.elementsApi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98b2231b86974817ee296cd79e82374ecaae68b096638100e4bdd0b0386a2997
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Q3RY0FJSFG5GQTAE
age
362077
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
wjAxgR7p9IDsIyNiUCbQkJi693x+tf674r+bgKfhw1TdL61QpoamZ1k+J0ULFeSsslJxhv8zfGw=
last-modified
Fri, 29 Dec 2023 09:23:29 GMT
server
cloudflare
etag
W/"6e5927e25767d3d52a94d444fade75b5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BgpvBybLoJpDUxkPDA4or8DoHirkHF%2BOB93tOc3hsYRM5sJrsXXiB%2FrtuCMxIKyjKEbn1TMIhDYol9kdJS19LE%2F8QfSSF8HxaNxpXJHcaLz13p5CzreBtjc%2BgznhSrlZGypZcqzMYC0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca2eead2c2f-FRA
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1621384747882069&ev=PageView&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&rl=http%3A%2F%2Fgo.marchofdimes.org%2F&if=false&ts=1704204902873&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1704204902872.995793674&ler=other&it=1704204902745&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 02 Jan 2024 14:15:02 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
4537.6416dff170ad2bc44ace.js
static.fundraiseup.com/ 		255 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
225cd565a241fd2329d7fbdc32be0c9d94ac4692b5f9b507454604980a418c70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
PT5EBCS9XXGR9BCH
age
1829066
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
3mw3g6ltuYzA0iSeWXIp6LFhQmHkq4vQqxbuWakxhhUIyE/lphGv6gCByr8xCb12HG1vu6ytYJg=
last-modified
Tue, 12 Dec 2023 09:38:59 GMT
server
cloudflare
etag
W/"6631e21e1b1afb4c947a250e1103a883"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6IaSHynyT0ESKoAnTR0uSCrapNO3g%2FbEGaZRxW%2FUY3t9ROilEK7TPK%2B8Pca3K%2BglO8ysuUv%2BTfKlsPBq%2B%2FV6b%2BI697QgTP0xl8MDcmW56M4aPwFLkd5PyCLSqUunMoLL8zkpeTTAknQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca2febc2c2f-FRA
checkout-locale5.7e0a358918592a77200a.js
static.fundraiseup.com/ 		58 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout-locale5.7e0a358918592a77200a.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0759fd6bed5370e4bc3c573dedceaeef9d7b64efc7343a10d0b147ac0b04ad53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VA23AG6ADDZ12BGN
age
18088
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
OGwTY6sdtzXdFbWolvNYVVz2/jymDQlAgxLal1F5Vf7LYfCPZofB3hUd/vHATyZnx/MJ+P34T04=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"56b3b76377ff34bb2c3f1fee29151d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCxjrTSjf8U0K979LWbm6OTuPNW2F%2Fmjnz56JyvMcvUXHAVWOY6l3qz73U0XdHDncHtUwZC%2BNcfA3n78MjJMKr9KPsnrXIbXh70CTy9qHHb55GJhpE58a8bnPtpG%2FUtvPqdbB1HBLjk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca31ede2c2f-FRA
pixel;r=304745014;source=gtm;rf=0;a=p-4LjrHyeV3QUW4;url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dma...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=304745014;source=gtm;rf=0;a=p-4LjrHyeV3QUW4;url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic;ref=http%3A%2F%2Fgo.marchofdimes.org%2F;uht=2;fpan=1;fpa=P0-21974756-1704204902737;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;d=marchofdimes.org;dst=1;et=1704204902893;tzo=-60;ogl=type.Page%2Ctitle.Donate%20Now%2Cdescription.March%20of%20Dimes%20donations%20go%20towards%20lifesaving%20research%20and%20advocating%20policies%20%2Cimage.https%3A%2F%2Fwww%252Emarchofdimes%252Eorg%2Fsites%2Fdefault%2Ffiles%2F2022-11%2FJAJEES_v2%252Ejpg;ses=530adf43-d9dc-47c3-91d4-56bfacc2b1d3;mdl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:02 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/794610601/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/794610601/?random=1704204902901&cv=11&fst=1704204902901&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v869204397&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&hn=www.googleadservices.com&frm=0&tiba=Donate%20Now%20%7C%20March%20of%20Dimes&auid=2114646895.1704204903&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-794610601&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8c93ef021764cd1c709a63b70e5b23281c9b91be48b79313b900ea114b1765c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1543
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071894384/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071894384/?random=1704204902917&cv=11&fst=1704204902917&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v883981125&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&hn=www.googleadservices.com&frm=0&tiba=Donate%20Now%20%7C%20March%20of%20Dimes&auid=2114646895.1704204903&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1071894384&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
864c2ad0fb270ab2c2fa0278f4a67a052bd3e9df755a285436e7c5ed6a417e20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1539
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
a2.adform.net/Serving/TrackPoint/
Redirect Chain
  • https://a2.adform.net/Serving/TrackPoint/?pm=3179125&ADFdivider=%7C&ord=915872407622&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00...
  • https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3179125&ADFdivider=%7C&ord=915872407622&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312...
850 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3179125&ADFdivider=%7C&ord=915872407622&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&CPref=http%3A%2F%2Fgo.marchofdimes.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Protocol
H2
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3434341bc5789ddd47209c50a7d4fef3127d5bfb368fcefcf890376cbafbe7d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
689
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
text/html; charset=utf-8
location
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3179125&ADFdivider=%7C&ord=915872407622&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&CPref=http%3A%2F%2Fgo.marchofdimes.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
/
js.stripe.com/v3/ Frame 4354 		579 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a1571d86b8170f5143bc5696c881e5314244228cc2451696f383bb1080af84b2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:14:52 GMT
content-encoding
br
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
16
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:47:17 GMT
server
Cloudfront
etag
W/"4ec63ff996d5aa25b29f0a90d2021ae0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
_6i0HbtZL_bmkHyytfbZg81Jk6KWY2-EXh9XErVc-ngN4xXemEY9Bg==
/
js.stripe.com/v3/ 		579 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a1571d86b8170f5143bc5696c881e5314244228cc2451696f383bb1080af84b2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:14:52 GMT
content-encoding
br
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
16
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:47:17 GMT
server
Cloudfront
etag
W/"4ec63ff996d5aa25b29f0a90d2021ae0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
L_c3SaDgV3oO9bMQhyZzoVYjFfXXcdI4fVtHanY8e_IYmedTWbbl7w==
dc_pre=CPiC4_7xvoMDFYbHOwId52YJkg;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;...
8832015.fls.doubleclick.net/ddm/fls/r/ Frame 4968
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/dc_pre=CPiC4_7xvoMDFYbHOwId52YJkg;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps...
  • https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CPiC4_7xvoMDFYbHOwId52YJkg;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1...
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CPiC4_7xvoMDFYbHOwId52YJkg;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPiC4_7xvoMDFYbHOwId52YJkg;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f6.1e100.net
Software
cafe /
Resource Hash
e3c8fe4ac56ac1f536ba88f1283c274214c3f86b02310e80d705740c49c4e993
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
1594
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:15:03 GMT
expires
Tue, 02 Jan 2024 14:15:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:15:03 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CPiC4_7xvoMDFYbHOwId52YJkg;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CP_-4v7xvoMDFV_uOwIdUxUI1g;src=8832015;type=rt;cat=rt_bs0;ord=340625481702;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam...
8832015.fls.doubleclick.net/ddm/fls/r/ Frame 419F
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/dc_pre=CP_-4v7xvoMDFV_uOwIdUxUI1g;src=8832015;type=rt;cat=rt_bs0;ord=340625481702;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sy...
  • https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CP_-4v7xvoMDFV_uOwIdUxUI1g;src=8832015;type=rt;cat=rt_bs0;ord=340625481702;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dm...
2 KB
809 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CP_-4v7xvoMDFV_uOwIdUxUI1g;src=8832015;type=rt;cat=rt_bs0;ord=340625481702;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CP_-4v7xvoMDFV_uOwIdUxUI1g;src=8832015;type=rt;cat=rt_bs0;ord=340625481702;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f6.1e100.net
Software
cafe /
Resource Hash
b20d59f253b64071fbf66fdb532ab7de85010449846016eb6697b131c3c33b0c
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
786
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:15:03 GMT
expires
Tue, 02 Jan 2024 14:15:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:15:03 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CP_-4v7xvoMDFV_uOwIdUxUI1g;src=8832015;type=rt;cat=rt_bs0;ord=340625481702;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
json
trc.taboola.com/1335104/trc/3/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1335104/trc/3/json?tim=1704204902971&data=%7B%22id%22%3A748%2C%22ii%22%3A%22%2Fdonate-now%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1704204902961%2C%22cv%22%3A%2220231231-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%22%2C%22e%22%3A%22http%3A%2F%2Fgo.marchofdimes.org%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtruenorth-marchofdimes-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22cbp%22%3A%22OneTrust%22%2C%22cbpv%22%3A%221%22%2C%22cbcd%22%3A%22%2CC0003%2CC0001%2CC0002%2CC0004%2C%22%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1704204902970%2C%22ref%22%3A%22http%3A%2F%2Fgo.marchofdimes.org%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic%22%2C%22tos%22%3A6%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1335104/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1bf8869d4866542f68769cf24fbfd8caa57c6d3c7943fa69ddcc43959baea566

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
21
date
Tue, 02 Jan 2024 14:15:03 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.3675
x-fastly-to-nlb-rtt
7373
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230119-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1704204903.980148,VS0,VE21
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
4149.32a922016f7e5178a83a.js
static.fundraiseup.com/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4149.32a922016f7e5178a83a.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
564997debc20f446a4f38720248e1dbaaaa15ee5e40de23c946a0af7aadc6b47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
0FDJBF6JNXW377EZ
age
1057241
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
M9Y6yyid14CbuqdL2luIREyU5SlLsWZUR+UTojcF4OicdaM81KGbG1gAipQEwVrRrd1sgnW8E1V7zM/ywIn5bw==
last-modified
Thu, 21 Dec 2023 08:15:26 GMT
server
cloudflare
etag
W/"445f9c6560ac0fc0117d54656e7319fb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9NImOzPGoVTQITzFyZjIor%2BhgqPSKA4HgjX9ZXMfa%2BGR4LK6UCwXGTWt1nCnZbFntpMowBUoINyaR8YJly2XjzPyoHlkg8GG3uDc8TBzqfsIYUgLNSCNgYyj6POM79AFw4Qt7XGohvc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca3efd02c2f-FRA
109.85cdd6cd186cb7f30f03.js
static.fundraiseup.com/ 		28 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/109.85cdd6cd186cb7f30f03.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f9e60e6bf41a5af731690552807e6e4ca7be8994fd8804b9cf15592d3ef5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
7K100Q83J3ZPGR0B
age
970756
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
IimgcFOBRlZRjWVYgq50ivWwdYXuRs8OCFJLhhZgWZP/NblJWfz2FfO/JZARKIuGM934kUrLOVc=
last-modified
Fri, 22 Dec 2023 08:14:13 GMT
server
cloudflare
etag
W/"85e49c2822c4eaabf5554ff2a96c10c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0AeihJbFbzyUizO3oq1Xw7LtHxa5I7xAyUUBs5Nw3Sh01ncohq8QSPlkHpcqVoP3VFTv%2BqcRTrr7H%2FI22krYEhNnLw7HL0y33yzFb190gQehk%2Fwj6SvFZHw7GUMWQlO6zKcaMq83QpQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca3efd12c2f-FRA
4022.1aa6f4635e0102fe80c7.js
static.fundraiseup.com/ 		170 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4022.1aa6f4635e0102fe80c7.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1f92dcc7494187b5787cabe4834de25f4502ff2aa4228956b919785118df04d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8Y82KRF9R74Z5H
age
18679
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
qjgpbhrcnHJ3fvAG9MjTWiLBCCELH+p/TynhYTBwvcgm9wIsAQYK1oZmD7+44pKuAP5E5nSSyVw=
last-modified
Tue, 02 Jan 2024 08:46:53 GMT
server
cloudflare
etag
W/"3ff165845b9f2369bd1e145b654836f7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAzYemH6f7Q0rHMJbBFKHBBpzxcVQa85che6hvMx%2BycXNr46J4Lx%2FqvyXcwd%2BxHCq0YGPSmSkye7ZvU9qU4RCclvrXLRXzO5VIlp5XU%2BCuwcLOTD7aBx5l0EvwI3w8ZF9G%2BmVh%2FHCIs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca3efd22c2f-FRA
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c9e466876957.woff2
static.fundraiseup.com/_/packages/common-fonts/ibm-plex-sans/ Frame 2E54 		52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/_/packages/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c9e466876957.woff2
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NZCE9TSWCEE33GCB
age
2116873
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
53064
x-amz-id-2
4XU2UNQjzK0OOUO4VrAma9IUDequBwEulbszpKRXsSjpp2TLx7UyZHf38c13qioZMarEETSUvZw=
last-modified
Wed, 06 Dec 2023 09:28:26 GMT
server
cloudflare
etag
"c9e466876957e9d2128f63b225a81ae3"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xgbo3PB%2BWE2INt%2Bw6K80aVW%2Buxuns5C3HAnNwRStCLov2b510vntwqsv1rH8uRtUwDGpfUeqhR6ooquxtdrG0bFBBOgsL6BeKC7LmeWibOwtagorvb7TsIpOnAPovPOAvvNPhMDavZM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83f39ca3fdff4db8-FRA
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2
static.fundraiseup.com/_/packages/common-fonts/ibm-plex-sans/ Frame 2E54 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/_/packages/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
84KHK3DVRCQNMP28
age
2347044
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
56996
x-amz-id-2
5M6rlAJmAHa7aXcdxLThzK8qxRv7t6eIIFLQAAAFkD245N77bXA5uj5pZnhgdpbZpJ80oG7ss/U=
last-modified
Wed, 06 Dec 2023 09:28:25 GMT
server
cloudflare
etag
"643ad5d92cd7c31076790077c3003abc"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWycthOEATTGUc4RAZ46sCf%2FxN1YkETum3QnCVV%2FQMBvsVJ11C%2F57uS%2BZFZ76u7mdm4GEucVp%2FcAa7L8A%2BxlRKwhjpzLzNB73lGVpOrGY4aWM6F9FH9pJEkzho7vcqiJEsyVjOvAtR4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83f39ca3fe004db8-FRA
/
sentry.fundraiseup.com/api/9/envelope/ 		2 B
165 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.fundraiseup.com/api/9/envelope/?sentry_key=e4f08d23cf4e4dd080d8b4853ea3f102&sentry_version=7&sentry_client=sentry.javascript.react%2F7.48.0
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
40.160.4.235 , United States, ASN16276 (OVH, FR),
Reverse DNS
Software
Caddy, nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.marchofdimes.org
access-control-expose-headers
x-sentry-error, x-sentry-rate-limits, retry-after
date
Tue, 02 Jan 2024 14:15:03 GMT
server
Caddy, nginx
content-length
2
vary
Origin
content-type
application/json
/
www.google.com/pagead/1p-user-list/794610601/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/794610601/?random=1704204902901&cv=11&fst=1704204000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v869204397&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&frm=0&tiba=Donate%20Now%20%7C%20March%20of%20Dimes&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_zMu-d62H8kkH7zEtXnGAxX6bMYdY1zAFLMMa2pVHOKrH7zUa&random=3696723219&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/794610601/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/794610601/?random=1704204902901&cv=11&fst=1704204000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v869204397&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&frm=0&tiba=Donate%20Now%20%7C%20March%20of%20Dimes&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_zMu-d62H8kkH7zEtXnGAxX6bMYdY1zAFLMMa2pVHOKrH7zUa&random=3696723219&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1071894384/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1071894384/?random=1704204902917&cv=11&fst=1704204000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v883981125&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&frm=0&tiba=Donate%20Now%20%7C%20March%20of%20Dimes&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_3Do9DbA_tNoGSPuDybn4Kk3jHIGSgiq1nn2PwQQhDCzLabSy&random=2674019262&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1071894384/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1071894384/?random=1704204902917&cv=11&fst=1704204000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v883981125&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&frm=0&tiba=Donate%20Now%20%7C%20March%20of%20Dimes&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_3Do9DbA_tNoGSPuDybn4Kk3jHIGSgiq1nn2PwQQhDCzLabSy&random=2674019262&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame BE72 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2633
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 13:31:10 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
x-amz-cf-id
u8E61zx-PPYdCEWWd5jpAvalRe6WXI0ixQf6QnSI9ZENOJ50BPndDQ==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 4CAB 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2633
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 13:31:10 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
x-amz-cf-id
MU25o1-zXsxHrtriPbJ4-k_dKtiSV-4tdL-sMmVLIo1vr0j_ltsfZQ==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
event
ad.ipredictive.com/d/track/ Frame 4968 		0
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.ipredictive.com/d/track/event?upid=107549&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&val=&tn=5746963498608&cache_buster=[timestamp]&ps=2
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CPiC4_7xvoMDFYbHOwId52YJkg;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.145.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-145-154.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:15:03 GMT
Connection
keep-alive
X-CI-RTID
ace1a7a9-2771-4c71-8f9d-f78efd36d015
Content-Length
0
p
e.acuityplatform.com/ Frame 4968 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.acuityplatform.com/p?pk=9020304230610356278&pg=26254
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CPiC4_7xvoMDFYbHOwId52YJkg;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
154.59.122.94 Schiphol, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
Pixels
px.adentifi.com/ Frame 4968 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adentifi.com/Pixels?a_id=3405;uq=199431936;
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CPiC4_7xvoMDFYbHOwId52YJkg;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.69.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-69-99.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
ld.js
dynamic.criteo.com/js/ld/ Frame 4968 		46 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=81237
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CPiC4_7xvoMDFYbHOwId52YJkg;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
abca992fa4e621e1b432acbd7111a6c3561a508229e1ae32873531feb1d24a17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bounce
secure.adnxs.com/ Frame 419F
Redirect Chain
  • https://secure.adnxs.com/px?id=1282070&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1282070%26t%3D2
43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1282070%26t%3D2
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CP_-4v7xvoMDFV_uOwIdUxUI1g;src=8832015;type=rt;cat=rt_bs0;ord=340625481702;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H2
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
an-x-request-uuid
c4bd156f-a366-4e9b-b37e-7becd7231264
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.74; 45.141.152.74; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
an-x-request-uuid
9bdfdd2e-6663-4b40-8e66-b3b5d1e5eb51
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1282070%26t%3D2
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.74; 45.141.152.74; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
ib.adnxs.com/ Frame 419F
Redirect Chain
  • https://ib.adnxs.com/seg?add=22494154
  • https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D22494154
43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D22494154
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CP_-4v7xvoMDFV_uOwIdUxUI1g;src=8832015;type=rt;cat=rt_bs0;ord=340625481702;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H2
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
an-x-request-uuid
6118410b-6867-48e5-9597-76a60f468cef
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.74; 45.141.152.74; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
an-x-request-uuid
f48cc4f4-3831-4753-80a1-39cd6aaa4668
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D22494154
x-proxy-origin
45.141.152.74; 45.141.152.74; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
controller-a8db3be7204dff5e963b6f0fd5121b28.html
js.stripe.com/v3/ Frame 0340 		325 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6304ca07d33fa966939847acddaf96bb7f3b5d0a926e2122882bfc30a902c266
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
26
cache-control
max-age=60
content-length
325
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:14:37 GMT
etag
"a8db3be7204dff5e963b6f0fd5121b28"
last-modified
Fri, 22 Dec 2023 21:08:02 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
x-amz-cf-id
NHPJerMBwKBDnyvq0cRhLZlUXmNbcevgnOGMe4VhEsSO5NiMTWHgrw==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame BE72 		526 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:31:12 GMT
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
2632
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
content-length
526
last-modified
Fri, 11 Nov 2022 20:25:36 GMT
server
Cloudfront
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
x569KFpBWGkieMV2JV-K9Qik0KeftL55wZs0BO510_2qLwRAWafYkg==
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame 4CAB 		526 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:31:12 GMT
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
2632
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
content-length
526
last-modified
Fri, 11 Nov 2022 20:25:36 GMT
server
Cloudfront
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
iiZ51SiDIkthqFOqi6ezNjTBlrcQjveHTWVJvBZtRXO39FOiZwHwfA==
events.js
tags.srv.stackadapt.com/ Frame 4968 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CPiC4_7xvoMDFYbHOwId52YJkg;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.197.30.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-30-128.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c5f029e7d120c7bdaa60a171dd9d6dc1e7c5709bced861bbba31dc54f59510e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:15:03 GMT
cache-control
max-age=5
content-encoding
gzip
content-type
text/javascript
bat.js
bat.bing.com/ Frame 4968 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CPiC4_7xvoMDFYbHOwId52YJkg;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 02 Jan 2024 14:15:02 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2BF37C3C5B97469BBCA1F6A7317C9C75 Ref B: FRAEDGE1312 Ref C: 2024-01-02T14:15:03Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
quant.js
secure.quantserve.com/ Frame 4968 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CPiC4_7xvoMDFYbHOwId52YJkg;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 09 Jan 2024 14:15:03 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 4968 		202 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CPiC4_7xvoMDFYbHOwId52YJkg;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 14:15:03 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
G5ljjCe9jOZbCZePkmklKRfZOaOVZWso+89BI/Zew3lPP9F1pQM1MVgng3E8o+rjKPX2Z6ny9Muhl8KnATf3YQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame 419F 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CP_-4v7xvoMDFV_uOwIdUxUI1g;src=8832015;type=rt;cat=rt_bs0;ord=340625481702;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Dec 2023 13:09:33 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=75582
accept-ranges
bytes
content-length
15541
bat.js
bat.bing.com/ Frame 419F 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CP_-4v7xvoMDFV_uOwIdUxUI1g;src=8832015;type=rt;cat=rt_bs0;ord=340625481702;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 02 Jan 2024 14:15:02 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B3EAD25D86B040078AA65613C0ABA068 Ref B: FRAEDGE1312 Ref C: 2024-01-02T14:15:03Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13187
quant.js
secure.quantserve.com/ Frame 419F 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CP_-4v7xvoMDFV_uOwIdUxUI1g;src=8832015;type=rt;cat=rt_bs0;ord=340625481702;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 09 Jan 2024 14:15:03 GMT
3313816238043985937
api.fundraiseup.com/paymentSession/ 		578 B
920 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.fundraiseup.com/paymentSession/3313816238043985937
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3733cd418a66d16dda6610fc91763df7f3ed71ffbffd8b158bf152b6d7d2f47d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' fundraiseup.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain; charset=utf-8

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
content-security-policy
frame-ancestors 'self' fundraiseup.com
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400
x-response-time
285ms
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.marchofdimes.org
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VRoKF%2BE2yxzPH7q3bhFNnwcL3RV2o8E2u25UkChGLPnryw2xgxvpbZRAXGrN8u18q%2FFvJKzQBDZzZoEVzZg%2Fq0T9hEM7arwiepASmo4yURT3I41HCusg%2FCRnUE9ZAtM7Tm1rOiQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
83f39ca498c12c2f-FRA
expires
0
5021.69a8a47ee2972d7403b1.js
static.fundraiseup.com/ 		253 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/5021.69a8a47ee2972d7403b1.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6432a66c7d8240059ca76b571620dd0f54b4d3a5dc05fccf8cff7c8304bc9493
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KHN27Z1109N5TZ0X
age
384494
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
yoDNNROVaeK+KyQahsxI40Riep/BjDLQzjz7WDpSbAXM4VmbvVP9a/xQAmys51+y6Gle++dqJUs=
last-modified
Wed, 29 Nov 2023 14:59:27 GMT
server
cloudflare
etag
W/"d4f127ab7620fb2bfb2e93a462d59163"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5K69BtinBd2v2k5mykgQUkc3hTiMpY303TsaZtKiTgPhKOYcQt%2BggQKPd3rX0dRD9Nh1MBvBwZ0OW9I4PY%2Bsbgezome74lLfoEb8AIksTUngfszcbFHPIbInMYc1ImOZbHHzBH0iUxg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca498c32c2f-FRA
4365.3c47b14cec912f3f2597.js
static.fundraiseup.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4365.3c47b14cec912f3f2597.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69c942423058ca7c0d54a661d67cded9d06b9f030dd45e434bcc72cd150e7e92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
H1Z3T3JBNE8ZPW7C
age
1314722
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
pyeKPQzxOXGzJ/l2A21cBmmPl85Sohcl2NzKHZUZp3z8/ohsdRhjncYNeZ+zQdNpQVi5vcXEi9g=
last-modified
Mon, 18 Dec 2023 08:17:57 GMT
server
cloudflare
etag
W/"e235a91c7b1026c12729b0ccc59690b7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DvwOw36qchKJ417th8eFVbC4cadr58jvmR5%2B1D3p9v7MoRVE8GygLmpP%2Fhg2E0qdoc7Dd1bm89trfZFzydqZV4yUvjsa%2BqjjY0kquOM9rAf%2FKQT2ZqgLXreYjGqoLd8eSQ1ym3qVs6w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca498c52c2f-FRA
controller-a8db3be7204dff5e963b6f0fd5121b28.html
js.stripe.com/v3/ Frame B431 		325 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6304ca07d33fa966939847acddaf96bb7f3b5d0a926e2122882bfc30a902c266
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
26
cache-control
max-age=60
content-length
325
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:14:37 GMT
etag
"a8db3be7204dff5e963b6f0fd5121b28"
last-modified
Fri, 22 Dec 2023 21:08:02 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
x-amz-cf-id
6GughxkmOow6NssMPQEFx22vIBc_CGhvhk9m3VlMOqo7ug7GfNfz1A==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
9722.efb7c58e3e474cbf152b.js
static.fundraiseup.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/9722.efb7c58e3e474cbf152b.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55934d27fdb4a14ddc59cac40e940a9c8100acc76c156e9be5f3b9c0dff6569f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
G5AJTAKXCSATJZJ8
age
361900
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
fE0RsybRMmsrGj64mV6HZFJuYJpWEkCmNq0nHK+V5tr19aznMaLF4BEsV1sq4V/qm8REpVBRU/k=
last-modified
Fri, 29 Dec 2023 09:23:31 GMT
server
cloudflare
etag
W/"ee5cbbfe6c1f87870f508d95c1085e92"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2Fzhg6ssebD%2BzkZmNVSR2nrdY159V2dQ5GJQZcdJ6oJA2V0FN5CDOx8nhVYALyhfhDoVihMdhHw%2BVeXclsuhL4MEICKNs3s%2FE%2FcAcuvvwjqnC9yVY6JfM8ZCh170d72h4Lmrug4y5eM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca4a8d72c2f-FRA
6267.5aa879fe84868b48faf9.js
static.fundraiseup.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/6267.5aa879fe84868b48faf9.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c2e62deea90ad8ea208037abde538d6100d5a3efce136c89e64a80c1b1c6b07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
04CFFJB9G1HZB3RW
age
970755
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
4GJZPmNLT5WpexebXIIMg4zjMCYfmNM+cjTPEpBsXa8YgvhDABGbjcPH/qCqwcX1J/Uc966VEws=
last-modified
Fri, 22 Dec 2023 08:14:28 GMT
server
cloudflare
etag
W/"fd37e6df21da71bc4f7e20d1d5c66776"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=da7EUyUiE2oSPmuH9%2B3zKTmAYidRG8E0FYRovnK3XpPAvIHIBGYjE57ovDWGr5tAMdfiwSAc0d2SSJzv97EY17mPwGH8crPJx1akE2o8hOJRAGMtnvrb39ol5di2q7pKhkVODJS6VCE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca4a8da2c2f-FRA
1546.acd6010561bea827780c.js
static.fundraiseup.com/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/1546.acd6010561bea827780c.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4660c763169716a38ee1153d2cc4eca87ca421195d67bd89ea964b10bfbacac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8XNVRAA2SMRTMS
age
18678
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Xc9UUfweCEaMetafTEEygyYctWJYYCg3nGU/14S+ywpwH3rZnxdp+t93Ysc/k7qQCM5b/jCU0bo=
last-modified
Tue, 02 Jan 2024 08:46:51 GMT
server
cloudflare
etag
W/"61b4f037d3e70607ce2de6911ed45e37"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vLgE8Wv2EzX1POau7DGGBcJ0BV39DHPDjFhrQXNuyhYHz4eP4k7%2FA24c4NgFuPPDz5hTPKHZ%2BK6ftPJCZD38wUgqb9BXaad%2BvjMhFJ2F9EKquFksHwUhVF9omwRkJzi%2BN3ziRcU6QmU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca4a8db2c2f-FRA
csp-report
q.stripe.com/ Frame BE72 		0
715 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204903800155
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204903799452
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame BE72 		0
714 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204903802880
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204903802562
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 4CAB 		0
715 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204903803785
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204903802570
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 4CAB 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204903802896
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204903802589
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame 0340 		531 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:38:10 GMT
content-encoding
br
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2217
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
W/"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
WLHxjXZHOi7-jq40Mo0pYKv931E-MWspZPfFizg6jpW2A3blACh_ug==
controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js
js.stripe.com/v3/fingerprinted/js/ Frame 0340 		688 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
bb2798b8ec3b2526abc17688ce317cf0666ff92bddeb2c50c804e095963e126c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:41:57 GMT
content-encoding
br
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1986
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:14 GMT
server
Cloudfront
etag
W/"5ce54273e9cefa73649bdfcbf46e58d4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
TU5m3aBa9-8QT6-J-Xiv4W_oYzb0qA-5dsZRAB0TAyOOewR9eLUUow==
js
www.paypal.com/sdk/ Frame 4354 		293 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&merchant-id=QC6F4C27ZTBFE&currency=USD&disable-funding=venmo&locale=en_US&intent=tokenize&vault=true
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2972ea87cd5c4adceba0baf8d735c0dae6512fd7bb276586f5ef9b707b2cde92
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-TbiNbbxNlBRx4YgjhZT0vpIhCh5qGVSH5ScQHsRyFoxZrQJJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-TbiNbbxNlBRx4YgjhZT0vpIhCh5qGVSH5ScQHsRyFoxZrQJJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-TbiNbbxNlBRx4YgjhZT0vpIhCh5qGVSH5ScQHsRyFoxZrQJJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-TbiNbbxNlBRx4YgjhZT0vpIhCh5qGVSH5ScQHsRyFoxZrQJJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish
date
Tue, 02 Jan 2024 14:15:03 GMT
age
215
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT, MISS
p3p
true
paypal-debug-id
f3766499c2a02
server-timing
"traceparent;desc="00-0000000000000000000f3766499c2a02-44d7377aebae13af-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
79959
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230090-FRA, cache-fra-eddf8230090-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f3766499c2a02-e9ceeb38f897edc7-01
x-timer
S1704204903.191893,VS0,VE5
etag
W/"13857-AG4O1rLG9TW0jCSwL9/a1psyNB4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
1, 0
unifiedPixel
tr.outbrain.com/ 		53 B
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=022946149339804056&referrer=http%3A%2F%2Fgo.marchofdimes.org%2F&cht=ot&marketerId=00cffee659fe578dc2dfc7fa0fb839455e&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:15:03 GMT
Cache-Control
no-cache
content-encoding
br
X-TraceId
b16d5bbaad94b4d192a94ce2dc6faa7e
Content-Length
54
Content-Type
image/gif;
unifiedPixel
tr.outbrain.com/ 		53 B
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=08666904189143363&referrer=http%3A%2F%2Fgo.marchofdimes.org%2F&marketerId=00cffee659fe578dc2dfc7fa0fb839455e&name=Add%20to%20cart&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:15:03 GMT
Cache-Control
no-cache
content-encoding
br
X-TraceId
75e2c0fecc537aa3c436a42cbb22700d
Content-Length
54
Content-Type
image/gif;
cachedClickId
tr.outbrain.com/ 		35 B
220 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00cffee659fe578dc2dfc7fa0fb839455e,00cffee659fe578dc2dfc7fa0fb839455e
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:15:03 GMT
content-encoding
br
X-TraceId
b393368023f2f2cd322502f40cff043d
Content-Length
39
Content-Type
application/javascript
00cffee659fe578dc2dfc7fa0fb839455e
wave.outbrain.com/mtWavesBundler/handler/ 		2 B
443 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wave.outbrain.com/mtWavesBundler/handler/00cffee659fe578dc2dfc7fa0fb839455e
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-149.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:15:03 GMT
Content-Encoding
gzip
ob-sent-time
1704158459218
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
X-RG
EU
Cache-Control
max-age=60
X-CC
DE
Connection
keep-alive
X-TraceId
57b83294c6ee72d141c3c6b514b67f82
Content-Length
22
Expires
Tue, 02 Jan 2024 14:16:03 GMT
csp-report
q.stripe.com/ Frame 0340 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204903799820
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204903799445
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame 94DD 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:ee00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
100
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:13:25 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
x-amz-cf-id
bTD_4ITnGAUNXMQqMbfafMVwT-pX5phqpo1Wxu7mf_UbCX_od7Gw2g==
x-amz-cf-pop
DUS51-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
inner.html
m.stripe.network/ Frame 1ED7 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:ee00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
100
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:13:25 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
x-amz-cf-id
S72YqukjzK_hJ18b4cjwDLIgsZjppcTIge3DWBA4I6xtHzDdxqJjNw==
x-amz-cf-pop
DUS51-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame B431 		531 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:38:10 GMT
content-encoding
br
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2217
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
W/"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
s0fI9pEZe0pfcnfFGYzmABYxWOhOFNuoYMSAulOzGDXf9uQfsNvYXw==
controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js
js.stripe.com/v3/fingerprinted/js/ Frame B431 		688 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
bb2798b8ec3b2526abc17688ce317cf0666ff92bddeb2c50c804e095963e126c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:41:57 GMT
content-encoding
br
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1986
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:14 GMT
server
Cloudfront
etag
W/"5ce54273e9cefa73649bdfcbf46e58d4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
pKVzwBj3e6KopsWWSpjlNuFnIGtPmIdyWcf8-NBOonKaOz9yqPut6A==
rules-p-uyn8UnTsRXguL.js
rules.quantcount.com/ Frame 4968 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-uyn8UnTsRXguL.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:b000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d375fb8f67575a449606683fc8be339674f03ff2fee1c42e632564d0b207c3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:33:09 GMT
content-encoding
gzip
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2515
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 15:08:42 GMT
server
AmazonS3
etag
W/"b4a376a3ece8af98e7567e60db986dc9"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
QOdnK3dn9aDxhesQB8Xlg0emovT0gRsMWT0mUYbsiqyRllgUGloXKA==
collect
px4.ads.linkedin.com/ Frame 419F
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204903167&url=https%3A%2F%2Fadservice.google.com%2F
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204903167&url=https%3A%2F%2Fadservice.google.com%2F&e_ipv6=AQI77rE531KZvgAAAYzKhyNMWFLhwrTwOA3KoTpFlJlJYv5kwIo-L5nl6rRSe4H_v214E...
0
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204903167&url=https%3A%2F%2Fadservice.google.com%2F&e_ipv6=AQI77rE531KZvgAAAYzKhyNMWFLhwrTwOA3KoTpFlJlJYv5kwIo-L5nl6rRSe4H_v214EF8EdOOQzb-4BEa2gOjwKjNeKQ
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CP_-4v7xvoMDFV_uOwIdUxUI1g;src=8832015;type=rt;cat=rt_bs0;ord=340625481702;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 16C2DD165648414D8621F8E2901A646A Ref B: FRAEDGE1205 Ref C: 2024-01-02T14:15:03Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN9x/kf3UY6PpvYhoOuw==

Redirect headers

date
Tue, 02 Jan 2024 14:15:03 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 0CF9D8DBFCAF4E30BF51A87E036E2975 Ref B: FRAEDGE1321 Ref C: 2024-01-02T14:15:03Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204903167&url=https%3A%2F%2Fadservice.google.com%2F&e_ipv6=AQI77rE531KZvgAAAYzKhyNMWFLhwrTwOA3KoTpFlJlJYv5kwIo-L5nl6rRSe4H_v214EF8EdOOQzb-4BEa2gOjwKjNeKQ
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN9x/hy5L+aM6bbvzpCg==
csp-report
q.stripe.com/ Frame B431 		0
715 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204903800180
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204903799427
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
812396462484872
connect.facebook.net/signals/config/ Frame 4968 		134 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/812396462484872?v=2.9.138&r=stable&domain=8832015.fls.doubleclick.net
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d30717f2e8dc64c231e7f24843ca4ba6c9076d5e838b08e4d6efc0ee66b9f9c6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 14:15:03 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35834
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
bYsFjbU2w+fJgRfHeTXVft3rj0RO2cW10ohl3fIutwKbxDK6jyd+ghnIlZ9bFsMQy6NVcfrJwQFNuYKY1ws9JQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
rules-p-uyn8UnTsRXguL.js
rules.quantcount.com/ Frame 419F 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-uyn8UnTsRXguL.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:b000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d375fb8f67575a449606683fc8be339674f03ff2fee1c42e632564d0b207c3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:33:09 GMT
content-encoding
gzip
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2515
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 15:08:42 GMT
server
AmazonS3
etag
W/"b4a376a3ece8af98e7567e60db986dc9"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
XC2wVfqvWICsDYEGuXryUR4_G2QWnB0BwZHv28LBprFmBQj16H9FHA==
25042596.js
bat.bing.com/p/action/ Frame 4968 		0
116 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/25042596.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 02 Jan 2024 14:15:02 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 55DFB80034EC4983A0675660F0A9720D Ref B: FRAEDGE1312 Ref C: 2024-01-02T14:15:03Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ Frame 4968 		0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=25042596&Ver=2&mid=2b3125f5-b966-49a3-b9cd-e82a7d55bef9&sid=524972d0a97911eeb757d5d10e6a3cfb&vid=5249dc50a97911ee8dab63c08b59af11&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fadservice.google.com%2F&r=&lt=188&evt=pageLoad&ifm=1&sv=1&rn=630833
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CPiC4_7xvoMDFYbHOwId52YJkg;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 02 Jan 2024 14:15:02 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E42209ED25CA48F7B80828A9D65676B6 Ref B: FRAEDGE1312 Ref C: 2024-01-02T14:15:03Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
25042596.js
bat.bing.com/p/action/ Frame 419F 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/25042596.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 02 Jan 2024 14:15:02 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D9073FD38A7E4DF8AF5FC18CBE53BE93 Ref B: FRAEDGE1312 Ref C: 2024-01-02T14:15:03Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ Frame 419F 		0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=25042596&Ver=2&mid=2dac2ca6-ce7c-4489-8b19-c3f987b6f426&sid=524972d0a97911eeb757d5d10e6a3cfb&vid=5249dc50a97911ee8dab63c08b59af11&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fadservice.google.com%2F&r=&lt=187&evt=pageLoad&ifm=1&sv=1&rn=423814
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CP_-4v7xvoMDFV_uOwIdUxUI1g;src=8832015;type=rt;cat=rt_bs0;ord=340625481702;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 02 Jan 2024 14:15:02 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 00E9769242C94BB99DF21FA1C93DAC14 Ref B: FRAEDGE1312 Ref C: 2024-01-02T14:15:03Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
.deploy_status_henson.json
js.stripe.com/v3/ Frame 0340 		474 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:14:46 GMT
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
18
x-amz-cf-pop
FRA6-C1
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
Dp6Q9ulTZt4kbeR3xz3uDljHm-OTmMPtNrAm4hdk0Q8m9n1uco_4LA==
.deploy_status_henson.json
js.stripe.com/v3/ Frame 0340 		474 B
865 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:14:46 GMT
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
18
x-amz-cf-pop
FRA6-C1
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
UdnyAYE4e2GN9GSP4uBfKAfPl4pUDFbDZVPNDDy0zv9UvrTOJJ7rLw==
.deploy_status_henson.json
js.stripe.com/v3/ Frame B431 		474 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:14:46 GMT
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
18
x-amz-cf-pop
FRA6-C1
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
H399xYp55Ci61lXh4Mf3ogYmtcuhMSTL8FGj8UXJLM2q7XyHLdnkEQ==
.deploy_status_henson.json
js.stripe.com/v3/ Frame B431 		474 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:14:46 GMT
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
18
x-amz-cf-pop
FRA6-C1
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
KEXLA56DGZJMRwCnw9tqoMDCKsZKtequhlh0aHv63tUa7gJGmJdtiA==
syncframe
gum.criteo.com/ Frame 0928 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.marchofdimes.org&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=81237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://8832015.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:15:03 GMT
server
Kestrel
server-processing-duration-in-ticks
452801
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
activityi;dc_pre=CLqwjP_xvoMDFVzJOwIdvowO-A;src=8832015;type=rt;cat=donforms;ord=5273680798760;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafv...
8832015.fls.doubleclick.net/ Frame C244
Redirect Chain
  • https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=donforms;ord=5273680798760;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;ua...
  • https://8832015.fls.doubleclick.net/activityi;dc_pre=CLqwjP_xvoMDFVzJOwIdvowO-A;src=8832015;type=rt;cat=donforms;ord=5273680798760;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1...
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8832015.fls.doubleclick.net/activityi;dc_pre=CLqwjP_xvoMDFVzJOwIdvowO-A;src=8832015;type=rt;cat=donforms;ord=5273680798760;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f6.1e100.net
Software
cafe /
Resource Hash
bd29a647861ba682b1d6e524ba2b764ee0ffae8c593c279b091eb470cdcbf306
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
1763
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:15:03 GMT
expires
Tue, 02 Jan 2024 14:15:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:15:03 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8832015.fls.doubleclick.net/activityi;dc_pre=CLqwjP_xvoMDFVzJOwIdvowO-A;src=8832015;type=rt;cat=donforms;ord=5273680798760;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0DRBVSJJB1&gtm=45je3bt0v894839724&_p=1704204902460&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=813083294.1704204903&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1704204902&sct=1&seg=0&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&dr=http%3A%2F%2Fgo.marchofdimes.org%2F&dt=Donate%20Now%20%7C%20March%20of%20Dimes&en=scroll&epn.percent_scrolled=90&_et=50&tfd=3003
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DRBVSJJB1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.marchofdimes.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tb
fndrsp.net/ 		2 B
285 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fndrsp.net/tb
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TtjKJxWJnI%2B9GJ5h%2FxmikXVP%2BKGo4Z2jRZUBHxdz08zobZj3n1fjJ5l7QwO7vOwvCX03xJUVEjzMrl6seJ6fnU02li490AexnfzjlfN92j5BWeIfETm%2BrSsJdYp8"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.marchofdimes.org
access-control-allow-credentials
true
cf-ray
83f39ca5bf331c0c-AMS
alt-svc
h3=":443"; ma=86400
tb
fndrsp-checkout.net/ 		2 B
508 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fndrsp-checkout.net/tb
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5E8y1x3Kq01O31Eo9H%2Ft04t2%2B1OO7wHlAmhb9krSIUf%2BMTPcpIroYhHdavO%2Fahmb5qAOCScLL58n0gPuOM3SEivXhVW%2BWRKYJ1j%2BKCcfn2a8Bv%2B%2B%2FqqbbsnEBK8dIBAMpakgxJ%2Bw"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.marchofdimes.org
access-control-allow-credentials
true
cf-ray
83f39ca5fd83b7d6-AMS
alt-svc
h3=":443"; ma=86400
pixel;r=2126724824;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPiC4_7xvoMDFYbHOwId52YJkg%3Bsrc%3D8832015%3Btype%...
pixel.quantserve.com/ Frame 4968 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=2126724824;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPiC4_7xvoMDFYbHOwId52YJkg%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Ddonforms%3Bord%3D5746963498608%3Bauiddc%3D2114646895.1704204903%3Bgtm%3D45He3bt0v894218235%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fdonate-now%253Fform%253Ddonatenow%2526srcCode%253DGGGEOYEM2312CMR00130001%2526utm_medium%253Demail%2526utm_source%253Dmandr%2526utm_campaign%253D2023eoy%2526utm_content%253Dem-nat-mandr-2023eoy-2023-12-30-email-7%2526mkto%253Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%2526mkt_tok%253DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic;ref=https%3A%2F%2Fadservice.google.com%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1305263594-1704204903165;pbc=;ns=1;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;d=8832015.fls.doubleclick.net;dst=1;et=1704204903310;tzo=-60;ogl=;ses=54e20df4-04d8-4f6f-9c77-cd7034673dad;mdl=
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CPiC4_7xvoMDFYbHOwId52YJkg;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel;r=1270315049;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCP_-4v7xvoMDFV_uOwIdUxUI1g%3Bsrc%3D8832015%3Btype%...
pixel.quantserve.com/ Frame 419F 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1270315049;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCP_-4v7xvoMDFV_uOwIdUxUI1g%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Drt_bs0%3Bord%3D340625481702%3Bauiddc%3D2114646895.1704204903%3Bgtm%3D45He3bt0v894218235%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fdonate-now%253Fform%253Ddonatenow%2526srcCode%253DGGGEOYEM2312CMR00130001%2526utm_medium%253Demail%2526utm_source%253Dmandr%2526utm_campaign%253D2023eoy%2526utm_content%253Dem-nat-mandr-2023eoy-2023-12-30-email-7%2526mkto%253Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%2526mkt_tok%253DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic;ref=https%3A%2F%2Fadservice.google.com%2F;uht=2;fpan=1;fpa=P0-30016566-1704204903171;pbc=;ns=1;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;d=8832015.fls.doubleclick.net;dst=1;et=1704204903311;tzo=-60;ogl=;ses=54e20df4-04d8-4f6f-9c77-cd7034673dad;mdl=
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CP_-4v7xvoMDFV_uOwIdUxUI1g;src=8832015;type=rt;cat=rt_bs0;ord=340625481702;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
www.facebook.com/tr/ Frame 4968 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=812396462484872&ev=PageView&dl=https%3A%2F%2F8832015.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPiC4_7xvoMDFYbHOwId52YJkg%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Ddonforms%3Bord%3D5746963498608%3Bauiddc%3D2114646895.1704204903%3Bgtm%3D45He3bt0v894218235%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fdonate-now%253Fform%253Ddonatenow%2526srcCode%253DGGGEOYEM2312CMR00130001%2526utm_medium%253Demail%2526utm_source%253Dmandr%2526utm_campaign%253D2023eoy%2526utm_content%253Dem-nat-mandr-2023eoy-2023-12-30-email-7%2526mkto%253Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%2526mkt_tok%253DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&rl=https%3A%2F%2Fadservice.google.com%2F&if=true&ts=1704204903316&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&ler=other&it=1704204903170&coo=false&rqm=GET
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/ddm/fls/r/dc_pre=CPiC4_7xvoMDFYbHOwId52YJkg;src=8832015;type=rt;cat=donforms;ord=5746963498608;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 02 Jan 2024 14:15:03 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
csp-report
q.stripe.com/ Frame 1ED7 		0
489 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204903803384
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
1
x-stripe-client-envoy-start-time-us
1704204903802890
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame 1ED7 		87 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:ee00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:23 GMT
content-encoding
br
via
1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
101
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
DUS51-P1
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
OD_yXm4ag-YzRi_Lq9y2sbsVZKYxWX9mQyC_wLVmYsNsIuIhHqz7ew==
csp-report
q.stripe.com/ Frame 94DD 		0
489 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204903803168
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1704204903802606
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame 94DD 		87 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:ee00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:13:23 GMT
content-encoding
br
via
1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
101
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
DUS51-P1
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
erufKSeMmgr7lXof6y73QhSV9X1CHuw-ZqLn8B6jueLAFMlzQ5879Q==
2612.328ca5ce35bb1bd7dfef.js
static.fundraiseup.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/2612.328ca5ce35bb1bd7dfef.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
337738b644c1b01e37308c9026995b63c20387f9bc8f219cb99f72eb3b23f35c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
7K1FTJZVEMGT0RPZ
age
970755
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
hilGTOGlnMOKbcw1UWr1CtGQ94ehn81k11lCZc4h33FIot63Wt//1VYQ2dZOu1UDDWALlNNHtog=
last-modified
Fri, 22 Dec 2023 08:14:19 GMT
server
cloudflare
etag
W/"72585859f7005322a24f55039d6502e6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWK1y%2BBylueGVDyi%2FIRc5oZ7Ml0omOGdAjhn14R%2FmZhWQv3Tniz6QgF6vd0pNrvyUaVJ4UuGgKIz7KeoBpoFdEY%2FoQ4tcixa5p4oCes6G7aiGSxS5v1qQe1n3htDYC3mQFgvheHNQZ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca5fa6f2c2f-FRA
9317.8347c21dba66a3c8e00f.js
static.fundraiseup.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/9317.8347c21dba66a3c8e00f.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23098142daf44c1cb7d244684146fb6ecb0568274118ae3f62cef67034551ef2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
5AN0P5WV2DJPMTPA
age
445957
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
6oVt341UDBypRNFueOB2LyfUROi0/Bdw7gBNjFz5mu1QcaoQz8YG0BUHo0lH8PyJ8hJ7aBksCjA=
last-modified
Thu, 28 Dec 2023 09:56:39 GMT
server
cloudflare
etag
W/"cb3cf711444477b5098e7015fbbf15ef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iurG1Eh00Tt9XlJrZE6zCXMbeb9z4YDnmpm0fLW030cMUycyG8i1ndmM4B2%2Fkg%2BvRTx26cyt9nr5htROjA%2BAmHWaLEZeAG6GhGY86cnoMtEFXh2Jv14SKc9ZI15Qq11VcbD6TuERKG4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca5fa712c2f-FRA
3881.cbc277ee4db5221fc545.js
static.fundraiseup.com/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3881.cbc277ee4db5221fc545.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8cd06506717ca4b233b2fd62746d5a39c9230b4ea3c4bb56206edf928ed8d05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8KJK6BFM1BFHE3
age
18678
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
WvMEzx0S93gR+qWSzjSi8/nF00VOsoxETL3RbwGkwu4D5cI1w7EBeMklaae9bXpWQVNSJpLfT/g=
last-modified
Tue, 02 Jan 2024 08:46:53 GMT
server
cloudflare
etag
W/"d3787c003b65e006808cbd3b22d515d6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xcX%2BZgaHODlV8aIRXlho1TQUyQgcgpO4pIKQxV4%2BnNi2lmwPvRrAvGCg5g3mrNdROWop%2BarSAY10Uk%2BomLfJxjiPBj1g%2FHtVTqPWjJQjzXUO6DrHeybi9QGmhzSHeekFBiraBDu56qE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca5fa722c2f-FRA
8443.30652bd12c39ddd0d48e.js
static.fundraiseup.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/8443.30652bd12c39ddd0d48e.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e7f6cd883b421b03d88891e93891fc89bd7e4cde0266009f72250f0092302aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8H4CT4DKCYR9E6
age
18678
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
qi62K9vmonowNbTsCieOhdfLclJ81nTL2E03MtjZD/raIbAogt9MJ79vAxBh2nTx3Q0idOgcaQg=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"188752fb24105ced13abb937e1252dd7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rXlAEVFBp5j%2FXLlyZ4c1vCaZQNIwShmqY231ffuSDr8L8wRXaYvbXUseqd8v4LXQhcDOgGHHpgV8BQjS%2FuoUps%2FXVvn8pU1xFc6uGwOWkc%2Bguo5oxfozwD6JzFUsggDl4%2Fbw%2Bn9uqY0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca5fa732c2f-FRA
/
ucarecdn.com/16dee98c-4cc2-442e-a7a3-f895f7d22227/-/resize/470x/-/format/auto/ Frame 4354 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ucarecdn.com/16dee98c-4cc2-442e-a7a3-f895f7d22227/-/resize/470x/-/format/auto/
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Uploadcare /
Resource Hash
9516e1c23610840cf3f86fc18968a997a2af08e5f42e0093013f0836285d30bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
x-image-width
470
server
Uploadcare
etag
"997f30d9a41e015338e681fdb6747621"
vary
accept
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control
public, max-age=31556666
content-disposition
inline
x-image-height
263
content-length
11427
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.60bddc71096815d0d15a.woff2
static.fundraiseup.com/common-fonts/ibm-plex-sans/ Frame 4354 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.60bddc71096815d0d15a.woff2
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
QV6ZDN9ZE9B27XAQ
age
46779
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
56996
x-amz-id-2
m6GUjrh0H2iAktFvpb0L/mpjbZFX+kWDxI9bEav1Xyo64YXxt9GJXGFAKCrTKd62O29l3pK0T5Y=
last-modified
Wed, 06 Dec 2023 09:28:27 GMT
server
cloudflare
etag
"643ad5d92cd7c31076790077c3003abc"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VfZtYEsvAvYgaMBwVXmLFDb51a77bNgk7Mxy0tuoCmx0Ndn0uPVtJ0msB79fw273g7pQbZMNOykkzwO%2BBdE58S0PdcTaALP9%2BGXY15Jrqw%2BTsnMudmmWxnYXQ1z9vXx93fJ4yjqOYow%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83f39ca6084c4db8-FRA
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c4db12b4fb0be67f4f37.woff2
static.fundraiseup.com/common-fonts/ibm-plex-sans/ Frame 4354 		52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c4db12b4fb0be67f4f37.woff2
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
JRHY9BEF33K6CYBT
age
46779
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
53064
x-amz-id-2
TY+OmKXWG4YaamWfwjxCPV4L2wrAeyL1CM8bL3qxuUVpUHQM/WLtlRgBtusTbYkyL3+fowMfSng=
last-modified
Wed, 06 Dec 2023 09:28:27 GMT
server
cloudflare
etag
"c9e466876957e9d2128f63b225a81ae3"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQ0FGNCWGgNaWa5vtlNERwvk60Xh5nMkwwL4wu0%2BhyT3QjNgawWB4%2BsdL%2BcQEu33HVBMTpXq2CI158%2B%2BDK%2Bv35snBt6C0pxyiB6LvPIAerBXjAXFf7aET94ggyLLpblAkvjMpPJweFg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83f39ca6084e4db8-FRA
4308.267ae83b72a737d61bc8.js
static.fundraiseup.com/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4308.267ae83b72a737d61bc8.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8e7a944adcb9d32eaf4e2f6e85cb7d1f9029b74de22ad7ff2d46ef82b189c95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8KF9W3ZK1CEH0S
age
18677
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
3f7tcUQY9tp9sa5+vNlqrCu5w8zSd9UhWB300tZA6rlEyxT414eo5g2vbk89V5zanTfBPYB2qLI=
last-modified
Tue, 02 Jan 2024 08:46:53 GMT
server
cloudflare
etag
W/"d17d932280bf77e59d50820c420d7365"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FeF%2B7uPO3tFn%2FKeyK8mqOMbUOZp%2FCpz4mbi34Dw%2FDkFLraLSrerQNOQg20FL60AiKKZHfMxatCaprfZEr8vat%2Fk9%2FefEDM8ZT3jqrywGuVFnjTZ29Cz7ZxOdCWmAhpx3%2B6truL%2BGvyw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca60a832c2f-FRA
4798.a2fa7f6bbb792b2fa1f0.js
static.fundraiseup.com/ 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4798.a2fa7f6bbb792b2fa1f0.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df9d8e18a3cec3afcf01338e9a26209eeb89e3d0eaf97f0d5298f039776ffc8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
T6HVZ7NMVRV3E3M9
age
970755
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
JLri/LFQCnU0gywkgJNpwdWSHJit4rYPBybck9l0ByX1Gx/x1iRUUpY75BOUV/YTUDkTPAtBH3k=
last-modified
Fri, 22 Dec 2023 08:14:26 GMT
server
cloudflare
etag
W/"813c3e21463a5fb18a4652af2d6e3a0d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cj1CDajKM0%2BSzY2l%2Fgr6W9v91Lbh0ed7AtB1gzk2WuIYTV4yH1OI6IBqwCnSkP8%2Fh%2FzSgUozx6cZXalUtQgc4gBn6%2BJzp%2BcsL24JddvlNPar5zoTxWTk630braJkuufnS5Tx1D3Se1k%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca60a852c2f-FRA
7470.5c849ae41dfa76a30134.js
static.fundraiseup.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/7470.5c849ae41dfa76a30134.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb48d9e8351750646223a61d5868a0eda7972e2ea278c69677577300810b0ad4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8JPRHD9YY49EE3
age
18677
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
HutZCDlQ8XRTbLPR9Wr1o4LPS/6wOyXOqcM//5qHosqvuB5hyU0RO9A70HJtA+If18/diTFZBa0=
last-modified
Tue, 02 Jan 2024 08:46:54 GMT
server
cloudflare
etag
W/"8116b094c9ac56f0fa0e152d4e72373b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z83OufXmn0cvB0kg991qTYNFXuDSQpvnDWmCvuSoQ2Esae8MB2P30voHQT%2BUbFZu3r4PbBr%2B4%2B9ltYCibfoscEm1gd6GKdElwdJHnLgFcaWu8gGHAsMHXGGQMXDhnNHVx8BqTA9GLMg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca60a862c2f-FRA
7161.70dda01ad3bd7b1f43f4.js
static.fundraiseup.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/7161.70dda01ad3bd7b1f43f4.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b1dccb5a273ea2fadd2437f76d7e4b897e7c5f461f52c0b72cc7e74db13cca2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8PPAY9H136RVEF
age
18677
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
C9VN/p5Vt9YFAs70alZLX3hl/sC3s6Kv4OB68UfZmWDThhWGjJrOBl/voCnEY1y1+qxYCNU0YKE=
last-modified
Tue, 02 Jan 2024 08:46:54 GMT
server
cloudflare
etag
W/"6a9110bcfcb930b2a0f06f9f8de67d69"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BBkWeyMaRFv9e6wBGQ3xo54nJuCAija%2B0FwCFHqy4666B%2BTOzPXcaMhBgJKqX6SXqMpvsJiFJcsD%2BT8B%2FOzHEJMtu6ioU3qmhlsSCYsXzzvSIAE%2Bm%2ByijHGQyEB3sD5%2Bfq2t6%2FFIEZI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca60a872c2f-FRA
4172.550614b50a20ec5505f8.js
static.fundraiseup.com/ 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4172.550614b50a20ec5505f8.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67babd89dd5d6e783cbe7ba05cb7d77c2c3ab7bb0b3ba87b185b391a21e8cc35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9Q3SG6D78TC8KSFP
age
125078
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Dzs4cY8pLKlMqr4XXDelM+L1JRP8xYHuMx8BKtcO/NEnnLaaFpFVOvvbLVYDe90ylqjPCx/5tac=
last-modified
Wed, 29 Nov 2023 10:48:32 GMT
server
cloudflare
etag
W/"82362aa73fa0a4d64a1c55b1d259397a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K9foDyr6PMMyTkffcpgQtD3WaWxfnfCL7h8%2FalqEsoRQeGGExc0COayrXCZFNbm%2BiluaYEPWEQrqTVMgYnDuK4kgLj88CRC%2F3aDvu5T%2FUsSzYsWmj4uFSTdPznoayB5FrZLRmyJfQyM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca60a892c2f-FRA
7912.0af9043c4cad1d41b53d.js
static.fundraiseup.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/7912.0af9043c4cad1d41b53d.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25c3a3c0aecc1c3cdb989b17c48a9a75970beb6343e0df0c2651ba5eb75c900a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8WXRJ2RQ5YKB3GB5
age
1316168
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
rqEC/8NNQ/s28Is7YijTl1Is2bn/AH/Ktppu89hZ+Kavb8WG+2G45ytVF5NSMalekjlYGveVKXQ=
last-modified
Mon, 18 Dec 2023 08:18:02 GMT
server
cloudflare
etag
W/"3aad49c653ac761d3b0dc37c051585c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hnLYweh%2BVu%2BonbsC1ZWRKWxnM4w8pfz6YYkO%2Btg1tny9uMEfF3fQCLnWUeTSGlet%2B%2F%2FSmrLBjTTe27HcCIZCyLrGOj7wv4geEA9XEs4aMQ3kjIxbPD9qclZi2jDk%2FilyRLWEqa%2BkjZc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca60a8a2c2f-FRA
2604.70a67a9325a0b895a893.js
static.fundraiseup.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/2604.70a67a9325a0b895a893.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7e24515a6e8e17332b556ae1a433f0b6e00cdaea90167be98c2734b0049a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
YNCNBSNKYAZDKDQJ
age
18677
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
u4VwLpIHjQnTNnS7BOaFTguRLwpjhW9+fCvDyugXG8SYJQz/PvGU204l/4vksSr+eU81GppgdxI=
last-modified
Tue, 02 Jan 2024 08:46:52 GMT
server
cloudflare
etag
W/"52a2cc1ece90544227187f23af6c444d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OYVHfk2%2BD%2B9CpZr%2FEo3n86MpVr6mV1enlhWHyzaaeKwn0Wpoi0bXrchj5Tlj8PQdyY%2BJBGueJFeOAHWEXUxooUDVgbE2qb%2Fge23CGu0Yf%2FhtDFVrHFaFJ3MCqNwBAf8wtQbsUINOHB8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca60a8b2c2f-FRA
8242.b02aaf21dfdea45ccdeb.js
static.fundraiseup.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/8242.b02aaf21dfdea45ccdeb.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40f7997ff37aac676d939dbdb0d33f6381fc5b66de4e4c79240e6e9503b14c15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HYBH0AE9WPN4MEZV
age
970755
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
wF5+7h/87SrEbp2uxjF0zb8LcL2b8y3jEAXBGtxQzgF0fIoedcwomkGhqGU1nYz3PuqzJqepVgY=
last-modified
Fri, 22 Dec 2023 08:14:31 GMT
server
cloudflare
etag
W/"4b19319add63bf353f59c262e18d678c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xh%2FmYCeSkUEtmxvNiyQbd01cfl%2FlR1AtSGDbCwm62eACPDHvTzoI1cYhe5TucwHKHq5TzdPw2g1d4%2B%2BMEhBX9AHwFdnoBLOTNPKj0n7NI7uSIaTMh9OvWADVQWbPWX9EqhL%2BA74Qyj0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca60a8c2c2f-FRA
1307.079eb3e246fe1582b593.js
static.fundraiseup.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/1307.079eb3e246fe1582b593.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
642c3f67dbc0d646b7d2508b081e0a6040a7be94478f0cd6d2a6de21f5d11ed7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8J8BK2M5VMVMP9
age
18677
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
V3xbqXR6R8M+Xxz+zg9N0+Ntb/s+5vd5iafh9h8USZrzenY1RQZhBFdTUXQ6VroFzfwO67CnHTU=
last-modified
Tue, 02 Jan 2024 08:46:51 GMT
server
cloudflare
etag
W/"7b1aa6725ce10e652729c8ca76f3ed5b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mj6uApXYAbg5GqE%2BE4SkTFECfg2%2FF1q4adjVSfD%2FuxXXY9it3len7QEeE5DGGnJzr9KUZyMoWXH66SspYcvsLRoiQZjOTkIXCXDQmkzvNNghuTcO%2BqQgVQmc3ZWZJ5d%2FSg6QIAV4xrg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca60a8d2c2f-FRA
5294.9d66a191975ea80fb12f.js
static.fundraiseup.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/5294.9d66a191975ea80fb12f.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a06c60d0bdaeba9a685c6b98ec4108e8358606ae608bc2866b3873ba36e8be5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8QAH7AA2KGP03A
age
18677
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
6AGpkpoiAde3LBl2nCSjiQnKt1jzR1TL5FIjeTx4F110yKWQAwFvCZOEVvulRweOeG5whQHFeqQ=
last-modified
Tue, 02 Jan 2024 08:46:54 GMT
server
cloudflare
etag
W/"8cbeb2d49dcd2a8be5a4eecf9cb7596b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNw%2F4Pwkus7%2FUSSlNfiklu1W%2F45eBUmUwmBWczfnYGvA%2BYTWpyW%2B8WDrH42%2F%2B2e%2BIvt2mZhIceehYE1MVDon7K84GFeDSWFDXcH%2FaoUDUmDv9KoZUJaV1j5Wwk5N3XqzbM%2BzeV6p66g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca60a902c2f-FRA
3074.d9147f791079b87eabcc.js
static.fundraiseup.com/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3074.d9147f791079b87eabcc.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
377a6ada8b0adaf4e37c51a736bda1e6a66e2339322ce58193e81d5909ee2fb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8TG37C2X6EWCCY
age
18677
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
6bMCa6lyErEqFrJxPCzEOKfVfuJVbmStAWgTgCqGelW1NCISZF+zkQzWoxfvKImTH3IAAjWzxIA=
last-modified
Tue, 02 Jan 2024 08:46:52 GMT
server
cloudflare
etag
W/"147314f2adff1871b831c3e893d26e47"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hnJpUdHYNIRM4h4tgj7rmPiGtvVQgf5P%2Br93p17KD5RgchBS45a6sOtzXPQohnv2FWtFk0cEfHz%2BKRLpIiMdFoqisUzkiqdDw%2FvR9DkWcM97EplQKsqBy4VRkowM3L7NqjMCsapKYYc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca60a912c2f-FRA
9101.4c00b74aed875aa4a330.js
static.fundraiseup.com/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/9101.4c00b74aed875aa4a330.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18b65fdc6da2826c107418e5c689078ff47b54e7f2fc690546c33dbd3b343125
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8SF70XV7VFBQZG
age
18677
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
kI1xlkgxSAPhlIEg7MIRY87N7q5//6f5BH/h2rLndvN0C3GaSZIBe687+vH9A228rAD0GC3g8rU=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"c13ccac03382eb3bdadeaae6fb057063"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cmvw7xWFGUD9utKfqxTlgzcrIe%2Fxr0sbdPL79KktX9HwDVwFYfxlQhZKaBvxVfvX%2BL5yoyLzG59KwJY4ngepYSrXj2FJwE9aS%2BCHfy%2FtRZHrgqiVnpg3IRTqCOFQVuHmvgIG3m5gMP0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca60a922c2f-FRA
4531.eadbe0b8b04e9dfe84db.js
static.fundraiseup.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4531.eadbe0b8b04e9dfe84db.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b596c15fc92d124e18473ffa1d9529ea88cf1918efa33f00447fee4113a68338
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
D2YZ3FT61KZ7X3YN
age
1743574
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
vZW4rA6pGwfXvOJ/OPvtZuAWTlNA1zBlu6h06H5EGL9D+THcbMKXkASj8VmofwlSaBqMVJpmV4U=
last-modified
Wed, 13 Dec 2023 09:34:50 GMT
server
cloudflare
etag
W/"2f5a99aa534d43a5d5741f02d107888c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZELzbBJMjdkxWPN30SCf1Et5%2BKkg2xwvI8PhKRTnRZVjW0cBROujfMqvJbuj5%2FVWXM%2Ba4aYRoKJIyMoJFDGlnkF5jdZAn8tqlL8oisA6OdIbnFlpvqg7YGQCOwPeMvL29PVIw3Ag1U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca60a932c2f-FRA
6658.dc2fd4177fa973c9ceb2.js
static.fundraiseup.com/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/6658.dc2fd4177fa973c9ceb2.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bf7bc0004aeb0dc1b7bb23f128ac24f0302a776cd1950295bc6ffae6e990bf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HWFEVNRH1GBH7S68
age
1743574
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
/bItRw+zuqyEANDZ1efMkCrK+fBtIuyXFIuQVsSzjKgLvIk2ABZ68z8m+2ygl66oYpKyo4g0oh0=
last-modified
Wed, 13 Dec 2023 09:34:52 GMT
server
cloudflare
etag
W/"179e147646e0cd73902eb5b2db332b0f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABaqDFeaFuhY%2BYklwv%2B%2Bme6f5KTcF1eRzKnRdHMZryumfWCpHbJMO%2BAkVrie9lxirJ%2FN84N2mlxoiTQtI6fZiHX%2FWeY9vSUXCu%2FlHTKznzn5rQfKpkN9g0phFAQbL79zor%2BHNU0Mafk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca60a942c2f-FRA
3646.260d4a1075292b4adf02.js
static.fundraiseup.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3646.260d4a1075292b4adf02.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb83ac4c1a72227dd5036318370e6523f7a06d0e9f791efb6f6fe34b22621ce5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
JEJC3WJKA7HPHEPK
age
446074
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
/jjwSMTPdbp384iCJjqGvaS1Ab5/8TCJmObAbu1tDfiXnZkLKK2ZHBQMbNvamRB2Cib7VaKitzw=
last-modified
Thu, 28 Dec 2023 09:56:31 GMT
server
cloudflare
etag
W/"2411304c845454ffdbcb9e14e0698788"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bxkxum04knph4LMH7zlvE%2B9QZpkHVqgwwWCb33lJgutbduDdpAIQdLKLWlU8MnSb4arp7MXoq80GhT0WFZBs%2FD4HZxZi7NTdlASSn9lvQoBzu7jI%2FRdnCV9KOYgMbEXNhAAfd5IKKYc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca60a952c2f-FRA
3105.d6e00ff8e93a442df385.js
static.fundraiseup.com/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3105.d6e00ff8e93a442df385.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cc4700b8677a899840ce32bc6c1b5d5405e5d7f2e14a338ed95e4fe40a2bb96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8W5STJXA8666JZ
age
18677
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
TSozejIuJCP/EnLlk4USJNK6E4CP6raJUmu1e4fD4DUjXSRG/tgQBGIhv+D7yhqcyY6d7kwB65g=
last-modified
Tue, 02 Jan 2024 08:46:53 GMT
server
cloudflare
etag
W/"36ea0ba3a6b621751333520ee8fd1f70"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9A7IcCMVwnPHzED5ZXPtFq%2FwDbsg37vYQ2heEVwotdslv3wPxH7sCMjGPse20YxCxuM4BHO3a7U%2FcvrFaXzjdC0mt2ogJ10CeaNlolcH4CEWq1odr9G0uTdvuxNrjm36Xy%2FRmvFgoM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca60a962c2f-FRA
3092.789e5f7657c128376286.js
static.fundraiseup.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3092.789e5f7657c128376286.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e50d15896eb602b52225697467a0e13195cddd10423d86ccafc7598f8a6a6111
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8KP55HC4N9XTZK
age
18677
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
gb62nSkF8+A8PY8FiSvtl8X04DJ+vfX8nufElQnInQJ35tTK6JmyY/fq2X93Iuyv9wQLWRphSjU=
last-modified
Tue, 02 Jan 2024 08:46:52 GMT
server
cloudflare
etag
W/"d94f94636a66837a35470b946952786c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuSFRTxThbJ%2Bk4Fl37sf58p8eTcrov02p82jxFsOJCI2dm8OeLkgAJlElo3GG7hiFpFOGsgdzJE6WhVo6F5dUNnvdR4yZDDbkWHLj4eWwTxcJHMHfiMQe%2BtMYAmnLsReF2BNIFa0%2BuU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca60a982c2f-FRA
9927.0b1e038f382f072de5e9.js
static.fundraiseup.com/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/9927.0b1e038f382f072de5e9.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49e6f18090a8c3b811e5d7d50a1cd9e83272f1ecbea95624373950070500a90d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8V821DVXWACE22
age
18677
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
NhX6gGbK4E2JQERJ1jxpTHl0HIjsPU3AWHAfgtHxUbkUAtKTEBrUI598j5Bof8POjSIyJw4D2Ec=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"3a9bfdc394ebc7d6ad30abca79e6f251"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uwmcSRP%2FpNTgTqUl3On6WOcuzhaVJhaZHCo8klT4%2Fk%2FqwVBfoRSzMz%2Bperdtk5qo5XrNsbN9pjtvMN3MYAuXJk4I%2FRmIi%2Bv24RbJybVAuaG1tVwZBxcqYQoRODpcNqLjGwfA7IlAYtY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca60a992c2f-FRA
7730.aaad688a89216a2cc75a.js
static.fundraiseup.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/7730.aaad688a89216a2cc75a.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
276867c5c3ce0b2f35e900e8e9c73fa7dc25a53802bb365f2d20642fd253f79c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8N1YFJGCT52K5B
age
18677
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
FFwCO/O9p9O5W4y4FSoy7fv1JE98J8clpMOj0IaiYXheIh9fmAQcdqkFI7Q+eD2VhDojQeT/cWk=
last-modified
Tue, 02 Jan 2024 08:46:54 GMT
server
cloudflare
etag
W/"641661c170adba24f7e5f887e0ee88bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5ECzhmLAfa3%2FHc%2F3Es9IrPTNbTqKLx9jYmGjswAnXqNu1qsgpcH0qQp0uR69Lpm1IqmRnep%2BC7PLTHdQVhBMV9VQiCp%2Fo3t660WW09FUukILq4h3wA6RhFq7d1Qx%2BfKIf6sL4gQ%2Bug%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca60a9a2c2f-FRA
8598.d58b9cdb2bccb5cd9149.js
static.fundraiseup.com/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/8598.d58b9cdb2bccb5cd9149.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e46de8ce43bbbc4282b65b9805f4f7c462f812ce23b615379b468beb09a989a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8T8PAFRKX39G95
age
18677
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
+LkJS4FHcdIAyG0nFXLLmFkqIdLW9g187VLW8Hr/nTOVw1qytSJtJ/6b/kby4FzOFuRbIThitOw=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"854d674b89e3d93f020393ce69f5a7fd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8vYj6QFEC9FmHGkNd0he%2BfCB4B4YY2YfmVf2q%2Fwx4WSYZ6McoMkPd8oQlNTTxD51ZuDpW%2FozgG3wIZuwoKHFRRmxhXiTbxUukHcoxRpTNLvSOeR%2FdJK7mL3dSMrmX7gkrurHcXbe3w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca60a9b2c2f-FRA
3313.8bb649db75fb9f932d94.js
static.fundraiseup.com/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3313.8bb649db75fb9f932d94.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b21363e68e52f1ba52f2f292a183e39f00372c248ecfaf0c5c1fa671ff46a00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8XGEDY3B93NA6F
age
18677
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
POXRl1QV5/QniJH0uu+gMOVtewNt33siC8qC1xZQAKX1/sb2U1vowsxyAOjkrffaESdeXHDrORA=
last-modified
Tue, 02 Jan 2024 08:46:53 GMT
server
cloudflare
etag
W/"85d22b265ca08373504a09621adb500c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72IGr1td%2FziSXftwvCDWRiixniMjcwuLhQGnSlqGOX9k%2BeluHJO1WFRW0wvoMQXNTaWz0QFU%2FIF%2BfZt6WtpPTCNoXbn%2FZhvgTGBQF2gBDo7uXw9aMMTA3Us%2FOLd9AR4qOGLrfexj3Tc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca60a9c2c2f-FRA
617.b191c125d86fae215d94.js
static.fundraiseup.com/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/617.b191c125d86fae215d94.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc3a41aaf9de8dcdbb1aa7c552942868390ff131f4ae48acd79df9d5a7ff996f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
GDXVS6AZSMBX1RMF
age
1654439
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
8IYmc517lx+JwZOVQGVN0I2hjPfFaUX7gjoFpzbEoWrPhil7qHMMb4lzyfna/00D92E+o8EFUgM=
last-modified
Thu, 14 Dec 2023 10:21:52 GMT
server
cloudflare
etag
W/"9d235534a9b590256d5f9f919849f1c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMitcSyZxWAj0aSCMl9Ot%2FkH2Lv8ZvKMsX9L4le%2FRJW5l8uWTURFor5lgeY51ct8B3RHnOldfOtP6vBgKNpOQkFP9aW3SeDwwBtFVt6ZEhfJ%2BA%2BhU4gB3uu9l%2FRD33x%2Bt54RmIPGzDE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca60a9d2c2f-FRA
3755.885174add6f9f35ea1cc.js
static.fundraiseup.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3755.885174add6f9f35ea1cc.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32c2ce3fc3f9f303fb23219d570a67d0c55951c3f6c81b25e440ba6fb68e60d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8YB2DJW26XGPKM
age
18677
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
4LSZ8dKhqOkjvfnjad+GdXadifnOriBq6395YP44cA6G+ITWKVKQPsnp6clojzVKlK3tbU54v+g=
last-modified
Tue, 02 Jan 2024 08:46:53 GMT
server
cloudflare
etag
W/"6332e5261fb5e132c86e8e991694cf7e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2BhgAkNyWVvZ%2FhVd%2F8lQ14LXH9vNd%2FWy68dBUpbHV0VtwFUNb8pxEaiPgGHRBOg6B8dbZkD3Z4ZsYy19u8uMZMMF3jtb0GOEqr84ljLxTNbjOqb%2B9tzltt1fjQrMQcmtw3qVPrX4FIA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39ca60a9e2c2f-FRA
/
ucarecdn.com/36e1897c-937c-4cc1-9c7d-220d75cd62d0/-/resize/x50/-/format/auto/ Frame 4354 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ucarecdn.com/36e1897c-937c-4cc1-9c7d-220d75cd62d0/-/resize/x50/-/format/auto/
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Uploadcare /
Resource Hash
47a019a4a25f09f59e801a8b3d77f63a3a975a4c763f8430defa7987e14d7d64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
x-image-width
50
server
Uploadcare
etag
"5f0f074f24722ebb2e429bbb349da7d7"
vary
accept
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control
public, max-age=31495007
content-disposition
inline
x-image-height
50
content-length
1937
main.MWNkZmM2YTcxMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		420 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHD93M3C77U7KUN3M5L0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.110.66 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-110-66.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8eeb23a1dcd42802d5d861556c6ae4848a05fd28cd22bb8ed884015b62eefd9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id
45f151df
date
Tue, 02 Jan 2024 14:15:03 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20231221122557B0C06063F2877307F823
x-tt-trace-id
00-231221122557B0C06063F2877307F823-17117D0A9153B644-00
vary
Accept-Encoding
x-cache
TCP_HIT from a2-16-110-62.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01bba33847c0b7cb55402c06a805594009348c70a991317ddd22ed3c0f5764dcbfe8d922334dc0f8c61a982af5a75709cd033dc29500543ed3a9f54549cf5fb9a004353c06da47ee4151eeb39765cf103c80f8a24aff157af29b95d52559fb6ec0
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=5
content-length
112322
pptm.js
www.paypal.com/tagmanager/ Frame 4354 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.marchofdimes.org&t=xo&v=5.0.416&source=payments_sdk&mrid=QC6F4C27ZTBFE&client_id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&disableSetCookie=true&vault=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&merchant-id=QC6F4C27ZTBFE&currency=USD&disable-funding=venmo&locale=en_US&intent=tokenize&vault=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5b17a420163b181948e21b8a69880c8f8098f369084006bfa920b62194ff3c81
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-pCgVJZe6x60Pu5oN1W2d6fUEFCC5C5Ayvc3mcueBMcsm12pQ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-pCgVJZe6x60Pu5oN1W2d6fUEFCC5C5Ayvc3mcueBMcsm12pQ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:15:03 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
63647
x-cache
HIT, MISS
paypal-debug-id
f5696235c4423
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4778
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230090-FRA, cache-fra-eddf8230090-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f5696235c4423-a4a84418f06c25b8-01
x-timer
S1704204903.391345,VS0,VE11
etag
W/"3673-CDYthXayTPHyhbZkx+ebL7PTxgs"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
1, 0
b
r.stripe.com/ Frame 0340 		0
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904211880
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204904211493
access-control-allow-credentials
true
content-length
0
sa.css
tags.srv.stackadapt.com/ Frame 4968 		65 B
203 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.197.30.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-30-128.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
217bb9abcec006a54c8584307d24baf9b1c59817bc39066473b585158ae49064

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:15:03 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
65
content-type
text/css
sa.jpeg
tags.srv.stackadapt.com/ Frame 4968 		0
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.197.30.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-30-128.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:15:03 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
content-type
image/jpeg
b
r.stripe.com/ Frame B431 		0
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904031507
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204904031075
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame B431 		0
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904031858
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204904031502
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame B431 		0
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904032038
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204904031552
access-control-allow-credentials
true
content-length
0
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.e17268930006027a6a07.woff2
static.fundraiseup.com/common-fonts/ibm-plex-sans/ Frame 4354 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.e17268930006027a6a07.woff2
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1212e7abb6f32136c5d13b04e540ebe36e773a98acd627d5e56e466f685a0b49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HRZ2EWKGY3W56KG1
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
56460
x-amz-id-2
ieFv8LuubYVXjRZkHwgmAZM+bZC1+ok0zS7f+4mK3KBcLhyKm3dHwkh8EoJTwonlZPRx2H8ju6A=
last-modified
Fri, 08 Dec 2023 08:26:03 GMT
server
cloudflare
etag
"cc65a7d46bec1bcadfd3a27d571765f5"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9%2F%2BrMPX7tlGsAlKP%2FFDd8LBLbifbEVMvpChQU8FJJNxf0nvti6aD3VYykQJ59xic0hI%2BU3VnehG643swi0LXTwgLesn6%2FZdt44QI%2BQS8p%2FNkq1O5VZjjAEfuCFsnK%2FSkxx%2FUGCk25E%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83f39ca678d24db8-FRA
event
ad.ipredictive.com/d/track/ Frame C244 		0
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.ipredictive.com/d/track/event?upid=107549&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&val=&tn=5273680798760&cache_buster=[timestamp]&ps=2
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CLqwjP_xvoMDFVzJOwIdvowO-A;src=8832015;type=rt;cat=donforms;ord=5273680798760;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.145.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-145-154.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:15:03 GMT
Connection
keep-alive
X-CI-RTID
8b5c7def-6e44-4bd6-88c2-625c835b6a4b
Content-Length
0
p
e.acuityplatform.com/ Frame C244 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.acuityplatform.com/p?pk=9020304230610356278&pg=26254
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CLqwjP_xvoMDFVzJOwIdvowO-A;src=8832015;type=rt;cat=donforms;ord=5273680798760;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
154.59.122.94 Schiphol, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
Pixels
px.adentifi.com/ Frame C244 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adentifi.com/Pixels?a_id=3405;uq=1578395972;
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CLqwjP_xvoMDFVzJOwIdvowO-A;src=8832015;type=rt;cat=donforms;ord=5273680798760;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.69.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-69-99.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
ld.js
dynamic.criteo.com/js/ld/ Frame C244 		46 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=81237
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CLqwjP_xvoMDFVzJOwIdvowO-A;src=8832015;type=rt;cat=donforms;ord=5273680798760;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
abca992fa4e621e1b432acbd7111a6c3561a508229e1ae32873531feb1d24a17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
dc_pre=CLqwjP_xvoMDFVzJOwIdvowO-A;src=8832015;type=rt;cat=donforms;ord=5273680798760;auiddc=*;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=...
adservice.google.com/ddm/fls/z/ Frame C244 		42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CLqwjP_xvoMDFVzJOwIdvowO-A;src=8832015;type=rt;cat=donforms;ord=5273680798760;auiddc=*;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CLqwjP_xvoMDFVzJOwIdvowO-A;src=8832015;type=rt;cat=donforms;ord=5273680798760;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.marchofdimes.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.marchofdimes.org
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
0
date
Tue, 02 Jan 2024 14:15:03 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f251268e7c732
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f251268e7c732-8f1a287b59879656-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-fra-eddf8230034-FRA, cache-fra-eddf8230034-FRA
x-timer
S1704204904.673770,VS0,VE202
logger
www.paypal.com/xoplatform/logger/api/ Frame 4354 		1013 B
866 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&merchant-id=QC6F4C27ZTBFE&currency=USD&disable-funding=venmo&locale=en_US&intent=tokenize&vault=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
02c625cfac83e3e1ac2e4c8499ef93a9fab89624f8eac2726dabba4b5c983a19
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f251268921a7a
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-fra-eddf8230034-FRA, cache-fra-eddf8230034-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f251268921a7a-64d34d71e40d05ab-01
x-timer
S1704204904.983458,VS0,VE203
etag
W/"3f5-CMKSNVw31ToiUb9xDNtpjUxu8Ok"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.marchofdimes.org
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0
pixels
c1.adform.net/imatch/ Frame 7DF0 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Requested by
Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=3179125&ADFdivider=%7C&ord=915872407622&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&CPref=http%3A%2F%2Fgo.marchofdimes.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cfad4b4f0465f07e02061b695a232fab34f9cc28d7b8fea62b6c644a2abc8847
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 14:15:03 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
/
a1.seadform.net/serving/cookie/sync/ 		35 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a1.seadform.net/serving/cookie/sync/?uid=2680502003153585213&stamp=DA6HMkg_faQDvP-67D9Y4w2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
events.js
tags.srv.stackadapt.com/ Frame C244 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CLqwjP_xvoMDFVzJOwIdvowO-A;src=8832015;type=rt;cat=donforms;ord=5273680798760;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.197.30.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-30-128.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e4a34dfb89703969c90a5d415cd197b4f57bfa19ce73cb038aded283cf05a22a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:15:03 GMT
cache-control
max-age=5
content-encoding
gzip
content-type
text/javascript
bat.js
bat.bing.com/ Frame C244 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CLqwjP_xvoMDFVzJOwIdvowO-A;src=8832015;type=rt;cat=donforms;ord=5273680798760;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 02 Jan 2024 14:15:02 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5BCFDBC24E404D0C9485318E267A56AB Ref B: FRAEDGE1312 Ref C: 2024-01-02T14:15:03Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
quant.js
secure.quantserve.com/ Frame C244 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CLqwjP_xvoMDFVzJOwIdvowO-A;src=8832015;type=rt;cat=donforms;ord=5273680798760;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 09 Jan 2024 14:15:03 GMT
fbevents.js
connect.facebook.net/en_US/ Frame C244 		202 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CLqwjP_xvoMDFVzJOwIdvowO-A;src=8832015;type=rt;cat=donforms;ord=5273680798760;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 14:15:03 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
G5ljjCe9jOZbCZePkmklKRfZOaOVZWso+89BI/Zew3lPP9F1pQM1MVgng3E8o+rjKPX2Z6ny9Muhl8KnATf3YQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
muse.js
www.paypalobjects.com/muse/ Frame 4354 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=www.marchofdimes.org&t=xo&v=5.0.416&source=payments_sdk&mrid=QC6F4C27ZTBFE&client_id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&disableSetCookie=true&vault=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48DA) /
Resource Hash
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
7d1e382a2bb48
dc
ccg11-origin-www-1.paypal.com
content-length
16488
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
server
ECAcc (ama/48DA)
traceparent
00-00000000000000000007d1e382a2bb48-25405d1f8922f231-01
etag
"64f25363-daa8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Tue, 02 Jan 2024 15:15:03 GMT
ts
t.paypal.com/ Frame 4354 		42 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AQC6F4C27ZTBFE-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AQC6F4C27ZTBFE-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=427565ab-c1a8-42ab-b84a-a768c3a498ca&fltp=analytics&mrid=QC6F4C27ZTBFE&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Donation%20Widget&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1704204903487&g=-60&completeurl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&ru=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&disableSetCookie=true
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 02 Jan 2024 14:15:03 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
4129c70ae1e73
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-eddf8230057-FRA
pragma
no-cache
correlation-id
4129c70ae1e73
traceparent
00-00000000000000000004129c70ae1e73-9699d11913b1f973-01
x-timer
S1704204904.518395,VS0,VE176
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jan 2024 14:15:03 GMT
6
m.stripe.com/ Frame 1ED7 		156 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.135.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-201-135-255.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
49f3bf3e609dc87987f4d43c5a3de035a8e2824270c190bcd3c3d8fcb336e843
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204903943900
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1704204903943153
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
js.stripe.com/v3/ Frame F9BF 		798 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
9e8417dbf5f2215e91aed66fd3f0e619149f1f2dc3519977f4c663061a9759eb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2283
cache-control
max-age=31536000
content-length
798
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 13:37:04 GMT
etag
"74c94b12a3c991276d75d7e7135461e8"
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
x-amz-cf-id
raClQ-gBmrbZPr1FoLt6O_ntyuXxzL6Cu09443IflmRle7pwQHLQ6w==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
js.stripe.com/v3/ Frame 380B 		798 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
9e8417dbf5f2215e91aed66fd3f0e619149f1f2dc3519977f4c663061a9759eb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2283
cache-control
max-age=31536000
content-length
798
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 13:37:04 GMT
etag
"74c94b12a3c991276d75d7e7135461e8"
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
x-amz-cf-id
EF1sP6UK8peCSQQWQH0zRO_i3hKyVKp1HJZORXWUxei5l4_0xtWszQ==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
js.stripe.com/v3/ Frame B881 		798 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
9e8417dbf5f2215e91aed66fd3f0e619149f1f2dc3519977f4c663061a9759eb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2283
cache-control
max-age=31536000
content-length
798
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 13:37:04 GMT
etag
"74c94b12a3c991276d75d7e7135461e8"
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
x-amz-cf-id
qzcNYYSZhuQ8i3cT8dqC_OmSHTqQf6TCxQdB0ZFQKoSNSdDXIODp9w==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
js.stripe.com/v3/ Frame BB6F 		820 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
e7e7f216e2add2e5655784665bea48f8efed39c8be96c40782b3f0cf84df6bbf
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1711
cache-control
max-age=31536000
content-length
820
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 13:46:49 GMT
etag
"5d9a311984498e026b1badc5a52d6bcb"
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
x-amz-cf-id
dsNoIhBFZK1767LTTFxhdbq8Jv8uCXdIZDuFGEbU-EdYTnQLljoN0A==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
js.stripe.com/v3/ Frame 1E4D 		798 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
7a5d1a8956ee3f319edea53bf11ba07988f8c6a0b6204633cee6a41b4b216127
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3256
cache-control
max-age=31536000
content-length
798
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 13:32:38 GMT
etag
"a59168b21e202d878ed59c4fbe9405b6"
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
x-amz-cf-id
7meRBe8mNDh6YXDq2dbWs0jP85hTEzRzbpmz1d_IjfoQjhkZ9bf-hg==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
6
m.stripe.com/ Frame 94DD 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.135.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-201-135-255.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
89d7c2137f86ae88ccd80e5845906c4204c193a9363567695362828d76b59092
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204903993930
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1704204903993578
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
b
r.stripe.com/ Frame 0340 		0
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904031819
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204904031332
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 0340 		0
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904031780
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204904031645
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 0340 		0
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904031803
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204904031446
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 0340 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904031826
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204904031656
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 0340 		0
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904032248
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204904031732
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 0340 		0
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904032223
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204904031616
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 0340 		0
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904211849
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204904211410
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 0340 		0
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904211696
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204904211388
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 0340 		0
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904031879
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204904031603
access-control-allow-credentials
true
content-length
0
csp-report
q.stripe.com/ Frame 380B 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204903803394
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204903803058
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 380B 		0
715 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204903803473
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204903803061
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame 380B 		531 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:38:10 GMT
content-encoding
br
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2217
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
W/"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
EImpxg4fJmTGLVztBL94DUZIay3DJCUu7QarUI0nsbVX68FTxb_bfw==
ui-shared-897f16408e805d064314826d31faa4db.js
js.stripe.com/v3/fingerprinted/js/ Frame 380B 		404 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-897f16408e805d064314826d31faa4db.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:31:32 GMT
content-encoding
br
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2623
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Cloudfront
etag
W/"6ebbdf76ea3cb97b8ef1d372be5bd37c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
C-axUoJAQI0JBgR5roQBSiGsEw2hGV_8B6zotfecO44-ckmhYszHmA==
elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js
js.stripe.com/v3/fingerprinted/js/ Frame 380B 		52 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
413e38836dfb0157ba879c8ee095223bc38d8f9f6013c7180f6b7e2f1ac67dcd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
content-encoding
gzip
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Thu, 21 Dec 2023 18:13:40 GMT
server
Cloudfront
etag
W/"b5688a01127f6b7ade6e2a5679b5b032"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
yJKaVKlahBY0FA9X6pjs6IDXBa69dQmLS7pC-ZYfeMlg7j3nzfQA7g==
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 380B 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:46:24 GMT
content-encoding
br
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1745
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Wed, 13 Dec 2023 01:22:02 GMT
server
Cloudfront
etag
W/"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
mGDq-u1YPWYPtX7ZYVTGHm1fP-_kUf0Z8iuQTQ7MBGYaiG-x53vTgQ==
elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
js.stripe.com/v3/fingerprinted/css/ Frame 380B 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
33111c5d00b2e2e4e89f17402709ba30a1563e8c4d2fa93cf5756b44c7d1ee97
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:49:05 GMT
content-encoding
gzip
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1564
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Mon, 18 Dec 2023 21:16:55 GMT
server
Cloudfront
etag
W/"8385166c06e8d209fc459b542697c4fb"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
F7eD1CuvRLKgw2_iKAgGJrDgy99s1sE4QRw1HmghRvEhIwPtfjDPWg==
csp-report
q.stripe.com/ Frame B881 		0
715 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204903803708
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204903803070
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame B881 		0
715 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204903803719
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204903803081
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame B881 		531 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:38:10 GMT
content-encoding
br
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2217
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
W/"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
-2ylvmhBkmACH4-LhZE1nPagk3QyLptjrD3voLFZ8Xbzt2e47b3hyw==
ui-shared-897f16408e805d064314826d31faa4db.js
js.stripe.com/v3/fingerprinted/js/ Frame B881 		404 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-897f16408e805d064314826d31faa4db.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:31:32 GMT
content-encoding
br
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2623
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Cloudfront
etag
W/"6ebbdf76ea3cb97b8ef1d372be5bd37c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
UolyQ9DOxywjU9b_5d9-Ql_cdow5OCRjCX9CmW11ctFE7avhhV7X6w==
elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js
js.stripe.com/v3/fingerprinted/js/ Frame B881 		52 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
413e38836dfb0157ba879c8ee095223bc38d8f9f6013c7180f6b7e2f1ac67dcd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
content-encoding
gzip
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Thu, 21 Dec 2023 18:13:40 GMT
server
Cloudfront
etag
W/"b5688a01127f6b7ade6e2a5679b5b032"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
s97YqRmP-Sfz-4QwWmDBv1SUNkkAt9o08ez7ZSoqL1N9OF64QzMc-g==
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame B881 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:46:24 GMT
content-encoding
br
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1745
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Wed, 13 Dec 2023 01:22:02 GMT
server
Cloudfront
etag
W/"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
8IEyQjbXJAoN3BeM-UjSogJF97HQmBLtoxN6qtngy1N5UhQ8dF4rMQ==
elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
js.stripe.com/v3/fingerprinted/css/ Frame B881 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
33111c5d00b2e2e4e89f17402709ba30a1563e8c4d2fa93cf5756b44c7d1ee97
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:49:05 GMT
content-encoding
gzip
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1564
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Mon, 18 Dec 2023 21:16:55 GMT
server
Cloudfront
etag
W/"8385166c06e8d209fc459b542697c4fb"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
GyCAW0vKaI0jhFyJIN-sISoa0sKJxk0JqmBebKM4Dm6jcHPap8iHeA==
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame BB6F 		531 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:38:10 GMT
content-encoding
br
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2217
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
W/"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
_-nZ8WcxKrLjpK2UWod5DeN-O6hazvyaTOuS0IQl9hn55O64oaqm1A==
ui-shared-897f16408e805d064314826d31faa4db.js
js.stripe.com/v3/fingerprinted/js/ Frame BB6F 		404 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-897f16408e805d064314826d31faa4db.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:31:32 GMT
content-encoding
br
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2623
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Cloudfront
etag
W/"6ebbdf76ea3cb97b8ef1d372be5bd37c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
XVQimGZjLCrmzdt2X36TTUT-TMOsEyNAJpVVw4g0qkHhgOwxDtaj2g==
elements-inner-au-bank-account-34c8ad6a1ca3f37a9e46b5abfb1b8555.js
js.stripe.com/v3/fingerprinted/js/ Frame BB6F 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-au-bank-account-34c8ad6a1ca3f37a9e46b5abfb1b8555.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
2d414e5f00e69a14d9e552014d9f932df7c40b618b2904726170fb689ef8fe87
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:08:52 GMT
content-encoding
br
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
418
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:14 GMT
server
Cloudfront
etag
W/"b80aa36d0aa050d116b6c701597397d9"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
6MDJf5K56ZIuez8678E1lI9Yryyx-NFCmeS5Qg1utOxEewRt_UAlvQ==
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame BB6F 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:46:24 GMT
content-encoding
br
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1745
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Wed, 13 Dec 2023 01:22:02 GMT
server
Cloudfront
etag
W/"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
oO5c-LGx0NCVPzqX4TDpIJmvpmuXdiyYNCoU0Slre5_Zn_89YL2UGg==
elements-inner-au-bank-account-e34451f632d458dc560a07f1f94a5e0a.css
js.stripe.com/v3/fingerprinted/css/ Frame BB6F 		764 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-au-bank-account-e34451f632d458dc560a07f1f94a5e0a.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6ec65ff8562887c03245269b73d1ebb60f6f619d9bad49c6ce2c956e7a0826f4
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:58:03 GMT
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
1028
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
content-length
764
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Cloudfront
etag
"0507b76e911911910d0e35f2024dd5c6"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
AaJBnqldPPhrQMMB-vstXpjPYZ9m7ubllgD0F7eQXwg0rNwJYxcWRA==
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame 1E4D 		531 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:38:10 GMT
content-encoding
br
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2217
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
W/"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
yhfMidRIypUOopsJGFW2ZSu5mbRM9Q5QIbP6-L031btpJcdr7nyq3Q==
ui-shared-897f16408e805d064314826d31faa4db.js
js.stripe.com/v3/fingerprinted/js/ Frame 1E4D 		404 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-897f16408e805d064314826d31faa4db.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:31:32 GMT
content-encoding
br
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2623
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Cloudfront
etag
W/"6ebbdf76ea3cb97b8ef1d372be5bd37c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
ar9qojKEom-2hyxkgxYM0FB9wRrrpfbmkQBQpRspjpyHBsM4u3JMbA==
elements-inner-iban-4ac6a58186cbdc786747a784d558aba4.js
js.stripe.com/v3/fingerprinted/js/ Frame 1E4D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-iban-4ac6a58186cbdc786747a784d558aba4.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f16ade3e5da5d485764a1d4ca2aa3f94f757b785195b04d391de88680adf76ea
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:36:21 GMT
content-encoding
gzip
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2325
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:14 GMT
server
Cloudfront
etag
W/"21b89b442b725a93ba30c1992c145c02"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
d1BLZLiHf-FQU63PYXPJk0hCgB0v5R-BndROCIrO12X9Y8AVJJTYiA==
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 1E4D 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:46:24 GMT
content-encoding
br
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1745
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Wed, 13 Dec 2023 01:22:02 GMT
server
Cloudfront
etag
W/"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
jm2vSgXKfIiv3Q9Q_p3pclo_1avOFy3TFpTPFPbQJWOe0hAN4kG6Kw==
elements-inner-iban-3e7da55d4a3877ba3c3a89df8f9b29bc.css
js.stripe.com/v3/fingerprinted/css/ Frame 1E4D 		485 B
980 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-iban-3e7da55d4a3877ba3c3a89df8f9b29bc.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
1ded1815d04f8d9199091223c6862c3942b4cf3cca05a58370bc3b6ce271fe10
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:15:42 GMT
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
3561
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
content-length
485
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Cloudfront
etag
"f6ff2b5ca153d43c332b4e54c118e3d0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
BPTuXczEYGa-Os7-sag7WPjp5VIjIUslKMpmWyQyFZZvlzTny2Dq5Q==
csp-report
q.stripe.com/ Frame F9BF 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204903803474
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204903803087
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame F9BF 		0
715 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204903803458
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204903803091
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame F9BF 		531 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:38:10 GMT
content-encoding
br
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2217
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
W/"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
Ev4cacXMGHbLbKzhu_qJNKAHTVRi_8w-kpGRH2cLQ-EJ1OKmcytJEg==
ui-shared-897f16408e805d064314826d31faa4db.js
js.stripe.com/v3/fingerprinted/js/ Frame F9BF 		404 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-897f16408e805d064314826d31faa4db.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:31:32 GMT
content-encoding
br
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2623
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Cloudfront
etag
W/"6ebbdf76ea3cb97b8ef1d372be5bd37c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
pkgrcy_0pjqQsWc60Pul8eHZJXbtAKi1znFU55b-QxOsKjCakphtBg==
elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js
js.stripe.com/v3/fingerprinted/js/ Frame F9BF 		52 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
413e38836dfb0157ba879c8ee095223bc38d8f9f6013c7180f6b7e2f1ac67dcd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
content-encoding
gzip
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Thu, 21 Dec 2023 18:13:40 GMT
server
Cloudfront
etag
W/"b5688a01127f6b7ade6e2a5679b5b032"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
dRPA6HHCyoCSsagA566pm8ujgwhhdhema6TRtwMIwttZ_52iXPaK2g==
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame F9BF 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:46:24 GMT
content-encoding
br
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1745
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Wed, 13 Dec 2023 01:22:02 GMT
server
Cloudfront
etag
W/"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
YrWxEDfl5Uk1G7gzCAPry_8wqoJWmB3fUbM69sL5sHx0-Vm201xYNQ==
elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
js.stripe.com/v3/fingerprinted/css/ Frame F9BF 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
33111c5d00b2e2e4e89f17402709ba30a1563e8c4d2fa93cf5756b44c7d1ee97
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:49:05 GMT
content-encoding
gzip
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1564
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Mon, 18 Dec 2023 21:16:55 GMT
server
Cloudfront
etag
W/"8385166c06e8d209fc459b542697c4fb"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
5Hao4EKxpl55qh7o7xdacW1mU0OE5AFQmmFsndUFN4KKARX-6yu3Yw==
rules-p-uyn8UnTsRXguL.js
rules.quantcount.com/ Frame C244 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-uyn8UnTsRXguL.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:b000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d375fb8f67575a449606683fc8be339674f03ff2fee1c42e632564d0b207c3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:33:09 GMT
content-encoding
gzip
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2515
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 15:08:42 GMT
server
AmazonS3
etag
W/"b4a376a3ece8af98e7567e60db986dc9"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
UXQzzDiJsImyPn2pJOt33A9oOdcD0DuGeoEZHj_QEMJb79zNLDhl4A==
812396462484872
connect.facebook.net/signals/config/ Frame C244 		134 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/812396462484872?v=2.9.138&r=stable&domain=www.marchofdimes.org
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d30717f2e8dc64c231e7f24843ca4ba6c9076d5e838b08e4d6efc0ee66b9f9c6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 14:15:03 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35834
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
etebVMnOGMaWXeJNF2ALSl2WGoAc0wq2waEYBs9QrXDFECrkwSy3yRqNWROAjC/FvLb53aGMFfn3U6ShNUElOg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
csp-report
q.stripe.com/ Frame BB6F 		0
715 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204903803940
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204903803105
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame BB6F 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204903803533
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204903803249
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 1E4D 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204903803943
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204903803304
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 1E4D 		0
715 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204903803701
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204903803233
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
25042596.js
bat.bing.com/p/action/ Frame C244 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/25042596.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 02 Jan 2024 14:15:02 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BC91B78A16C040B49E64E0C0619CDD26 Ref B: FRAEDGE1312 Ref C: 2024-01-02T14:15:03Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ Frame C244 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=25042596&Ver=2&mid=b1e12b9c-5403-4fb6-862f-6d21c6f07ef1&sid=524972d0a97911eeb757d5d10e6a3cfb&vid=5249dc50a97911ee8dab63c08b59af11&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.marchofdimes.org%2F&r=&lt=189&evt=pageLoad&ifm=1&sv=1&rn=43158
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CLqwjP_xvoMDFVzJOwIdvowO-A;src=8832015;type=rt;cat=donforms;ord=5273680798760;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 02 Jan 2024 14:15:02 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 163FB9C8428143F99E8CA951D7978781 Ref B: FRAEDGE1312 Ref C: 2024-01-02T14:15:03Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame A547 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.marchofdimes.org&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=81237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://8832015.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:15:03 GMT
server
Kestrel
server-processing-duration-in-ticks
386578
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
plf
c1.adform.net/imatch/ Frame 7DF0 		0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/imatch/plf?name=plff
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
match
ad.360yield.com/ Frame 7DF0 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=2680502003153585213&Expiration=1705414503
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.241.183.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-183-25.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:15:03 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
m
ad.yieldlab.net/ Frame 7DF0 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=4879&ext_id=2680502003153585213
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 14:15:03 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Mon, 01 Jan 2024 14:15:03 GMT
token
token.rubiconproject.com/ Frame 7DF0 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=5232&puid=2680502003153585213
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tpui
ih.adscale.de/adscale-ih/ Frame 7DF0 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2680502003153585213&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.27.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-27-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 7DF0 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=2680502003153585213&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
164.132.25.185 , France, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-164-132-25.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:02 GMT
transfer-encoding
chunked
content-type
image/gif
user-registering
ads.stickyadstv.com/ Frame 7DF0 		43 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=2680502003153585213
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:4::26 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 14:15:03 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1704204903582095-600
sync
x.bidswitch.net/ Frame 7DF0 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=70&user_id=2680502003153585213
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.201.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-201-106.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 7DF0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2680502003153585213&expiration=1705414503
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2680502003153585213&expiration=1705414503&C=1
43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2680502003153585213&expiration=1705414503&C=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Nhv80veyrY7N8FanHbrQjUJXZQIFJ0o2F%2Fw0TdR8HptQ%2FASqx6bsMiva7qCux7O83%2Fhb%2FwTUc%2BargVkiRZxbyHZC8IYoB4enoes0%2Fc8rsmErsShzR0zLKhfvC9hAEt3%2BgOYKALF6duQYw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83f39ca7fa637185-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F76xwl3SGTQm8xhGfSWsRuaRCpqGrHiDE0P7NY6E2ERrM%2B3kX1ouriG4taDVgapSwAAjtF8CceuiU6ZfFA%2FQQQnSS%2FIPqtvgbxFltk%2B1bx%2FHlXsj3b%2BTHxTpj9qPIatGu%2Bqb16PASO%2FcYw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=111&external_user_id=2680502003153585213&expiration=1705414503&C=1
cache-control
no-cache
cf-ray
83f39ca7aa087185-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
12092831
se.semasio.net/sync/1/ Frame 7DF0
Redirect Chain
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=2680502003153585213&sInitiator=external
  • https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=2680502003153585213&sInitiator=external
  • https://se.semasio.net/sync/1/16266044?sExtCookieId=2680502003153585213&gdpr=&sInitiator=external
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr=
  • https://se.semasio.net/sync/1/647471?sExtCookieId=7319504324094195870&sInitiator=internal&gdpr=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=
  • https://se.semasio.net/sync/1/4354957?sExtCookieId=960055153409176929&sInitiator=internal&gdpr=
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=MUE1QTA4RTQxNTlFN0QwMA&gdpr=
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEAtw7FbKck-U4oa3lr8lD1A&sInitiator=internal&google_cver=1&gdpr=&google_cver=1
  • https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEAtw7FbKck-U4oa3lr8lD1A&sInitiator=internal&google_cver=1&gdpr=
0
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEAtw7FbKck-U4oa3lr8lD1A&sInitiator=internal&google_cver=1&gdpr=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
HTTP/1.1
Server
77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:13 GMT
uip-status
Ok
frontend-id
07
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:13 GMT
frontend-id
1
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEAtw7FbKck-U4oa3lr8lD1A&sInitiator=internal&google_cver=1&gdpr=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
match
ps.eyeota.net/ Frame 7DF0 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=2680502003153585213&bid=9gdtmu1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:15:03 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
pixel.gif
load77.exelator.com/ Frame 7DF0
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2680502003153585213
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2680502003153585213&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
H2
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 02 Jan 2024 14:15:03 GMT
x-age-lb
228031
x-amz-request-id
tx00000b79ebde3cf115971-0065909fa8-5134150-nyc
x-77-cache
HIT
x-accel-date
1703976872
content-length
43
x-77-nzt
A5ySIYg3Nzf/v3oDACUTwjE3Nzexz9PUZl7O7AA
x-accel-expires
@1705013672
x-77-age
228031
x-cache-lb
HIT
last-modified
Sat, 30 Dec 2023 22:32:08 GMT
server
CDN77-Turbo
etag
"fc94fb0c3ed8a8f909dbc7630a0987ff"
x-77-nzt-ray
f6587a1d15bb81b3671a9465a0a81e36
content-type
image/gif
x-rgw-object-type
Normal
accept-ranges
bytes

Redirect headers

date
Tue, 02 Jan 2024 14:15:03 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
398366.gif
idsync.rlcdn.com/ Frame 7DF0 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/398366.gif?partner_uid=2680502003153585213
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2680502003153585213/gdpr=/ Frame 7DF0 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2680502003153585213/gdpr=/gdpr_consent=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.85.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-85-3.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.20.126
content-length
49
expires
0
29729
tags.bluekai.com/site/ Frame 7DF0 		62 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/29729?id=2680502003153585213
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-169-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 02 Jan 2024 14:15:03 GMT
content-length
62
content-type
image/gif
sd
eu-u.openx.net/w/1.0/ Frame 7DF0 		43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2680502003153585213
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 7DF0
Redirect Chain
  • https://api.adrtx.net/thirdparty/click?p=adfo
  • https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
35 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
HTTP/1.1
Server
52.218.45.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:15:04 GMT
Last-Modified
Thu, 29 Oct 2015 16:41:57 GMT
Server
AmazonS3
x-amz-request-id
16W3M253MTE5Z1ZZ
ETag
"c2196de8ba412c60c22ab491af7b1409"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
35
x-amz-id-2
fceMw3CunRQvT6yuMRcTtGNtaVQH4vFuoV7HlATb/9mzmFOcXOkaaLOEuf1vXuB7qz0UVg8vZkQ=

Redirect headers

X-Error-Reason
Missing UserId
Date
Tue, 02 Jan 2024 14:15:03 GMT
Server
akka-http/10.2.10
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
137
/
cm.adsafety.net/ Frame 7DF0
Redirect Chain
  • https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=2680502003153585213
  • https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12024010214d23713366280bda83c8&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
  • https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=a989536f9d2f29fd04999ad733a62062&idt_did_status=added&gdpr_consent=&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyNDAxMDIxNGQyMzcxMzM2NjI4MGJkYTgzYzg&gdpr_consent=&gdpr=0
  • https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEOyWGWZTF-IQHy5Y0ElDiJs&gdpr_consent=&gdpr=0&google_cver=1
  • https://c1.adform.net/serving/cookie/match?party=28&cid=CM12024010214d23713366280bda83c8
  • https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=2680502003153585213
  • https://dsp.adfarm1.adition.com/cookie/?ssp=6
  • https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7319504324094195870
  • https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=7319504324094195870
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=7319504324094195870
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
HTTP/1.1
Server
217.79.178.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
cm48.as.net
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 14:15:04 GMT
Last-Modified
Tue, 02 Jan 2024 14:15:04 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection
keep-alive
Expires
Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=7319504324094195870
Date
Tue, 02 Jan 2024 14:15:04 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
usermatch.gif
beacon.krxd.net/ Frame 7DF0 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=2680502003153585213
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.241.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-241-48.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
beacon-n007-dub-prod.krxd.net
date
Tue, 02 Jan 2024 14:15:03 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1704204903
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
c1.adform.net/serving/cookie/match/ Frame 7DF0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MjY4MDUwMjAwMzE1MzU4NTIxMw
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJeRmRPFSw3Jivk7Vccuoro&google_cver=1&google_ula=1641347,0
35 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJeRmRPFSw3Jivk7Vccuoro&google_cver=1&google_ula=1641347,0
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
H2
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJeRmRPFSw3Jivk7Vccuoro&google_cver=1&google_ula=1641347,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
plf
c1.adform.net/imatch/ Frame 7DF0 		0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/imatch/plf?name=plfm
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
setuid
secure.adnxs.com/ Frame 7DF0
Redirect Chain
  • https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
  • https://c1.adform.net/serving/cookie/match?party=3&id=960055153409176929&redirect=1
  • https://secure.adnxs.com/setuid?entity=91&code=2680502003153585213
43 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/setuid?entity=91&code=2680502003153585213
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
H2
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
an-x-request-uuid
6f6583a2-9bf5-4f9c-ab49-08c884da57d6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.74; 45.141.152.74; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://secure.adnxs.com/setuid?entity=91&code=2680502003153585213
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 7DF0 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2680502003153585213
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:15:01 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
pdw-adf.userreport.com/ Frame 7DF0 		43 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pdw-adf.userreport.com/cs
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-31.dus51.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 10:12:28 GMT
Via
1.1 c31ad517510d586c0f2aa3c5dbc40b06.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.22.0
X-Amz-Cf-Pop
DUS51-P1
Age
14555
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
tRb9sERHyop6zktCZ3YKXmJgR1JjPw6G7nd0GfLP9cFivX6UvUS4iw==
p
a.audrte.com/ Frame 7DF0
Redirect Chain
  • https://a.audrte.com/a?adform_uid=2680502003153585213
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YmQ2LUJuRGYyeEpRQnVWNmd3WGJpV3VSZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
HTTP/1.1
Server
54.217.36.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-36-38.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:15:03 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 02 Jan 2024 14:15:03 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
match
c1.adform.net/serving/cookie/ Frame 7DF0
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=1586&dpuuid=2680502003153585213&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=2680502003153585213&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
  • https://c1.adform.net/serving/cookie/match?party=1007&cid=91193110074607064314433725358967348715&noredirect=1
35 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=1007&cid=91193110074607064314433725358967348715&noredirect=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
H2
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

dcs
dcs-prod-irl1-2-v054-0eec88a0e.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
Z/kfXuyQSks=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://c1.adform.net/serving/cookie/match?party=1007&cid=91193110074607064314433725358967348715&noredirect=1
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
/
dmp.adform.net/serving/cookie/match/ Frame 7DF0
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=2680502003153585213
  • https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219763204749002753418
35 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219763204749002753418
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
H2
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219763204749002753418
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
/
dmp.adform.net/serving/cookie/match/ Frame 7DF0
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
  • https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7319504324094195870
35 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7319504324094195870
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
H2
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

Location
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7319504324094195870
Date
Tue, 02 Jan 2024 14:15:03 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
33302
tags.bluekai.com/site/ Frame 7DF0 		62 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33302?id=2680502003153585213
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-169-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 02 Jan 2024 14:15:03 GMT
content-length
62
content-type
image/gif
match
c1.adform.net/serving/cookie/ Frame 7DF0
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
  • https://c1.adform.net/serving/cookie/match?party=1084&cid=tyv4gR9o1RkFxR5
35 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=1084&cid=tyv4gR9o1RkFxR5
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
H2
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 14:15:03 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://c1.adform.net/serving/cookie/match?party=1084&cid=tyv4gR9o1RkFxR5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 7DF0 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
server
Kestrel
content-length
70
content-type
image/gif
image.sbmx
global.ib-ibi.com/ Frame 7DF0 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=2680502003153585213
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
HTTP/1.0
Security
TLS 1.2, RSA, AES_128_CBC
Server
216.46.185.182 Highlands Ranch, United States, ASN13649 (ASN-FLEXENTIAL, US),
Reverse DNS
Software
BigIP /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Connection
close
Content-Length
0
Server
BigIP
0.gif
id5-sync.com/s/10/ Frame 7DF0 		43 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/10/0.gif?puid=2680502003153585213
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
/
dmp.adform.net/serving/cookie/match/ Frame 7DF0
Redirect Chain
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=3229075261
  • https://dmp.adform.net/serving/cookie/match/?party=1145&cid=zvsHfHkFQE/WkZb4G8H2de
35 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=zvsHfHkFQE/WkZb4G8H2de
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
H2
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
via
1.1 google
last-modified
Tue, 02 Jan 2024 14:15:03 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=zvsHfHkFQE/WkZb4G8H2de
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
um
sync.teads.tv/ Frame 7DF0 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=119&uid=2680502003153585213
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Tue, 02 Jan 2024 14:15:03 GMT
pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
/
s.ad.smaato.net/c/ Frame 7DF0 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=2680502003153585213
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:1200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
cache-control
no-cache, must-revalidate
via
1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
WO-_1WehjZIVDT1KOV1DV6U_5ldlfGhRAHF6jWN_nSNhBlfCp7fAjA==
x-cache
Miss from cloudfront
2680502003153585213
match.contentexchange.me/adform/ Frame 7DF0 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.contentexchange.me/adform/2680502003153585213?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
ilog.vsn.si
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
content-length
0
server
nginx/1.16.1
xuid
eb2.3lift.com/ Frame 7DF0 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7354&xuid=2680502003153585213&dongle=AD20
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
put
e1.emxdgt.com/ Frame 7DF0 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d52&uid=2680502003153585213
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.138.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-138-113.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
server
awselb/2.0
plf
c1.adform.net/imatch/ Frame 7DF0 		0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/imatch/plf?name=plfl
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/imatch/pixels?uid=2680502003153585213&agencyId=9068&advertiserId=2177609&src=tp&rnd=956098
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
/
px.ads.linkedin.com/wa/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: EF731201581645AE89F3B76B45D74890 Ref B: FRAEDGE1321 Ref C: 2024-01-02T14:15:03Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
access-control-allow-origin
https://www.marchofdimes.org
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYN9x/oMYLyAD5NurNptA==
saq_pxl
tags.srv.stackadapt.com/ Frame 4968 		116 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=zFWBFWbS14YYtkU1aQYdUw&is_js=true&landing_url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&t=&tip=JH3J5ISblPGzZ_NCV9dQEAnzUPSjQ_MiLyoL60ZgWk0&host=https%3A%2F%2F8832015.fls.doubleclick.net&sa_conv_data_css_value=%270-172b024b-84ae-58f5-5378-c41f12b7db03%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9172b024b84ae58f55378c41f12b7db032d8d984a&sa-user-id-v3=s%253AAQAKIEXD0lCYSv3CwNqDVrtRwMid_YC4a_epPQTSlTzjHpSIEHwYBCDntNCsBjABOgT90vuTQgRKyRFK.QyC4uWCEEECExR%252F8YFPvGWReZWr0uvhMn%252FwcYzXlKHY&sa-user-id-v2=s%253AFysCS4SuWPVTeMQfErfbAy2NmEo.ngWHPJcp2XgEh7%252B17RnH5ZPsuIzq2eoOufNqoxpldFQ&sa-user-id=s%253A0-172b024b-84ae-58f5-5378-c41f12b7db03.SYpFlMI10WAYTF4MThwIbjJnP52bnaygfiDOPkXmf5Y
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.197.30.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-30-128.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ae4ad442fdfac1ade543efd816459a6dfba4aeb6583e6e8cc17aee1dfacb65d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://8832015.fls.doubleclick.net
date
Tue, 02 Jan 2024 14:15:03 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
116
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
pixel;r=151268400;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLqwjP_xvoMDFVzJOwIdvowO-A%3Bsrc%3D8832015%3Btype%3Drt%...
pixel.quantserve.com/ Frame C244 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=151268400;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLqwjP_xvoMDFVzJOwIdvowO-A%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Ddonforms%3Bord%3D5273680798760%3Bauiddc%3D2114646895.1704204903%3Bgtm%3D45He3bt0v894218235%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fdonate-now%253Fform%253Ddonatenow%2526srcCode%253DGGGEOYEM2312CMR00130001%2526utm_medium%253Demail%2526utm_source%253Dmandr%2526utm_campaign%253D2023eoy%2526utm_content%253Dem-nat-mandr-2023eoy-2023-12-30-email-7%2526mkto%253Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%2526mkt_tok%253DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic%3F;ref=https%3A%2F%2Fwww.marchofdimes.org%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=0;fpa=P0-30016566-1704204903171;pbc=;ns=1;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;d=8832015.fls.doubleclick.net;dst=1;et=1704204903599;tzo=-60;ogl=;ses=54e20df4-04d8-4f6f-9c77-cd7034673dad;mdl=
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CLqwjP_xvoMDFVzJOwIdvowO-A;src=8832015;type=rt;cat=donforms;ord=5273680798760;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
index.html
www.paypalobjects.com/muse/analytics/ Frame 5957 		55 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48B6) /
Resource Hash
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
16892
content-type
text/html
date
Tue, 02 Jan 2024 14:15:03 GMT
dc
ccg11-origin-www-1.paypal.com
etag
"64f25363-dacc"
expires
Tue, 02 Jan 2024 15:15:03 GMT
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id
0c17123d9a14a
server
ECAcc (ama/48B6)
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-00000000000000000000c17123d9a14a-d70a49df8ada56c7-01
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
/
www.facebook.com/tr/ Frame C244 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=812396462484872&ev=PageView&dl=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLqwjP_xvoMDFVzJOwIdvowO-A%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Ddonforms%3Bord%3D5273680798760%3Bauiddc%3D2114646895.1704204903%3Bgtm%3D45He3bt0v894218235%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fdonate-now%253Fform%253Ddonatenow%2526srcCode%253DGGGEOYEM2312CMR00130001%2526utm_medium%253Demail%2526utm_source%253Dmandr%2526utm_campaign%253D2023eoy%2526utm_content%253Dem-nat-mandr-2023eoy-2023-12-30-email-7%2526mkto%253Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%2526mkt_tok%253DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic%3F&rl=https%3A%2F%2Fwww.marchofdimes.org%2F&if=true&ts=1704204903610&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&ler=other&it=1704204903560&coo=false&rqm=GET
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CLqwjP_xvoMDFVzJOwIdvowO-A;src=8832015;type=rt;cat=donforms;ord=5273680798760;auiddc=2114646895.1704204903;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 02 Jan 2024 14:15:03 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
sa.css
tags.srv.stackadapt.com/ Frame C244 		65 B
203 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.197.30.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-30-128.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
217bb9abcec006a54c8584307d24baf9b1c59817bc39066473b585158ae49064

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:15:03 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
65
content-type
text/css
sa.jpeg
tags.srv.stackadapt.com/ Frame C244 		0
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.197.30.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-30-128.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:15:03 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
content-type
image/jpeg
noop.js
www.paypalobjects.com/muse/ Frame 5957 		18 B
210 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/noop.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (daa/7D25) /
Resource Hash
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypalobjects.com/muse/analytics/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
paypal-debug-id
b49a7fa913ba6
dc
ccg11-origin-www-1.paypal.com
content-length
18
last-modified
Sat, 13 Feb 2021 00:26:56 GMT
server
ECAcc (daa/7D25)
traceparent
00-0000000000000000000b49a7fa913ba6-212c3812c9268b84-01
etag
"60271cd0-12"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Tue, 02 Jan 2024 14:15:02 GMT
.deploy_status_henson.json
js.stripe.com/v3/ Frame 380B 		474 B
866 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:14:46 GMT
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
18
x-amz-cf-pop
FRA6-C1
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
jYBIJlMUwPSCL1ngq5zNXVMGa9lzVeDI9wQywXI8OZ6yUJxr1g4kgg==
.deploy_status_henson.json
js.stripe.com/v3/ Frame BB6F 		474 B
862 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:14:46 GMT
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
18
x-amz-cf-pop
FRA6-C1
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
AoKdKH1xQ89u3mXm214IImgy1cyyNqbwm1w0J4Astcmz_T3tf3Pslw==
banks-059715db431d46d5564d03a4d03a508a.json
js.stripe.com/v3/fingerprinted/data/ Frame BB6F 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/data/banks-059715db431d46d5564d03a4d03a508a.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3eeaf7446956d4f52db0d9d320988723bec23129315a8daedf665bab334d6b21
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 13:48:25 GMT
content-encoding
gzip
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1636
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:04 GMT
server
Cloudfront
etag
W/"059715db431d46d5564d03a4d03a508a"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
h38GEYG42JSTzGQ3z2XvKJPwRwkdO3NaVp8K587mRG4ucva5QJsfmA==
.deploy_status_henson.json
js.stripe.com/v3/ Frame B881 		474 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:14:46 GMT
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
18
x-amz-cf-pop
FRA6-C1
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
alBe-jvvItiR3yOc6TjSn74IZ6uAZmZ-dtaGwKObfFY0fWJ_vC-10A==
ts
t.paypal.com/ Frame 4354 		42 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AQC6F4C27ZTBFE-1&page=muse%3Aoffer%3A%3A%3AQC6F4C27ZTBFE-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=427565ab-c1a8-42ab-b84a-a768c3a498ca&es=visitorInfoFlowStarted&mrid=QC6F4C27ZTBFE&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Donation%20Widget&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1704204903695&g=-60&completeurl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&disableSetCookie=true
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 02 Jan 2024 14:15:03 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
1786358fe5454
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-eddf8230057-FRA
pragma
no-cache
correlation-id
1786358fe5454
traceparent
00-00000000000000000001786358fe5454-774770fe2f225ca6-01
x-timer
S1704204904.697685,VS0,VE160
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jan 2024 14:15:03 GMT
.deploy_status_henson.json
js.stripe.com/v3/ Frame 1E4D 		474 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:14:46 GMT
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
18
x-amz-cf-pop
FRA6-C1
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
9lT-E4KWXpBdjGyqZtqcubIlDOWupSr78QH1cRuR0u7ko2ZT1UXJTg==
.deploy_status_henson.json
js.stripe.com/v3/ Frame F9BF 		474 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:14:46 GMT
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
18
x-amz-cf-pop
FRA6-C1
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
10WfQZC1KuXsHc1w1CxSONf0ZOetK5HRJAPxMW3i7nmO30QhG_YPaA==
b
r.stripe.com/ Frame 0340 		0
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904211833
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204904211588
access-control-allow-credentials
true
content-length
0
tb
fndrsp-checkout.net/ 		2 B
269 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fndrsp-checkout.net/tb
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BE1os2eai2Ywt6iVnWBQFU3aGNPzPZ6gxyJhq%2Fyd4DBCcwkWInWGifh3U8B29l2CXEQOKEv9nwerlaJztLUwmEpPE4il%2F%2FvGu93eP1sVig2w03ikZQqlpBzWJJadhWxeodBeJgE8"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.marchofdimes.org
access-control-allow-credentials
true
cf-ray
83f39ca8d887b7d6-AMS
alt-svc
h3=":443"; ma=86400
b
r.stripe.com/ Frame 0340 		0
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904212137
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204904211836
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 0340 		0
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904212292
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204904211890
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 0340 		0
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904212200
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204904211999
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 0340 		0
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904212312
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204904212011
access-control-allow-credentials
true
content-length
0
wallet-config
merchant-ui-api.stripe.com/elements/ Frame 0340 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://merchant-ui-api.stripe.com/elements/wallet-config
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.202.176.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
34c58bde64c15dc80720af1ff23bb3a8fa1cafe29ebc63a3a7ee73c9e7506d0d
Security Headers
Name Value
Content-Security-Policy report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
content-security-policy
report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security
max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy
same-site
content-length
2474
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
access-control-max-age
300
access-control-allow-methods
GET, POST
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://js.stripe.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
access-control-allow-headers
x-stripe-csrf-token
cross-origin-opener-policy-report-only
same-origin; report-to=https://q.stripe.com/coop-report
expires
0
b
r.stripe.com/ Frame 0340 		0
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904212402
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204904212053
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 0340 		0
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904212397
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204904212142
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 0340 		0
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904212627
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204904212102
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 0340 		0
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904212340
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1704204904212124
access-control-allow-credentials
true
content-length
0
.deploy_status_henson.json
js.stripe.com/v3/ Frame F9BF 		474 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:14:46 GMT
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
18
x-amz-cf-pop
FRA6-C1
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
OeVceKz9maOV-Srjab7Y8LPvP32n47pJNGPJsNMWv4nwEc6gHcZzJA==
b
r.stripe.com/ Frame 0340 		0
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904212478
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
5
x-stripe-client-envoy-start-time-us
1704204904212163
access-control-allow-credentials
true
content-length
0
json
gum.criteo.com/sid/ Frame A547 		452 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=onetag&domain=8832015.fls.doubleclick.net&sn=ChromeSyncframe&so=0&topUrl=www.marchofdimes.org&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?topUrl=www.marchofdimes.org&origin=onetag
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ed65c6a123ede5d87c2988f03538d507d12ee74c0f0bb39e2fb7efbef279236f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/syncframe?topUrl=www.marchofdimes.org&origin=onetag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1233349
expires
0
json
gum.criteo.com/sid/ Frame 0928 		441 B
570 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=onetag&domain=8832015.fls.doubleclick.net&sn=ChromeSyncframe&so=0&topUrl=www.marchofdimes.org&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?topUrl=www.marchofdimes.org&origin=onetag
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b6f7b94fca4a1e7bc2072bfb8b7f71d1223fa2aeed41f824e31a7e4e1ccec299
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/syncframe?topUrl=www.marchofdimes.org&origin=onetag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
761442
expires
0
saq_pxl
tags.srv.stackadapt.com/ Frame C244 		116 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=zFWBFWbS14YYtkU1aQYdUw&is_js=true&landing_url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic%3F&t=&tip=d2V8ii9b7-Usim3Xz60-ikZfLZfttRRn7Zb1pyeITME&host=https%3A%2F%2F8832015.fls.doubleclick.net&sa_conv_data_css_value=%270-172b024b-84ae-58f5-5378-c41f12b7db03%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9172b024b84ae58f55378c41f12b7db032d8d984a&sa-user-id-v3=s%253AAQAKIEXD0lCYSv3CwNqDVrtRwMid_YC4a_epPQTSlTzjHpSIEHwYBCDntNCsBjABOgT90vuTQgRKyRFK.QyC4uWCEEECExR%252F8YFPvGWReZWr0uvhMn%252FwcYzXlKHY&sa-user-id-v2=s%253AFysCS4SuWPVTeMQfErfbAy2NmEo.ngWHPJcp2XgEh7%252B17RnH5ZPsuIzq2eoOufNqoxpldFQ&sa-user-id=s%253A0-172b024b-84ae-58f5-5378-c41f12b7db03.SYpFlMI10WAYTF4MThwIbjJnP52bnaygfiDOPkXmf5Y
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.197.30.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-30-128.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ae4ad442fdfac1ade543efd816459a6dfba4aeb6583e6e8cc17aee1dfacb65d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://8832015.fls.doubleclick.net
date
Tue, 02 Jan 2024 14:15:03 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
116
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
graphql
www.paypal.com/targeting/ Frame 5957 		442 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql?disableSetCookie=true
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aa3bb87e6bcd646df247557102694c4a4b035fb75d5773e7549858a17f8d3549
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-8m5SUvCdsKIMDfUTk2KTrrbWFCoAJ0KPcorxYaqTSKbo7//0' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
disable-set-cookie
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-8m5SUvCdsKIMDfUTk2KTrrbWFCoAJ0KPcorxYaqTSKbo7//0' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 02 Jan 2024 14:15:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f25126862fd0f
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230090-FRA, cache-fra-eddf8230090-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f25126862fd0f-9bcd53bc594564b5-01
x-timer
S1704204904.153982,VS0,VE306
etag
W/"1ba-lcDUr54/kuucqYQ4RerMjTLrSTU"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
graphql
www.paypal.com/targeting/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,disable-set-cookie
Access-Control-Request-Method
POST
Origin
https://www.paypalobjects.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,disable-set-cookie
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Tue, 02 Jan 2024 14:15:04 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f251268257627
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f251268257627-d898a75cbe31ab48-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-served-by
cache-fra-eddf8230034-FRA, cache-fra-eddf8230034-FRA
x-timer
S1704204904.858196,VS0,VE188
b
r.stripe.com/ Frame F9BF 		0
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904212782
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204904212165
access-control-allow-credentials
true
content-length
0
identify_ce767.js
analytics.tiktok.com/i18n/pixel/static/ 		135 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_ce767.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.110.66 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-110-66.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id
45f15487
date
Tue, 02 Jan 2024 14:15:04 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20231221122559548CF9DDA8C573DF3F53
x-tt-trace-id
00-231221122559548CF9DDA8C573DF3F53-1ECA914B8D78734F-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a2-16-110-62.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
017169f4e91d4ca6d4abd2b11d25c6de473d27985c99fa43a27a65d0ca3f6a6e04b7497ea077c3cae0f3365d5ee202f711c8db0af079010ad8c2baf9c2a316f61d52f9240c86906b98618bcf5f838a877444aabc5d3c413d7945ef90c0d4e16022
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length
36188
pixel
analytics.tiktok.com/api/v2/ 		0
698 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.110.66 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-110-66.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
45f154a8
date
Tue, 02 Jan 2024 14:15:04 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240102141504DFAD3B333F195E869D98-3C835C023223D2DD-00
x-cache
TCP_MISS from a2-16-110-62.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing
inner; dur=33, cdn-cache; desc=MISS, edge; dur=8, origin; dur=524
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240102141504DFAD3B333F195E869D98
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
524,2.16.110.62
x-tt-trace-host
01c2ac37b23a23fb2c828d6ccd283ff55ee59bd0570f76f346a1285675bfd73ecfb17d83bcf607d2d2121c2ae80db1cde5af3c0590e8c116c13093566949d4634e34fa260c325e1d3546979df4f53ec17865e2a7ec5dd564efce1f981f5ae73c6e
access-control-allow-headers
Authorization,*
expires
Tue, 02 Jan 2024 14:15:04 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.110.66 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-110-66.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
e39d47a.45f154aa
date
Tue, 02 Jan 2024 14:15:04 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2401021415045B44740AE38F62DAD361-513F5471E0AABECF-00
x-cache
TCP_MISS from a2-16-110-62.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time
133,2.16.110.62
server-timing
cdn-cache; desc=MISS, edge; dur=91, origin; dur=48, inner; dur=45
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202401021415045B44740AE38F62DAD361
x-cache-remote
TCP_MISS from a23-48-100-71.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
48,23.48.100.71
x-tt-trace-host
01c2ac37b23a23fb2c828d6ccd283ff55e565cecc12c84cf3ffc6d8fb534030e964f1a3443147eb87d4ec2faa802acce1229b6dea9fde08c1f6abd27f079756f2cdebc9a3c5050ec7dc038447ec9141b48f04504a5398c2fad9bc715e1db65edcabacd047be08d46932ad4b4042c7be915
access-control-allow-headers
Authorization,*
expires
Tue, 02 Jan 2024 14:15:04 GMT
event
widget.us.criteo.com/ Frame 4968
Redirect Chain
  • https://sslwidget.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fadservice.google.com&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252...
  • https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fadservice.google.com&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252...
10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fadservice.google.com&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=gGhf2l9lT1U0WkdhbmozQkp5MkszRWN2NktENHZFZ09YYkN6Nmd2anc3ZVhlbFI4UEFvTm0zdmxsbUtFTUUxTkFUUGZQcXFXR2sxdG9GWnpxNzZkc0dZJTJGY0VaNzZTMEJXWlVYZiUyQmYzN2RDMWlIUEpSY0lNWXV1cTNEQ1E5OEZ1ZDA4ck1kWm1Cc09XRjBwUnh2UDVTRzN2WU5Eb1RmS0x0Q1BqN05LVzFXRTZFc2NjJTNE&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=fef0ed89-c11f-4a0c-8767-091f95cd2d7a&dtycbr=84458
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
02f6b4d7801ed47f7e16c2352512a1b0783b6cfe2861cafe49f8d279dc67fdfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
15756016
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-origin
*
location
https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fadservice.google.com&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=gGhf2l9lT1U0WkdhbmozQkp5MkszRWN2NktENHZFZ09YYkN6Nmd2anc3ZVhlbFI4UEFvTm0zdmxsbUtFTUUxTkFUUGZQcXFXR2sxdG9GWnpxNzZkc0dZJTJGY0VaNzZTMEJXWlVYZiUyQmYzN2RDMWlIUEpSY0lNWXV1cTNEQ1E5OEZ1ZDA4ck1kWm1Cc09XRjBwUnh2UDVTRzN2WU5Eb1RmS0x0Q1BqN05LVzFXRTZFc2NjJTNE&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=fef0ed89-c11f-4a0c-8767-091f95cd2d7a&dtycbr=84458
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3681347
timing-allow-origin
*
content-length
0
expires
0
event
widget.us.criteo.com/ Frame C244
Redirect Chain
  • https://sslwidget.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252...
  • https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252...
10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=uBkjzF80YjJ4cmVYQ05pOTBMeHB0JTJCMUVUYnhDQThNVElJcSUyRnFhblhZUHRMTzJxRFlLNVRUVko2eHdObkVTbjg0djJmQXYzWmxxRHZKWVIxV0Y1emdkczZHY0U5VHdaZGJ0alI3VWFQVVBLYVZMa0tMNWkzZlpSSm12SldIY0lSOTlRMGtZRG1jWmNSdERjaWtmUDRPcSUyRjdCb0xpWmt1cGFzc3lzd0lDVXE4MnUlMkZpNCUzRA&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=ae9be2dd-3c2b-4979-816e-e4c69aa4fc39&dtycbr=30361
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d593f238db22d6ee7dab5bb51ca650974d71bd20c67a76db3f011942d8f91029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
16121744
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-origin
*
location
https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=uBkjzF80YjJ4cmVYQ05pOTBMeHB0JTJCMUVUYnhDQThNVElJcSUyRnFhblhZUHRMTzJxRFlLNVRUVko2eHdObkVTbjg0djJmQXYzWmxxRHZKWVIxV0Y1emdkczZHY0U5VHdaZGJ0alI3VWFQVVBLYVZMa0tMNWkzZlpSSm12SldIY0lSOTlRMGtZRG1jWmNSdERjaWtmUDRPcSUyRjdCb0xpWmt1cGFzc3lzd0lDVXE4MnUlMkZpNCUzRA&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=ae9be2dd-3c2b-4979-816e-e4c69aa4fc39&dtycbr=30361
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
9032282
timing-allow-origin
*
content-length
0
expires
0
token
api.fundraiseup.com/paymentSession/3313816238043985937/googlePay/ 		244 B
792 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.fundraiseup.com/paymentSession/3313816238043985937/googlePay/token?merchantOrigin=www.marchofdimes.org
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0957f2df2668441e42e11bdf0a83fa2a01cb18e6e18a3dfcc8d54e6d535cac8f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' fundraiseup.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain; charset=utf-8

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
content-security-policy
frame-ancestors 'self' fundraiseup.com
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400
x-response-time
48ms
pragma
no-cache
server
cloudflare
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.marchofdimes.org
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5lDUHCSjZ2ayeLf5Km1eO6CUzen6UOJQE%2BjgGd4UgM7U3mS6zpnIiZpP7rnxqxQsl2LtKPt1bzR2HFxJ9B%2BAVIID8rzBXXXNUdcCD9fFHO1sHvpzxcVxnkVgBeoSq3mF5E1OJYM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
83f39caa382c2c2f-FRA
expires
0
6
m.stripe.com/ Frame 94DD 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.135.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-201-135-255.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
55313e0a388dab4e3bfe886a34c5cf0c45eb7275135a9f82f86fdd03d88916bf
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 02 Jan 2024 14:15:04 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204904186065
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1704204904185662
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
6
m.stripe.com/ Frame 94DD 		156 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.201.135.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-201-135-255.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
55313e0a388dab4e3bfe886a34c5cf0c45eb7275135a9f82f86fdd03d88916bf
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 02 Jan 2024 14:15:04 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204904236667
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
4
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1704204904236252
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
act
analytics.tiktok.com/api/v2/pixel/ 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.110.66 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-110-66.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
e3a9474.45f155a1
date
Tue, 02 Jan 2024 14:15:04 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24010214150440EC6B89FC8AE25F61DD-2DD9B1163BDA6F38-00
x-cache
TCP_MISS from a2-16-110-62.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time
117,2.16.110.62
server-timing
cdn-cache; desc=MISS, edge; dur=94, origin; dur=31, inner; dur=28
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2024010214150440EC6B89FC8AE25F61DD
x-cache-remote
TCP_MISS from a23-48-100-71.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
31,23.48.100.71
x-tt-trace-host
01c2ac37b23a23fb2c828d6ccd283ff55e565cecc12c84cf3ffc6d8fb534030e964f1a3443147eb87d4ec2faa802acce126699efc67201ba091181a55dc5eaac03ab086b77925cbe770684fc6ce66797093de3f377cc7b7e97587c0dabc93e63412da5f9b831389f4156b1fdf58e2cc2b9
access-control-allow-headers
Authorization,*
expires
Tue, 02 Jan 2024 14:15:04 GMT
b
r.stripe.com/ Frame 0340 		0
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904230510
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1704204904230050
access-control-allow-credentials
true
content-length
0
hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
js.stripe.com/v3/ Frame 7B08 		70 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
06a1918709ba854bcfe97ef585a6cd91c56671b6d23c7ee5ed5177ad97e67243
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; script-src 'self' 'sha256-CBu0w5uiOaPgb2R6Zgf7E0+STJHF4lcPIdhZzQXE6yk='; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
30
cache-control
max-age=60
content-encoding
br
content-security-policy
base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; script-src 'self' 'sha256-CBu0w5uiOaPgb2R6Zgf7E0+STJHF4lcPIdhZzQXE6yk='; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; script-src 'self'; style-src 'self'; worker-src https://newassets.hcaptcha.com; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:15:01 GMT
etag
W/"078b5f9fb44d244a9ec072f93a216630"
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
x-amz-cf-id
zvrq5dxLUBcfyKScSTocWaBQsZYZKFX3UykPlnYQqyIJdlKCGLs8Wg==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
b
r.stripe.com/ Frame 0340 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904237678
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204904237541
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 0340 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904239244
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204904239043
access-control-allow-credentials
true
content-length
0
csp-report
q.stripe.com/ Frame 7B08 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204904249796
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204904249448
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 7B08 		0
715 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204904251028
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204904250733
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 7B08 		0
715 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204904251341
x-envoy-upstream-service-time
5
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204904250756
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
.deploy_status_henson.json
js.stripe.com/v3/ Frame 7B08 		474 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:14:46 GMT
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
19
x-amz-cf-pop
FRA6-C1
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
moaovonP9f1oigB_YVsxxvTx2ClqxSLbQD0-YpmnZVyfO5mSzeyQjw==
HCaptchaInvisible.html
b.stripecdn.com/stripethirdparty-srv/assets/v20.0/ Frame B33E 		419 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=8a23637e-bbcc-4f34-810a-bad276f106a3&origin=https%3A%2F%2Fjs.stripe.com
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.137.52.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-216-137-52-57.mrs52.r.cloudfront.net
Software
Cloudfront /
Resource Hash
368dd7da190a6dab28436caf13245f59879fdb08fb07f4bf0b9e5f6b6e4fe7d2
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; connect-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://*.hcaptcha.com; img-src 'self'; script-src 'self' https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' https://hcaptcha.com https://*.hcaptcha.com; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
55
cache-control
max-age=60
content-length
419
content-security-policy
base-uri 'self'; connect-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://*.hcaptcha.com; img-src 'self'; script-src 'self' https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' https://hcaptcha.com https://*.hcaptcha.com; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:14:26 GMT
etag
"f2595495e2e037e4030e4508b2132de6"
last-modified
Wed, 20 Dec 2023 10:13:46 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding,Origin
via
1.1 1b866e6eb5f6e3ef570f3588da8a7b3a.cloudfront.net (CloudFront)
x-amz-cf-id
YzYLLxAXuiSfl8oEprec1lw8XAICrdmCrj18T5_awmwQ9P1p5WhNxg==
x-amz-cf-pop
MRS52-P2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
pay.js
pay.google.com/gp/p/js/ 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbfcec286e36b8f4223b247ba7988be0fa69dbc6938fb81707f84d3993663d98
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tDuRbOtLTdKrXEgCR3ZMFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-tDuRbOtLTdKrXEgCR3ZMFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Tue, 02 Jan 2024 14:15:04 GMT
api.js
hcaptcha.com/1/ Frame B33E 		326 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit
Requested by
Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=8a23637e-bbcc-4f34-810a-bad276f106a3&origin=https%3A%2F%2Fjs.stripe.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b.stripecdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
hseit97.H306pA6BIbqxKZ.3ehwcD0gP
age
0
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Dec 2023 14:33:57 GMT
server
cloudflare
etag
W/"e80b1a7098d3b9624a08a3ac7a13046f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
cf-ray
83f39cabeb1390f2-FRA
x-amz-cf-id
ny2oircSOsRty5yFHkP_JDpdlas4ufwOVrxi9Oz3kxb7arRWc2_iQA==
vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~1c9fb8cc.4ccf3f5b466328f5ff42.bundle.js
b.stripecdn.com/stripethirdparty-srv/assets/v20.0/ Frame B33E 		114 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~1c9fb8cc.4ccf3f5b466328f5ff42.bundle.js
Requested by
Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=8a23637e-bbcc-4f34-810a-bad276f106a3&origin=https%3A%2F%2Fjs.stripe.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.137.52.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-216-137-52-57.mrs52.r.cloudfront.net
Software
Cloudfront /
Resource Hash
301850f8ca8b8c106497210d9d78aa7b4e1339f42f01aebff119f7f633984966
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=8a23637e-bbcc-4f34-810a-bad276f106a3&origin=https%3A%2F%2Fjs.stripe.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 13:42:09 GMT
via
1.1 1b866e6eb5f6e3ef570f3588da8a7b3a.cloudfront.net (CloudFront)
age
1976
x-amz-cf-pop
MRS52-P2
x-cache
Hit from cloudfront
last-modified
Wed, 20 Dec 2023 10:13:46 GMT
server
Cloudfront
etag
W/"bee965892c4aac937bcf9539ea1cdb95"
vary
Accept-Encoding,Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=31536000, public
timing-allow-origin
*
x-amz-cf-id
XVEpKSRqu_zQNpSaE_li6gl4BdrmxuBFxVJ2HC2oQK6-p9KcCwQIUg==
HCaptchaInvisible.ae63b51d892d21e8f568.bundle.js
b.stripecdn.com/stripethirdparty-srv/assets/v20.0/ Frame B33E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.ae63b51d892d21e8f568.bundle.js
Requested by
Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=8a23637e-bbcc-4f34-810a-bad276f106a3&origin=https%3A%2F%2Fjs.stripe.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.137.52.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-216-137-52-57.mrs52.r.cloudfront.net
Software
Cloudfront /
Resource Hash
5ab11304d671d352bac6554d49fffd0f81d7ed1bced6bdf9c021e6e0fa538494
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=8a23637e-bbcc-4f34-810a-bad276f106a3&origin=https%3A%2F%2Fjs.stripe.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 13:28:48 GMT
via
1.1 1b866e6eb5f6e3ef570f3588da8a7b3a.cloudfront.net (CloudFront)
age
2831
x-amz-cf-pop
MRS52-P2
x-cache
Hit from cloudfront
last-modified
Wed, 20 Dec 2023 10:13:46 GMT
server
Cloudfront
etag
W/"b8e83aaf649bb3940fb65537c506c37a"
vary
Accept-Encoding,Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=31536000, public
timing-allow-origin
*
x-amz-cf-id
n-FyG9kt6M62O7X3_jbeL5luWy8g028Xo0-Bsp0XJhSfzWo_EadL7w==
csp-report
q.stripe.com/ Frame B33E 		0
489 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://b.stripecdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204904375909
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1704204904375112
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/3b797c3/static/ Frame 32A4 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=3cs2xthwsrg
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1b69ed532f7817296e305991e48085d9622448234c3fc00876e627a4605c2c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://b.stripecdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
819818
alt-svc
h3=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
83f39cac5b7f90f2-FRA
content-encoding
br
content-type
text/html
cross-origin-embedder-policy
credentialless
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:15:04 GMT
last-modified
Wed, 20 Dec 2023 14:33:57 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
x-amz-cf-id
8leUspaZNwfVMqoARHDLMICavX36xmv5c9YIKIcHd4Nhx5axBWnJxQ==
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-amz-version-id
zqmRvj.5H3xz3glqyfc6p0MpeMIvCHe2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
payframe
pay.google.com/gp/p/ui/ Frame D1D5 		19 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.marchofdimes.org&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fc55855c62e6c45d94a47288f04f024964b0de27359245afa41c98f3fe5e2d19
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tnyOrPFFBRpqQsauJlZAsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-tnyOrPFFBRpqQsauJlZAsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Tue, 02 Jan 2024 14:15:04 GMT
expires
Tue, 02 Jan 2024 14:15:04 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
b
r.stripe.com/ Frame 0340 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904456546
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204904456297
access-control-allow-credentials
true
content-length
0
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/3b797c3/ Frame 32A4 		326 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=3cs2xthwsrg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=3cs2xthwsrg
Origin
https://newassets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
hseit97.H306pA6BIbqxKZ.3ehwcD0gP
age
820003
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Dec 2023 14:33:57 GMT
server
cloudflare
etag
W/"e80b1a7098d3b9624a08a3ac7a13046f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
cf-ray
83f39cac7ba290f2-FRA
x-amz-cf-id
ny2oircSOsRty5yFHkP_JDpdlas4ufwOVrxi9Oz3kxb7arRWc2_iQA==
b
r.stripe.com/ Frame B431 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904489153
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204904488908
access-control-allow-credentials
true
content-length
0
checksiteconfig
api.hcaptcha.com/ Frame 32A4 		719 B
895 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hcaptcha.com/checksiteconfig?v=3b797c3&host=b.stripecdn.com&sitekey=463b917e-e264-403f-ad34-34af0ee10294&sc=1&swa=1&spst=1
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e5491f0442ae347cf0cd5454766748ab8ad9eb41d5d6ceb8f70dd85f6fb8682
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://newassets.hcaptcha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
access-control-allow-credentials
true
cf-ray
83f39cacdc1290f2-FRA
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
alt-svc
h3=":443"; ma=86400
b
r.stripe.com/ Frame B431 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904525613
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204904525460
access-control-allow-credentials
true
content-length
0
ts
t.paypal.com/ Frame 4354 		42 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AQC6F4C27ZTBFE-1&page=muse%3Aoffer%3A%3A%3AQC6F4C27ZTBFE-1%3A%3AvisitorInfo%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=427565ab-c1a8-42ab-b84a-a768c3a498ca&es=visitorInfo&cust=identified&mrid=QC6F4C27ZTBFE&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Donation%20Widget&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&unsc=48&identifier_used=DFP&e=im&t=1704204904467&g=-60&completeurl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 02 Jan 2024 14:15:04 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
f1d23902cf39d
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-eddf8230057-FRA
pragma
no-cache
correlation-id
f1d23902cf39d
traceparent
00-0000000000000000000f1d23902cf39d-acc60c1a30ff326a-01
x-timer
S1704204904.470095,VS0,VE147
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jan 2024 14:15:04 GMT
hsw.js
newassets.hcaptcha.com/c/2458d9b/ Frame 32A4 		499 KB
217 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/c/2458d9b/hsw.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0c067d3512326ee1d73cce9dccbb1bb59c24b279df3ea650ddf80578182bda6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=3cs2xthwsrg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
1JhSB37kavMYpA6c5WxU_Q.zUc_dI7mQ
age
357359
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:59:11 GMT
server
cloudflare
etag
W/"9d671418ff661c7370b4e3530ac92335"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
83f39cad093618c9-FRA
x-amz-cf-id
tuLwg-bfYelz2xDA8oYYQyV-Zg_PFm66ZoOhEW6PV--VDNrNJ7R7GA==
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 3FBF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-v9WdodCueer5CDAfakdvj6CgWKRbW4SzOt3zLA&google_cm&google_hm=ay12OVdkb2RDdWVlcjVDREFmYWtkdmo2Q2dXS1JiVzRTe...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-v9WdodCueer5CDAfakdvj6CgWKRbW4SzOt3zLA&google_gid=CAESEAQjHqp_YUpmDo6iNCpzE9g&google_cver=1&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-v9WdodCueer5CDAfakdvj6CgWKRbW4SzOt3zLA&google_gid=CAESEAQjHqp_YUpmDo6iNCpzE9g&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:04 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
514976
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-v9WdodCueer5CDAfakdvj6CgWKRbW4SzOt3zLA&google_gid=CAESEAQjHqp_YUpmDo6iNCpzE9g&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 3FBF 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-fnbfQdCueer5CDAfakdvj6CgWKS8Ry1U70jn8A&expires=30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.201.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-201-106.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 3FBF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=960055153409176929
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=960055153409176929
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:04 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1457024
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:04 GMT
an-x-request-uuid
f140254f-2034-4fb4-bf2e-f241e0039c30
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=960055153409176929
x-proxy-origin
45.141.152.74; 45.141.152.74; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 3FBF 		57 B
789 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-RbDzGdCueer5CDAfakdvj6CgWKRjEP2RXSfHmw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 14:15:04 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 14:15:04 GMT
tap.php
pixel.rubiconproject.com/ Frame 3FBF 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-q8zNyNCueer5CDAfakdvj6CgWKQAq6jHJQ0Jpg&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
rtb-csync.smartadserver.com/redir/ Frame 3FBF 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-z85xndCueer5CDAfakdvj6CgWKRjtqO9z49OuA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
164.132.25.185 , France, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-164-132-25.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 3FBF 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-y9dMBdCueer5CDAfakdvj6CgWKQ1EUGlxR3EOQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12649
um
criteo-sync.teads.tv/ Frame 3FBF 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-xsaxktCueer5CDAfakdvj6CgWKRMUe0tZHhaRQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Tue, 02 Jan 2024 14:15:04 GMT
pragma
no-cache
date
Tue, 02 Jan 2024 14:15:04 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 3FBF 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-v_WuUNCueer5CDAfakdvj6CgWKRzPf_Zwxv79A&dongle=013b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame 3FBF 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-vMH6r9Cueer5CDAfakdvj6CgWKQQj46M5cMj_g
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cksync.php
hb.yahoo.net/ Frame 3FBF 		56 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync.php?cs=1&type=58301&ovsid=k-vMH6r9Cueer5CDAfakdvj6CgWKQQj46M5cMj_g
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-185.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 02 Jan 2024 14:15:04 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
56
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 14:15:04 GMT
pixel
cm.adform.net/ Frame 3FBF 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-gs7cxdCueer5CDAfakdvj6CgWKR8ZxFmUOxPOw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
last-modified
Mon, 14 Nov 2022 09:52:50 GMT
server
nginx
accept-ranges
bytes
etag
"63720ff2-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame 3FBF 		49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-4G9i3dCueer5CDAfakdvj6CgWKQZSF8hbags4g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.250.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-250-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:04 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
6
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
rum
r.casalemedia.com/ Frame 3FBF 		43 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-EZ7ZoNCueer5CDAfakdvj6CgWKS5xpeeM8J3uQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hG5s0ninR1CG6WobKqcmujGRkSFC8L3j%2Bw%2Bc3gvReVDWOSVbrvZ%2F3X2RT2dLDn1lmusHF3IN0pCP4%2BpZqTo0c%2BN8KJFlhwa0JS49FQfk77UxE%2BPHCZlzWgx0AExB2tG34ETe"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83f39cad89c37185-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0
ibs:dpid=28645&dpuuid=vWXe57LIebvdfbwduHkmkTMKO3DUGg3K
dpm.demdex.net/ Frame 3FBF
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=vWXe57LIebvdfbwduHkmkTMKO3DUGg3K
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=vWXe57LIebvdfbwduHkmkTMKO3DUGg3K
Protocol
H2
Server
108.129.21.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-21-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v054-083ffdefc.edge-irl1.demdex.com 3 ms
pragma
no-cache
date
Tue, 02 Jan 2024 14:15:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
wt6axXhGRkg=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=vWXe57LIebvdfbwduHkmkTMKO3DUGg3K
date
Tue, 02 Jan 2024 14:15:03 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
888550
content-length
0
9.gif
id5-sync.com/s/966/ Frame 3FBF 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-JspQEdCueer5CDAfakdvj6CgWKS5Dgy1_W0i7A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 02 Jan 2024 14:15:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
match
ad.360yield.com/ Frame 3FBF 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-rvJAP9Cueer5CDAfakdvj6CgWKSALUJTiQr0yQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.241.183.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-183-25.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:15:04 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame 3FBF 		42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-VTys9dCueer5CDAfakdvj6CgWKT976YhKEBddQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame 3FBF 		0
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-YP34OdCueer5CDAfakdvj6CgWKROQs_jU1C-ow
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.145.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-145-57.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
1017
jadserve.postrelease.com/suid/ Frame 3FBF 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-kiCjiNCueer5CDAfakdvj6CgWKR3UQwTaFyr6g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.111.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-111-121.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:04 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 3FBF 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k--RNmBdCueer5CDAfakdvj6CgWKS3wYOvije5eQ&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:15:05 GMT
Cache-Control
no-cache
X-TraceId
784ef24c1d47cb0c40fc33e7f5d487b5
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3FBF 		0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-6CD7m9Cueer5CDAfakdvj6CgWKRtP4xBAyqZOw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:15:03 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
v1
match.sharethrough.com/sync/ Frame 3FBF 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-i34-4NCueer5CDAfakdvj6CgWKSXIntTA6F4Ig
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.153.246.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-153-246-175.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
sync
criteo-partners.tremorhub.com/ Frame 3FBF 		43 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-uOCGI9Cueer5CDAfakdvj6CgWKT7ZR_AOM13kw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:b711:868:5175:f82d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Tue, 02 Jan 2024 14:15:04 GMT
server
nginx
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame 3FBF 		43 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-h5kX79Cueer5CDAfakdvj6CgWKR2I1hdMGkuqA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.29
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:15:04 GMT
server
Apache
x-powered-by
PHP/7.3.29
content-length
43
content-type
image/gif
m
ad.yieldlab.net/ Frame 3FBF 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-PgXoO9Cueer5CDAfakdvj6CgWKSF8ocDT_R5HQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 14:15:04 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Mon, 01 Jan 2024 14:15:04 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame 3FBF 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-CqLVE9Cueer5CDAfakdvj6CgWKQ0YaYB-Vj3yA&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.209.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-209-33.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
content-length
0
unip
trc-events.taboola.com/1335104/log/3/ 		0
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1335104/log/3/unip?en=pre_d_eng_tb&tos=1573&scd=0&ssd=1&est=1704204902963&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1704204904536&vi=1704204902961&ri=c3843ca1415de7f8a14037319285b8e9&sd=v2_824a730a3e028db7c3ef6ff2a2054cd7_965418a1-9782-448c-b3d7-a97f637f95cb-tuctc8d9fe6_1704204902_1704204902_CIi3jgYQwL5RGLHEnNTMMSABKAEwODib4wlAgooQSMzd3ANQ____________AVgAYABol9TM2v-Z45zBAXAB&ui=965418a1-9782-448c-b3d7-a97f637f95cb-tuctc8d9fe6&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&cv=20231231-4-RELEASE&item-url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&ler=other&cbp=OneTrust&cbpv=1&cbcd=%2CC0003%2CC0001%2CC0002%2CC0004%2C
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://www.marchofdimes.org
pragma
no-cache
date
Tue, 02 Jan 2024 14:15:04 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
sync
ups.analytics.yahoo.com/ups/58301/ Frame 3FBF 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-vMH6r9Cueer5CDAfakdvj6CgWKQQj46M5cMj_g
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame D1D5 		159 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.marchofdimes.org&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
732b65d05835e912a6f475e5ed7a1f964b3a1bbf780291aac50685c5e0933e18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:20:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
593662
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57423
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 13:07:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Dec 2024 17:20:42 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 8D62
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-v9WdodCueer5CDAfakdvj6CgWKRbW4SzOt3zLA&google_cm&google_hm=ay12OVdkb2RDdWVlcjVDREFmYWtkdmo2Q2dXS1JiVzRTe...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-v9WdodCueer5CDAfakdvj6CgWKRbW4SzOt3zLA&google_gid=CAESEAQjHqp_YUpmDo6iNCpzE9g&google_cver=1&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-v9WdodCueer5CDAfakdvj6CgWKRbW4SzOt3zLA&google_gid=CAESEAQjHqp_YUpmDo6iNCpzE9g&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
776870
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-v9WdodCueer5CDAfakdvj6CgWKRbW4SzOt3zLA&google_gid=CAESEAQjHqp_YUpmDo6iNCpzE9g&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 8D62 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-fnbfQdCueer5CDAfakdvj6CgWKS8Ry1U70jn8A&expires=30
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.201.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-201-106.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 8D62
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=960055153409176929
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=960055153409176929
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:04 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1131140
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:04 GMT
an-x-request-uuid
acd80956-7f98-4f69-9a82-f2b3957b3151
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=960055153409176929
x-proxy-origin
45.141.152.74; 45.141.152.74; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 8D62 		57 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-RbDzGdCueer5CDAfakdvj6CgWKRjEP2RXSfHmw
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 14:15:04 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 14:15:04 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 8D62 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-z85xndCueer5CDAfakdvj6CgWKRjtqO9z49OuA
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
164.132.25.185 , France, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-164-132-25.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
transfer-encoding
chunked
content-type
image/gif
um
criteo-sync.teads.tv/ Frame 8D62 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-xsaxktCueer5CDAfakdvj6CgWKRMUe0tZHhaRQ
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Tue, 02 Jan 2024 14:15:04 GMT
pragma
no-cache
date
Tue, 02 Jan 2024 14:15:04 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 8D62 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-v_WuUNCueer5CDAfakdvj6CgWKRzPf_Zwxv79A&dongle=013b
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
cksync.php
hb.yahoo.net/ Frame 8D62 		56 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync.php?cs=1&type=58301&ovsid=k-vMH6r9Cueer5CDAfakdvj6CgWKQQj46M5cMj_g
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-185.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 02 Jan 2024 14:15:04 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
56
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 14:15:04 GMT
pixel
cm.adform.net/ Frame 8D62 		43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-gs7cxdCueer5CDAfakdvj6CgWKR8ZxFmUOxPOw
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
last-modified
Mon, 14 Nov 2022 09:52:50 GMT
server
nginx
accept-ranges
bytes
etag
"63720ff2-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame 8D62 		49 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-4G9i3dCueer5CDAfakdvj6CgWKQZSF8hbags4g
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.250.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-250-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:04 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
7
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
rum
r.casalemedia.com/ Frame 8D62 		43 B
753 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-EZ7ZoNCueer5CDAfakdvj6CgWKS5xpeeM8J3uQ
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uU8NnLg4EkbEYjrcgbad5EyQzoykKcL6u5Zu%2BwK5QpOyRx9JCEnUO6KRTQ2sfFlqvWhFmi3Phi%2FAahgv92aO2jhPAcW5YMih6doyQSsam9b4tX6uZlH1Y35ZUWmh0IvEGxuc"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83f39cae4d001da0-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0
ibs:dpid=28645&dpuuid=2wXAcFB80aM45RtYHNbB2_HfGZvuhy_k
dpm.demdex.net/ Frame 8D62
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=2wXAcFB80aM45RtYHNbB2_HfGZvuhy_k
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=2wXAcFB80aM45RtYHNbB2_HfGZvuhy_k
Protocol
H2
Server
108.129.21.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-21-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v054-047549938.edge-irl1.demdex.com 1 ms
pragma
no-cache
date
Tue, 02 Jan 2024 14:15:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
AioLWXYmRuI=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=2wXAcFB80aM45RtYHNbB2_HfGZvuhy_k
date
Tue, 02 Jan 2024 14:15:04 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
664966
content-length
0
9.gif
id5-sync.com/s/966/ Frame 8D62 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-JspQEdCueer5CDAfakdvj6CgWKS5Dgy1_W0i7A
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 02 Jan 2024 14:15:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
match
ad.360yield.com/ Frame 8D62 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-rvJAP9Cueer5CDAfakdvj6CgWKSALUJTiQr0yQ
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.241.183.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-183-25.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:15:04 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame 8D62 		42 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-VTys9dCueer5CDAfakdvj6CgWKT976YhKEBddQ
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame 8D62 		0
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-YP34OdCueer5CDAfakdvj6CgWKROQs_jU1C-ow
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.145.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-145-57.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
1017
jadserve.postrelease.com/suid/ Frame 8D62 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-kiCjiNCueer5CDAfakdvj6CgWKR3UQwTaFyr6g
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.111.121 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-111-121.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:04 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 8D62 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k--RNmBdCueer5CDAfakdvj6CgWKS3wYOvije5eQ&initiator=partner
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:15:05 GMT
Cache-Control
no-cache
X-TraceId
134a248b757031c810df28fc1a2ea583
Content-Length
0
sync
criteo-partners.tremorhub.com/ Frame 8D62 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-uOCGI9Cueer5CDAfakdvj6CgWKT7ZR_AOM13kw
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:b711:868:5175:f82d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Tue, 02 Jan 2024 14:15:04 GMT
server
nginx
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame 8D62 		43 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-h5kX79Cueer5CDAfakdvj6CgWKR2I1hdMGkuqA
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.29
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:15:04 GMT
server
Apache
x-powered-by
PHP/7.3.29
content-length
43
content-type
image/gif
dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 8D62 		0
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k-7xPeNdCueer5CDAfakdvj6CgWKQENaqIHlbR9w
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.65.124.66 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ingress-03-pub-prod-ix7.vip.dailymotion.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-dm-lb-name
ingress-nginx-nginx-in-cluster-gk5wx
date
Tue, 02 Jan 2024 14:15:04 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
put
e1.emxdgt.com/ Frame 8D62 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d53&uid=k-VJY_tNCueer5CDAfakdvj6CgWKQ_JPmkbwKfrg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.138.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-138-113.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
server
awselb/2.0
tap.php
pixel.rubiconproject.com/ Frame 8D62 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-q8zNyNCueer5CDAfakdvj6CgWKQAq6jHJQ0Jpg&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 8D62 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-y9dMBdCueer5CDAfakdvj6CgWKQ1EUGlxR3EOQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18131
sync
ups.analytics.yahoo.com/ups/58301/ Frame 8D62 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-vMH6r9Cueer5CDAfakdvj6CgWKQQj46M5cMj_g
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 8D62 		0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-6CD7m9Cueer5CDAfakdvj6CgWKRtP4xBAyqZOw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:15:03 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
v1
match.sharethrough.com/sync/ Frame 8D62 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-i34-4NCueer5CDAfakdvj6CgWKSXIntTA6F4Ig
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.153.246.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-153-246-175.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame D1D5 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1608
content-type
text/html; charset=UTF-8
setuid
ib.adnxs.com/ Frame 3FBF 		43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-UM0L9NCueer5CDAfakdvj6CgWKRyKmHi2Nq75A
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:04 GMT
an-x-request-uuid
70c174a6-eb54-46c4-9771-46c190d2c439
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.74; 45.141.152.74; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
463b917e-e264-403f-ad34-34af0ee10294
api.hcaptcha.com/getcaptcha/ Frame 32A4 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hcaptcha.com/getcaptcha/463b917e-e264-403f-ad34-34af0ee10294
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14159b6c2c87e4f93e85bbc291392c68318b6c104e4963ca1f01dacb23aeef03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://newassets.hcaptcha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
access-control-allow-credentials
true
cf-ray
83f39cae4abe18c9-FRA
alt-svc
h3=":443"; ma=86400
sync
ups.analytics.yahoo.com/ups/58301/ Frame 8D62 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-vMH6r9Cueer5CDAfakdvj6CgWKQQj46M5cMj_g
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usermatch.gif
beacon.krxd.net/ Frame 3FBF
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=N8hE5-49EmO1qTy_7LApv3tuivAGZubN
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=N8hE5-49EmO1qTy_7LApv3tuivAGZubN
Protocol
H2
Server
34.240.241.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-241-48.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
beacon-n019-dub-prod.krxd.net
date
Tue, 02 Jan 2024 14:15:04 GMT
cache-control
private, no-cache, no-store
x-request-time
D=35 t=1704204904
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=N8hE5-49EmO1qTy_7LApv3tuivAGZubN
date
Tue, 02 Jan 2024 14:15:03 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
844231
content-length
0
m=Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame D1D5 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4df36e15df2960947ccc39a9e1e22e3656b0855b5c48af6b773a4d86dfd4dcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 05:00:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
119681
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27264
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 05:55:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 31 Dec 2024 05:00:23 GMT
pay
pay.google.com/gp/p/ui/ Frame D1D5 		1 MB
376 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ecfcb4ac1fc57085f8dc35d689edfc42ed902d331ff5a08b316203a366035300
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-wc1-4wmpmiKYIxU0tEuWWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-wc1-4wmpmiKYIxU0tEuWWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Tue, 02 Jan 2024 14:15:04 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame D1D5 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3d47ae3412cfab8873f856540401242f2da0e37077c0839b5e33925d36183e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 04:01:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36826
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3732
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 05:55:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Jan 2025 04:01:18 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame D1D5 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02d8f5e03704768aa366ab03f03808f1e9ea6a7b18e2006febe0fb5b7e036a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 04:48:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34018
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14260
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 05:55:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Jan 2025 04:48:06 GMT
log
play.google.com/ Frame D1D5 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:15:04 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 02 Jan 2024 14:15:04 GMT
expires
Tue, 02 Jan 2024 14:15:04 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame D1D5 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:15:04 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 02 Jan 2024 14:15:04 GMT
expires
Tue, 02 Jan 2024 14:15:04 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame D1D5 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:15:04 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 02 Jan 2024 14:15:04 GMT
expires
Tue, 02 Jan 2024 14:15:04 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame D1D5 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:15:04 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 02 Jan 2024 14:15:04 GMT
expires
Tue, 02 Jan 2024 14:15:04 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame D1D5 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:15:04 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 02 Jan 2024 14:15:04 GMT
expires
Tue, 02 Jan 2024 14:15:04 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame D1D5 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:15:04 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:15:04 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 02 Jan 2024 14:15:04 GMT
expires
Tue, 02 Jan 2024 14:15:04 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
usermatch.gif
beacon.krxd.net/ Frame 8D62
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=0PP7GJXOaDcCjZAbbVLxr7ylPgXlf2Yz
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=0PP7GJXOaDcCjZAbbVLxr7ylPgXlf2Yz
Protocol
H2
Server
34.240.241.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-241-48.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
beacon-n015-dub-prod.krxd.net
date
Tue, 02 Jan 2024 14:15:04 GMT
cache-control
private, no-cache, no-store
x-request-time
D=60 t=1704204905
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=0PP7GJXOaDcCjZAbbVLxr7ylPgXlf2Yz
date
Tue, 02 Jan 2024 14:15:04 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
736364
content-length
0
setuid
ib.adnxs.com/ Frame 8D62 		43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-UM0L9NCueer5CDAfakdvj6CgWKRyKmHi2Nq75A
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:04 GMT
an-x-request-uuid
a8c5faa0-7c09-49db-ae8a-4a9367b9d3e2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.74; 45.141.152.74; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tb
fndrsp-checkout.net/ 		2 B
494 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fndrsp-checkout.net/tb
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:15:05 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqX6mu8kuFkzKga3bFAo4R3etQkpr3Jh%2B7hgECE7%2Be74zA0%2F7hylSyJFwxZN7CtNcBaauB1gnU98rZVgdcVqTBKmBB%2BcTNlg9ZY%2F%2F5teel8TV0oTAHleWOqsSxO%2FXskmyBhZ45EH"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.marchofdimes.org
access-control-allow-credentials
true
cf-ray
83f39caf1aa00be3-AMS
alt-svc
h3=":443"; ma=86400
b
r.stripe.com/ Frame F9BF 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:04 GMT
x-stripe-server-envoy-start-time-us
1704204904942703
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204904942435
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 0340 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:15:05 GMT
x-stripe-server-envoy-start-time-us
1704204905982234
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204905981791
access-control-allow-credentials
true
content-length
0
unip
trc-events.taboola.com/1335104/log/3/ 		0
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1335104/log/3/unip?en=pre_d_eng_tb&tos=4574&scd=0&ssd=1&est=1704204902963&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1704204907538&vi=1704204902961&ri=c3843ca1415de7f8a14037319285b8e9&sd=v2_824a730a3e028db7c3ef6ff2a2054cd7_965418a1-9782-448c-b3d7-a97f637f95cb-tuctc8d9fe6_1704204902_1704204902_CIi3jgYQwL5RGLHEnNTMMSABKAEwODib4wlAgooQSMzd3ANQ____________AVgAYABol9TM2v-Z45zBAXAB&ui=965418a1-9782-448c-b3d7-a97f637f95cb-tuctc8d9fe6&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&cv=20231231-4-RELEASE&item-url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&ler=other&cbp=OneTrust&cbpv=1&cbcd=%2CC0003%2CC0001%2CC0002%2CC0004%2C
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://www.marchofdimes.org
pragma
no-cache
date
Tue, 02 Jan 2024 14:15:07 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
js.stripe.com/v3/fingerprinted/js/ Frame 4354 		176 B
676 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:48 GMT
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
202
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
content-length
176
last-modified
Thu, 21 Dec 2023 18:13:43 GMT
server
Cloudfront
etag
"96f5b26d366f47393b3ff36fe7471474"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
jgczh0wfKgKDqKL6hawFT-3B_jv9tg9CsjPtKZiLhs6yKjhmBCGfxA==
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0DRBVSJJB1&gtm=45je3bt0v894839724z8894218235&_p=1704204902460&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=813083294.1704204903&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1704204902&sct=1&seg=0&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&dr=http%3A%2F%2Fgo.marchofdimes.org%2F&dt=Donate%20Now%20%7C%20March%20of%20Dimes&en=Fundraise%20Up%20Checkout%20Open&ep.CampaignID=FUNHQNAJCAL&ep.CampaignCode=GGGGENWB2200CG0012G6DNW&ep.CampaignName=Default%20Donate%20Now&ep.IsLivemode=true&_et=451&tfd=8003
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DRBVSJJB1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:15:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.marchofdimes.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
js.stripe.com/v3/fingerprinted/js/ 		176 B
676 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:48 GMT
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
202
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
content-length
176
last-modified
Thu, 21 Dec 2023 18:13:43 GMT
server
Cloudfront
etag
"96f5b26d366f47393b3ff36fe7471474"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
QwzhzuLUwGisfQvJiRfZiZPvIScVdxoWkKS4Ret2kGaO60m4baq-Wg==

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| documentPictureInPicture object| __cfQR object| __cfBeacon object| OneTrustStub function| OptanonWrapper function| FundraiseUp object| drupalSettings object| Drupal object| webpackChunkgesso object| Donation5Reminder function| formatCurrency function| format2 function| checkEditCalculationPageExists object| gsapVersions boolean| __cfRLUnblockHandlers object| dataLayer string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| Optanon object| OneTrust object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| __tfa_pixel_init object| _tfa string| _linkedin_data_partner_id object| _qevents function| obApi function| fbq function| _fbq object| resonateAnalytics number| randomNumber object| scriptTag object| insertionNode string| conversionTag string| TiktokAnalyticsObject object| ttq object| _adftrack object| funEmbed object| FUN_SERVICE_CONTAINER object| FUN object| FUN_ELEMENT_KEYS boolean| FUN_IS_MALFORMED_ENV function| ttd_dom_ready function| TTDUniversalPixelApi object| gaplugins object| gaGlobal object| gaData object| webpackChunk_fundraiseup_checkout function| UET function| UET_init function| UET_push function| quantserve function| __qc object| ezt object| _qoptions function| gtag function| lintrk boolean| _already_called_lintrk function| clsn object| dicnf object| google_js_reporting_queue number| google_srt function| btrp function| pdib3 function| vv function| sasrc function| stcc object| ueto_7dd7d6cb9f object| uetq function| onYouTubeIframeAPIReady object| google_optimize function| AdelphicUniversalPixel object| funElementsApi object| GooglebQhCsO object| Adform object| KJUR object| adf function| omrhp function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError function| setImmediate function| clearImmediate object| __SENTRY__ object| webpackChunkStripeJSouter function| noop function| Stripe function| apiObj object| ORIBILI object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchantIdsHashedValueListForGpayButtonVariant string| dynamicGpayButtonVariant object| google

97 Cookies

Domain/Path Name / Value
.taboola.com/truenorth-marchofdimes-sc/ Name: taboola_session_id
Value: v2_824a730a3e028db7c3ef6ff2a2054cd7_965418a1-9782-448c-b3d7-a97f637f95cb-tuctc8d9fe6_1704204902_1704204902_CIi3jgYQwL5RGLHEnNTMMSABKAEwODib4wlAgooQSMzd3ANQ____________AVgAYABol9TM2v-Z45zBAXAB
.marchofdimes.org/ Name: _gcl_au
Value: 1.1.2114646895.1704204903
.marchofdimes.org/ Name: fundraiseup_stat
Value:
.marchofdimes.org/ Name: fundraiseup_cid
Value: 17042049026277091894
.doubleclick.net/ Name: APC
Value: AfxxVi5WJ67Z3iJy2FTTIlpAdYCmHeL096Bj2EIej6JnurPMBhp3Ew
.www.marchofdimes.org/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Tue+Jan+02+2024+15%3A15%3A02+GMT%2B0100+(Central+European+Standard+Time)&version=202309.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=e592f624-14ab-4d1e-ade6-cfd61d62637e&interactionCount=0&landingPath=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3B0dvhB07rmRC9mozkwnKtjkEjpcgjUXXoS0izjtEitvNt2tH9h5yIP1Xq20bSf0g12M5TpoNmbXFyPSNbrOXimP--IhcbC2ZPMtic&groups=C0003%3A1%2CC0001%3A1%2CC0002%3A1%2CC0004%3A1
.doubleclick.net/ Name: IDE
Value: AHWqTUldmhaq9aZx52z-7VLJRZpbdc_Ul49RSGwMNP-v8Q_mxZ_m_mM7pWRAy3Kk2i4
.marchofdimes.org/ Name: _gid
Value: GA1.2.1819840969.1704204903
.marchofdimes.org/ Name: _gat_UA-219864-60
Value: 1
.marchofdimes.org/ Name: _uetsid
Value: 520bc660a97911ee8b442f059cad8167
.marchofdimes.org/ Name: _uetvid
Value: 520bfb80a97911ee8806e7f2b7df94eb
.marchofdimes.org/ Name: _ga
Value: GA1.1.813083294.1704204903
.bing.com/ Name: MUID
Value: 0BB95DD1CC9E606413034E2BCD4C61B7
.marchofdimes.org/ Name: _fbp
Value: fb.1.1704204902872.995793674
.quantserve.com/ Name: mc
Value: 65941a66-db25a-974b2-80157
.linkedin.com/ Name: li_sugr
Value: e8563f19-1cff-48dc-8d02-047978321b02
.linkedin.com/ Name: bcookie
Value: "v=2&0e75b577-79a9-4729-82b1-590d17274561"
.linkedin.com/ Name: lidc
Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2669:u=1:x=1:i=1704204902:t=1704291302:v=2:sig=AQGaggnLYWtbKgLIE5l5MLImQoAVdLfE"
.marchofdimes.org/ Name: __qca
Value: P0-21974756-1704204902737
.marchofdimes.org/ Name: fundraiseup_func
Value: {%22t%22:%22.marchofdimes.org%22%2C%22s%22:%221704204902638%22%2C%22sp%22:1%2C%22x%22:%2210%22}
.taboola.com/ Name: t_gid
Value: 965418a1-9782-448c-b3d7-a97f637f95cb-tuctc8d9fe6
.taboola.com/ Name: t_pt_gid
Value: 965418a1-9782-448c-b3d7-a97f637f95cb-tuctc8d9fe6
.linkedin.com/ Name: UserMatchHistory
Value: AQIBhD988htiEQAAAYzKhyJvnocP--lOrKdS486ZbiB9CCZQPg8S8B522aEp3I7751gRoZINojLWHA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLygT93_vJTIQAAAYzKhyJvSZJTn094Uhg84U7ruuv-KddadkC88-W7TxXQWDS163d2LhC4Wye92keOTDHEWw
.adnxs.com/ Name: uuid2
Value: 960055153409176929
.acuityplatform.com/ Name: auid
Value: 871902450759
.tiktok.com/ Name: _ttp
Value: 2aP0S89Xe6RbaUD1F4St66WZUrv
.adform.net/ Name: C
Value: 1
.adform.net/ Name: receive-cookie-deprecation
Value: 1
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-172b024b-84ae-58f5-5378-c41f12b7db03.SYpFlMI10WAYTF4MThwIbjJnP52bnaygfiDOPkXmf5Y
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-172b024b-84ae-58f5-5378-c41f12b7db03.SYpFlMI10WAYTF4MThwIbjJnP52bnaygfiDOPkXmf5Y
tags.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AFysCS4SuWPVTeMQfErfbAy2NmEo.ngWHPJcp2XgEh7%2B17RnH5ZPsuIzq2eoOufNqoxpldFQ
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AFysCS4SuWPVTeMQfErfbAy2NmEo.ngWHPJcp2XgEh7%2B17RnH5ZPsuIzq2eoOufNqoxpldFQ
tags.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIEXD0lCYSv3CwNqDVrtRwMid_YC4a_epPQTSlTzjHpSIEHwYBCDntNCsBjABOgT90vuTQgRKyRFK.QyC4uWCEEECExR%2F8YFPvGWReZWr0uvhMn%2FwcYzXlKHY
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIEXD0lCYSv3CwNqDVrtRwMid_YC4a_epPQTSlTzjHpSIEHwYBCDntNCsBjABOgT90vuTQgRKyRFK.QyC4uWCEEECExR%2F8YFPvGWReZWr0uvhMn%2FwcYzXlKHY
.bing.com/ Name: MSPTC
Value: RZOGOCFH_MnR03ohg0_gvtpJshQfcaYZuTuZ38eXsAE
.www.linkedin.com/ Name: bscookie
Value: "v=1&2024010214150398dceec1-00c5-41de-8dcc-33231338aa82AQFXUisiZce-X2gQukULKn62kUuslQ2t"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDQyMDQ5MDM7MjswMjGG5/LchwrATzlphd/CJacwyT45ipelWfBM6T82HeOuLw==
.marchofdimes.org/ Name: _ga_0DRBVSJJB1
Value: GS1.1.1704204902.1.0.1704204903.0.0.0
.ipredictive.com/ Name: cu
Value: 7da08e8d-2a2c-45fd-885d-94d1c2af85f1|1704204903281
.adform.net/ Name: uid
Value: 2680502003153585213
.adform.net/ Name: CM
Value: 1|1
.seadform.net/ Name: uid
Value: 2680502003153585213
.adform.net/ Name: CM14
Value: 1704291303_1704204903_1_Hu7u4e4e4R7u4e4REREeEREREQ
.eyeota.net/ Name: SERVERID
Value: 19513~DM
.casalemedia.com/ Name: CMID
Value: ZZQaZz7cPZcmLYxdfPCYVQAA
.casalemedia.com/ Name: CMPS
Value: 3279
.casalemedia.com/ Name: CMPRO
Value: 3279
.ads.stickyadstv.com/ Name: uid-bp-617
Value: 2680502003153585213
.ads.stickyadstv.com/ Name: UID
Value: ba9cccd1d4a4474620f62d38df776aba
.semasio.net/ Name: SEUNCY
Value: 1A5A08E4159E7D00
cm.adsafety.net/ Name: UID
Value: CM12024010214d23713366280bda83c8
.adsafety.net/ Name: cm_uid
Value: CM12024010214d23713366280bda83c8
ads.smartstream.tv/ Name: DID
Value: a989536f9d2f29fd04999ad733a62062
ads.smartstream.tv/ Name: idt
Value: 100
ads.smartstream.tv/ Name: permanent
Value: 1
ads.smartstream.tv/ Name: cm_uid
Value: CM12024010214d23713366280bda83c8
.exelator.com/ Name: EE
Value: "c3c6b9e4b9bdf946319c6f657f219c75"
cm.adsafety.net/ Name: permanent
Value: 1
.adfarm1.adition.com/ Name: UserID1
Value: 7319504324094195870
.krxd.net/ Name: _kuid_
Value: QAwMUGA3
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
www.marchofdimes.org/ Name: dicbo_id
Value: %7B%22dicbo_fetch%22%3A1704204903826%7D
.criteo.com/ Name: uid
Value: ddbc1803-97a1-4bc6-aa0c-1978fb120bc7
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHZONksyTLVJMkyKSXN0sTM2NAy2SzNzNQ8zQjIMjddXJZatGBpaXFqStKhJRU5JTlNq8viQx3j3Rx9PX0ilzlnFOXnpq4AC4W5Bi02NDJYkl%252BUmb7IxXVxUUoaw6KS4lPBx1JdALGNKhs%253D"
.w55c.net/ Name: wfivefivec
Value: tyv4gR9o1RkFxR5
.w55c.net/ Name: matchadform
Value: 5
.demdex.net/ Name: demdex
Value: 91193110074607064314433725358967348715
.audrte.com/ Name: arcki2
Value: bd6-BnDf2xJQBuV6gwXbiWuRg!20220908!1704204903859!ip#45.141.152.74
.audrte.com/ Name: arcki2_adform
Value: 2680502003153585213!20220908!1704204903859
.dpm.demdex.net/ Name: dpm
Value: 91193110074607064314433725358967348715
.agkn.com/ Name: ab
Value: 0001%3A%2BesRjgGJg0Ec%2BArLSJi5%2FTCuhbL%2B80r7
.marchofdimes.org/ Name: _tt_enable_cookie
Value: 1
.marchofdimes.org/ Name: _ttp
Value: yNmvGXHUPyDvjnUdcr-1cUfvV9o
.weborama.fr/ Name: AFFICHE_W
Value: TICx2Dp8eTJM89
.bluekai.com/ Name: bku
Value: aG/99szSksDiqZ1T
.bluekai.com/ Name: bkpa
Value: KJy9/Qe5d02pSUHknp1p1p90wtkAwE/tme9N1e/y1e1hBE1NmeD01E1e9J0SYY1=
.audrte.com/ Name: arcki2_ddp2
Value: bd6-BnDf2xJQBuV6gwXbiWuRg!20220908!1704204903942
.www.marchofdimes.org/ Name: __stripe_mid
Value: 36466b56-a1d4-4ed8-9f0a-a1658ddd16b503eac0
.www.marchofdimes.org/ Name: __stripe_sid
Value: fbc808ae-ba70-4e2a-8fad-eeab7304ef6edb8110
m.stripe.com/ Name: m
Value: 75a493e4-e791-40ed-83e8-d5304b631f5548a73f
cm.adsafety.net/ Name: cache0
Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaMndMTmhiODJnR1VIeWFCbzE0TTVpSWJWL1pYTUxuOFJjVFl5R0ltZGl4Y0JOaXl0akx0bmxtZEJGd0I0SzVSOGh4Vzl4VXZJM0tlVmJaaUgxelB6TmwwMGkrUmphVi9Kc3N3dmlBU0M5emRPMXVjKzRuZk9RZG5xMklCcStLVHlDTXRxMzBMM1Y5eUs4c3luU0ZMTVYyeElyNGZBeUhnZWxQeUxQRjlxeHRnWFY4ZVVRVVprTUgwNldEdmIwVUNSZjVHemdPK2RUdUxSWGgzWkRKMUN3ZVVoSUlXRjZBL3dIU3Boa1ZGbjc2ak1xRzRyb2o0ZFRVVHBLZ2lvUGZlZWdnZkVFSjFucjR1Z3RqQ3VZYU1tNTAxRFNBRFd1a2Y0QnZXYUFuNStRVHU2cDJidnVrc1NLcm95dnhXQlV2cExFTkJ5em1PVDJXUFJOOE1tQlNZWnRRYTZCQjNzNXhQdUxwMi8yWDlLR0dDcTNReWxuK3ZEcmdFNURBMHBPd0NrdlIrL3lJbjR0MmNMMlc1UGh0MTNnSUllVDcwbC92V0ZMSldRVlY4cEpVWWNDVnNYNHE3U0kvSGFEdktSWnppTXEvbUdSVFgrMVJZSlVROVBhWnRyTnZmak5zUzU1bG1vUUNmeUR4SnRva2wyUUhuOHlwMTR5YjZVMWZpdittQ3YvaFlUREcrTkU4WHlmNW9Nb2FmcTRMWVBOSCtqdk85M2Y3L1ZLOUN1WFRSczB3bUpsT0h0eGVsK2IrMXFPbWY3bzh0OHhocVkyVWZMUkdKeFBwUXZmNlh5MEZMWlpVUXpBRittYlN5TGpJQWtuWThjQjhGb2FFcG0zMmNISkxZcSs1MUhPZXpkWmFXOEYwVnBTWE9IQjRudHdBWkdlNFhHeHYwSDhHdDhxV0xFaFZkVC94S2REUjM3dWIzSlVPa1R6Sjh2TElFZ0tJRzRVbUlCUERhQXhuSG1hT2p4U3ZNaEp1dkxUbVdMNFJtdWdSMm0zNDR6aUhYWTNDem0zU3JkZnRLdWtobGVmcFA0LzNyVThmcnBjR29xWGcxUGhJRUxONXRBWkUyTUc2dWI1eW9PbmpHR1hab0ZzL2F0VkZaNjN4b2JKL1BVSkIyMWsvb0NrNjIrNE09
.google.com/ Name: NID
Value: 511=YFkBwVz2IcZUQHk788263wrXvkhxfTWdOUte3__a8N2WBxwyE_Uxmvh7ASLfhFTylecHlGh8QYkIz6ypydcyrlV9dVg2SkqCxW367eoPqzJnvvWK4YxWdOXP5O-J3jQaog-rwrZShw8nnyZcTVrwqbjdA50VtvL0s-gjIl6Twuo
.media.net/ Name: visitor-id
Value: 3472065045428223000V10
.media.net/ Name: data-c-ts
Value: 1704204904
.media.net/ Name: data-c
Value: k-RbDzGdCueer5CDAfakdvj6CgWKRjEP2RXSfHmw~~3
.omnitagjs.com/ Name: ayl_visitor
Value: ccc0b43011255361bceda3da826743ea
.adnxs.com/ Name: anj
Value: dTM7k!M40<D>6NRF']wIg2E?kofwxf!]ta]8i_imf$9G=A^A/04GJ>e#!`rQDrf4+?`_QO9]yb4B?!!hTD4YQo5i@?nrTu!'N?YN_4R+n=mi5uJevfz=Cc0`g?.09(/0V9t_r0R5#I1V5l$l_!VZd!(Ed5b>w-/6Gj$dH
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-YP34OdCueer5CDAfakdvj6CgWKROQs_jU1C-ow%22%2C%22version%22%3A%22criteo%22%7D
.postrelease.com/ Name: opt_out
Value: 1
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%225345e2d0-a979-11ee-b321-1b40a7ab7144%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%225345e2d0-a979-11ee-b321-1b40a7ab7144%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%225345e2d0-a979-11ee-b321-1b40a7ab7144%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%225345e2d0-a979-11ee-b321-1b40a7ab7144%22%2C%22version%22%3A%22eu-v1%22%7D
api.hcaptcha.com/ Name: hmt_id
Value: 7dd4d298-cad3-4fa1-8a98-7948c1967d29
.tremorhub.com/ Name: tv_UICR
Value: k-uOCGI9Cueer5CDAfakdvj6CgWKT7ZR_AOM13kw
.tremorhub.com/ Name: tvid
Value: 55b01fb48a3341ae8069bb72e63e40cd

16 Console Messages

Source Level URL
Text
javascript warning URL: https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=283539858218?
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=283539858218?(Line 142)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
other warning URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Message:
Allow attribute will take precedence over 'allowpaymentrequest'.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network error URL: https://idsync.rlcdn.com/398366.gif?partner_uid=2680502003153585213
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2680502003153585213/gdpr=/gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html#debugMode=false&parentOrigin=https%3A%2F%2Fwww.marchofdimes.org(Line 2)
Message:
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-CBu0w5uiOaPgb2R6Zgf7E0+STJHF4lcPIdhZzQXE6yk='), or a nonce ('nonce-...') is required to enable inline execution.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-9XMjxb8jPgcBlA8xWL627M+LkEHKTdAzfKYr7k15aMg=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8832015.fls.doubleclick.net
a.audrte.com
a.twiago.com
a1.seadform.net
a2.adform.net
aa.agkn.com
ad.360yield.com
ad.doubleclick.net
ad.ipredictive.com
ad.yieldlab.net
ads.smartstream.tv
ads.stickyadstv.com
adservice.google.com
adservice.google.de
amplify.outbrain.com
analytics.tiktok.com
api.adrtx.net
api.fundraiseup.com
api.hcaptcha.com
b.stripecdn.com
bat.bing.com
beacon.krxd.net
c1.adform.net
cdn.cookielaw.org
cdn.fundraiseup.com
cdn.resonate.com
cdn.taboola.com
cm.adform.net
cm.adsafety.net
cm.g.doubleclick.net
cm.smartstream.tv
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dynamic.criteo.com
e.acuityplatform.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
exchange.mediavine.com
fndrsp-checkout.net
fndrsp.net
fonts.googleapis.com
give.marchofdimes.org
global.ib-ibi.com
go.marchofdimes.org
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
hcaptcha.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
insight.adsrvr.org
jadserve.postrelease.com
js.adsrvr.org
js.ipredictive.com
js.stripe.com
load77.exelator.com
loadm.exelator.com
m.stripe.com
m.stripe.network
match.adsrvr.org
match.contentexchange.me
match.sharethrough.com
matching.ivitrack.com
merchant-ui-api.stripe.com
newassets.hcaptcha.com
pagead2.googlesyndication.com
pay.google.com
pdw-adf.userreport.com
pixel.quantserve.com
pixel.rubiconproject.com
play.google.com
pm.w55c.net
ps.eyeota.net
public-prod-dspcookiematching.dmxleo.com
px.adentifi.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.stripe.com
r.casalemedia.com
r.stripe.com
redirect.frontend.weborama.fr
region1.google-analytics.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
se.semasio.net
secure.adnxs.com
secure.quantserve.com
sentry.fundraiseup.com
simage2.pubmatic.com
snap.licdn.com
sslwidget.criteo.com
static.cloudflareinsights.com
static.fundraiseup.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.crwdcntrl.net
sync.outbrain.com
sync.teads.tv
t.paypal.com
tags.bluekai.com
tags.srv.stackadapt.com
token.rubiconproject.com
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
ucarecdn.com
uipglob.semasio.net
ups.analytics.yahoo.com
visitor.omnitagjs.com
wave.outbrain.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.marchofdimes.org
www.paypal.com
www.paypalobjects.com
x.bidswitch.net
104.17.70.206
104.18.13.242
104.19.219.90
104.26.5.251
108.129.21.249
108.157.1.118
13.107.42.14
13.248.245.213
141.226.228.48
142.250.181.230
142.250.186.66
142.250.74.194
151.101.129.44
151.101.193.21
151.101.65.35
154.59.122.94
162.19.138.119
164.132.25.185
172.217.18.102
172.64.151.101
172.67.72.38
178.250.1.11
178.250.1.9
18.153.246.175
18.184.201.106
18.185.145.57
18.197.27.255
18.197.30.128
18.202.209.33
18.66.112.13
18.66.248.31
185.167.164.39
188.114.96.3
188.114.97.3
188.65.124.66
192.229.221.25
198.202.176.201
198.47.127.205
2.16.110.66
2001:4860:4802:32::36
216.137.52.57
216.46.185.182
217.79.178.233
23.213.165.149
23.213.165.82
23.32.185.35
23.48.23.185
2600:1f18:612b:4264:b711:868:5175:f82d
2600:9000:211e:1200:1b:5138:8a40:93a1
2600:9000:223c:b000:6:44e3:f8c0:93a1
2600:9000:224a:ee00:19:7d10:bd80:93a1
2606:4700:10::6816:4245
2606:4700::6810:3865
2606:4700::6812:82ec
2607:ae80:4::26
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:803::2003
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:811::200e
2a00:1450:4001:813::2004
2a00:1450:4001:827::200e
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c0c::5c
2a02:2638:3::e
2a02:26f0:3500:11::215:14dc
2a02:26f0:3500:16::215:1490
2a02:6ea0:c700::17
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.217.69.99
3.75.62.37
34.117.157.22
34.240.241.48
34.241.183.25
34.248.250.162
34.248.85.3
35.190.24.218
35.244.159.8
35.244.174.68
37.157.4.29
37.157.5.71
37.157.5.84
37.157.6.233
37.252.171.52
40.160.4.235
46.19.11.36
52.17.242.240
52.218.45.168
52.223.40.198
52.28.24.250
52.57.138.113
52.57.150.20
52.71.145.154
54.165.111.121
54.186.23.98
54.187.159.182
54.194.99.174
54.201.135.255
54.217.36.38
54.78.254.47
64.202.112.127
69.173.144.138
69.173.144.139
72.246.169.24
74.119.119.150
77.243.51.122
80.85.85.173
85.114.159.93
85.215.5.31
91.210.226.74
95.101.148.20
99.86.4.76
019696b175f8558a9f629b596b30b4715bf1219fbee3e3588dbacfb1582df84c
02c625cfac83e3e1ac2e4c8499ef93a9fab89624f8eac2726dabba4b5c983a19
02d8f5e03704768aa366ab03f03808f1e9ea6a7b18e2006febe0fb5b7e036a87
02f6b4d7801ed47f7e16c2352512a1b0783b6cfe2861cafe49f8d279dc67fdfe
06a1918709ba854bcfe97ef585a6cd91c56671b6d23c7ee5ed5177ad97e67243
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
0759fd6bed5370e4bc3c573dedceaeef9d7b64efc7343a10d0b147ac0b04ad53
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
0957f2df2668441e42e11bdf0a83fa2a01cb18e6e18a3dfcc8d54e6d535cac8f
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e
0bf7bc0004aeb0dc1b7bb23f128ac24f0302a776cd1950295bc6ffae6e990bf2
116448ff3191f74560d6d91c76cebc18ec741564aa62d5c6f8bdf8f611e8a2b7
1212e7abb6f32136c5d13b04e540ebe36e773a98acd627d5e56e466f685a0b49
14159b6c2c87e4f93e85bbc291392c68318b6c104e4963ca1f01dacb23aeef03
16b59918ab6733c57a8a7a9d6a1968d29e79df70c67909ddf241e029d0c15230
183d1f7f458dfc35496d9eb446598b1b96658ab4dc316b23cea4cd7bfcd4c8ea
18b65fdc6da2826c107418e5c689078ff47b54e7f2fc690546c33dbd3b343125
1bf8869d4866542f68769cf24fbfd8caa57c6d3c7943fa69ddcc43959baea566
1c2e62deea90ad8ea208037abde538d6100d5a3efce136c89e64a80c1b1c6b07
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1ded1815d04f8d9199091223c6862c3942b4cf3cca05a58370bc3b6ce271fe10
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a
217bb9abcec006a54c8584307d24baf9b1c59817bc39066473b585158ae49064
218b91569ad8f0a5cf1aba89f3957966ecffb7b5852ca25b709bd8f887a00c90
225cd565a241fd2329d7fbdc32be0c9d94ac4692b5f9b507454604980a418c70
23098142daf44c1cb7d244684146fb6ecb0568274118ae3f62cef67034551ef2
24049fb41335d87d82a9faea10cf9aa2a0ef868037667b029d2953a940cdf67b
25c3a3c0aecc1c3cdb989b17c48a9a75970beb6343e0df0c2651ba5eb75c900a
26dd3e70c1aa731ac4c5a27ac65c200ceb2756eca0ae5862e8fab8b7d4985dd0
276867c5c3ce0b2f35e900e8e9c73fa7dc25a53802bb365f2d20642fd253f79c
2972ea87cd5c4adceba0baf8d735c0dae6512fd7bb276586f5ef9b707b2cde92
2a79623b8606d1583bada494ecdaac61b10440ba7a0da23185892f9d86f172dc
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aa9b0ccf31fe34e187c3b09bec7e9d8fccdeb48a5b2223d9f80df2a8790a6af
2ac93c14f7863cc7b7df8e279a534c4940cae9a66ae48192761c6b7c5986eee2
2ceee682f306a64e8cf1b48d513f71a81dc852709cf2b36b3d9b3719fac0b0fa
2d414e5f00e69a14d9e552014d9f932df7c40b618b2904726170fb689ef8fe87
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
301850f8ca8b8c106497210d9d78aa7b4e1339f42f01aebff119f7f633984966
319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7
31c9ef99aae6896ff764e44f3cc121359d2a42dc49389a16a8b236f6e8aacfca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32c2ce3fc3f9f303fb23219d570a67d0c55951c3f6c81b25e440ba6fb68e60d9
33111c5d00b2e2e4e89f17402709ba30a1563e8c4d2fa93cf5756b44c7d1ee97
337738b644c1b01e37308c9026995b63c20387f9bc8f219cb99f72eb3b23f35c
33be45627e0bda644a1d0643a7280f360a19ea9828bb42cce194242c82d83067
3434341bc5789ddd47209c50a7d4fef3127d5bfb368fcefcf890376cbafbe7d9
34c58bde64c15dc80720af1ff23bb3a8fa1cafe29ebc63a3a7ee73c9e7506d0d
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
368dd7da190a6dab28436caf13245f59879fdb08fb07f4bf0b9e5f6b6e4fe7d2
3733cd418a66d16dda6610fc91763df7f3ed71ffbffd8b158bf152b6d7d2f47d
377a6ada8b0adaf4e37c51a736bda1e6a66e2339322ce58193e81d5909ee2fb3
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
3a06c60d0bdaeba9a685c6b98ec4108e8358606ae608bc2866b3873ba36e8be5
3de7a0f6d4d192cc931ffc60dcd9c41cf823614d8fe3264c7553611853a2dc52
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e5491f0442ae347cf0cd5454766748ab8ad9eb41d5d6ceb8f70dd85f6fb8682
3ed0a4e695771f9903b95ac84166dbb8b89a5f6ead020bdba7fccce3d082e2f8
3eeaf7446956d4f52db0d9d320988723bec23129315a8daedf665bab334d6b21
40f7997ff37aac676d939dbdb0d33f6381fc5b66de4e4c79240e6e9503b14c15
413e38836dfb0157ba879c8ee095223bc38d8f9f6013c7180f6b7e2f1ac67dcd
420a436e0e9e1c48a2f9ce50b59fdb2b805d0274cc20fa569fd1726c4dbf90e9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4471ccb98d7627f19e1fd997e5562b4be936baf86b6597eb63330c6843fc59c1
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
46ffa27a716a55780501f5d6711c054bdb1772174f1076dc0e49dee9b00648e9
47a019a4a25f09f59e801a8b3d77f63a3a975a4c763f8430defa7987e14d7d64
49e6f18090a8c3b811e5d7d50a1cd9e83272f1ecbea95624373950070500a90d
49f3bf3e609dc87987f4d43c5a3de035a8e2824270c190bcd3c3d8fcb336e843
4a09785907e6dd874be6c58333d20ff33ee92af1b7ce619ce2d7b9689a3c34dd
4aa2fdddfcb25552a1713673a954bc864de1a7b22dc0ebe664fe8ddb6bcb21ee
4b57a6d97fc4340e01339086713fe15bc8c6bace25a8fa8b8682558c953c444a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bc9b49ae6ec81de78cb07234ba748e5f186b819079eca3e7e82db4690641275
4c73ae3eda72c7eef8b13c75031180df1d81626dec2a68a846094d697fec3546
4d663da5e7f6fe773fda5fe642d04a71cd988f1132b343edb5be914d44a1f534
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e7f6cd883b421b03d88891e93891fc89bd7e4cde0266009f72250f0092302aa
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
517aa5c6549c92ef5244d8e9df5d662310d50ca9419b12b9157e67ff640be3b8
52142e0671ba7294da28434e2a92636b8848c1fe284fe09543c4e8f7e4716d11
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55313e0a388dab4e3bfe886a34c5cf0c45eb7275135a9f82f86fdd03d88916bf
55934d27fdb4a14ddc59cac40e940a9c8100acc76c156e9be5f3b9c0dff6569f
564997debc20f446a4f38720248e1dbaaaa15ee5e40de23c946a0af7aadc6b47
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5893e11c04dbbaf829f310b902a09471aec49d8ac6a87235835c50741ea3973f
5ab11304d671d352bac6554d49fffd0f81d7ed1bced6bdf9c021e6e0fa538494
5b17a420163b181948e21b8a69880c8f8098f369084006bfa920b62194ff3c81
5c59ef454d9efb9e84d00813b6fc66b4c57a5ad1a2c99e4a76a17bd016515afb
5cc76e7f5b027b2566d97e2701af7b605a376c4a0487302d2634bbceb67eb349
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fbdec47eb761902c4f7d14ccd5a3b97bbaca6a18d485482157fff7f97684d3d
5fda46ad6de82ed65908428f090ab3cb24da2b2ab22e3f19e2713e94eecdc907
6109a9264c6bb75eaf69d45fd3fc6f193794adac940245584a014c10d334dda5
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6304ca07d33fa966939847acddaf96bb7f3b5d0a926e2122882bfc30a902c266
642c3f67dbc0d646b7d2508b081e0a6040a7be94478f0cd6d2a6de21f5d11ed7
642d50bf95258a7181203326b05c08982dc5298ff21982594594a2ece141bed8
6432a66c7d8240059ca76b571620dd0f54b4d3a5dc05fccf8cff7c8304bc9493
67babd89dd5d6e783cbe7ba05cb7d77c2c3ab7bb0b3ba87b185b391a21e8cc35
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
69c942423058ca7c0d54a661d67cded9d06b9f030dd45e434bcc72cd150e7e92
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b1dccb5a273ea2fadd2437f76d7e4b897e7c5f461f52c0b72cc7e74db13cca2
6c6ce6a7e1bb9ada5c4a8b610ba65fc15909dc253e56ff1f1056dd1e337e1e38
6cc4700b8677a899840ce32bc6c1b5d5405e5d7f2e14a338ed95e4fe40a2bb96
6d306437df8643d2e681cd08ac00ce27fd97bed7bcd76162ce4ecbffc631ae57
6d72fa0f78c80b1874d3ee4aadf43d973edc442a65fef83d37e684ac559893b7
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6ec65ff8562887c03245269b73d1ebb60f6f619d9bad49c6ce2c956e7a0826f4
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
7176a2935514018f4c12a99dccc108407f9f4bdd7c1be1a097cbec7a90fb7542
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
732b65d05835e912a6f475e5ed7a1f964b3a1bbf780291aac50685c5e0933e18
75c911d121bdba9548b91e8a057bfae7edbebe988a7423821fc7d4c090c64b92
7a5d1a8956ee3f319edea53bf11ba07988f8c6a0b6204633cee6a41b4b216127
803f9665533b781ac3abb157ba32b9a1f48d3b7a30bada354656d4b89be22610
8166e6a7d3fe9fdc26b2f8a0bff105a647c884e550c57225b9cc660d0be6b278
81cde3f01b38120a310a1511896c42f68a46f83b6a5ea874ca447de65563cdc2
82fc02af46ba3ab5b7bc46bc74c979c125eb281b4482036d29ce292c4981ca06
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
864c2ad0fb270ab2c2fa0278f4a67a052bd3e9df755a285436e7c5ed6a417e20
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
89d7c2137f86ae88ccd80e5845906c4204c193a9363567695362828d76b59092
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a9b9ab0090d0af05a2d3de6403571e42901f63751cd69caf21fa3f5e51ddd69
8b21363e68e52f1ba52f2f292a183e39f00372c248ecfaf0c5c1fa671ff46a00
8c539677a5fa924b3f663fbe2026616c64bd4080701b43c04e6489f9d31ccb87
8d375fb8f67575a449606683fc8be339674f03ff2fee1c42e632564d0b207c3b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e758310065d56c81731fadefacd48f77fe962456070bcd42b4fab78e044a69d
8eeb23a1dcd42802d5d861556c6ae4848a05fd28cd22bb8ed884015b62eefd9e
8ff1429e590e1fd99f09c3b527d524e18ea2abfd8aa8f01a052be5cd38942f1f
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
94e1d0163862d77a8e2776d58ccdc2ea1ce6f7149af2bf0ec7091a027a7151ac
9516e1c23610840cf3f86fc18968a997a2af08e5f42e0093013f0836285d30bb
98b2231b86974817ee296cd79e82374ecaae68b096638100e4bdd0b0386a2997
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9e8417dbf5f2215e91aed66fd3f0e619149f1f2dc3519977f4c663061a9759eb
9fb218a2b6a039eaf89cbd37cd1555bc0f0398efdffde33a410990feda30a3c6
a03c785037ad1b5e421dd7d4335f1f697c0ab24f71aa14e49e632679b4112299
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1571d86b8170f5143bc5696c881e5314244228cc2451696f383bb1080af84b2
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
aa3bb87e6bcd646df247557102694c4a4b035fb75d5773e7549858a17f8d3549
aa4f6cfbf87befc125843523e2dfe029009376cb8f5d590cffbc1bb267dd69ce
abca992fa4e621e1b432acbd7111a6c3561a508229e1ae32873531feb1d24a17
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
ae4ad442fdfac1ade543efd816459a6dfba4aeb6583e6e8cc17aee1dfacb65d4
ae885067159b6a4c7f153446d01bd1e0405d0acd180089840397091758a42695
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b20d59f253b64071fbf66fdb532ab7de85010449846016eb6697b131c3c33b0c
b3d47ae3412cfab8873f856540401242f2da0e37077c0839b5e33925d36183e1
b410913850321efd333e39ddf1a5d49a433b29721126ec6d785f8f039e98bc32
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b596c15fc92d124e18473ffa1d9529ea88cf1918efa33f00447fee4113a68338
b6f7b94fca4a1e7bc2072bfb8b7f71d1223fa2aeed41f824e31a7e4e1ccec299
b73c2239b5b0ae6e051cb135734dc2101aeaf9032dd6b2c29ce9679330fc0bd0
b81f50d6d819dd6d6aaf0cb6402329f0479c734ad2f0918eb9f8366b66f78c83
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
b8ed853b36c4dc92516cbfaf82950d74ae2f8759a7a90aae0ab94b5ed4bf813b
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2798b8ec3b2526abc17688ce317cf0666ff92bddeb2c50c804e095963e126c
bb83ac4c1a72227dd5036318370e6523f7a06d0e9f791efb6f6fe34b22621ce5
bd29a647861ba682b1d6e524ba2b764ee0ffae8c593c279b091eb470cdcbf306
bdfc2ef4424cdeae10371dfdc5a2b09e3ef452854a8592edf70c1e7e1466a3c4
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8
bff4e5a01e8dd93a69abd5a5531d53cd891f65134c552718134e0adeda2be295
c09f9bc171c32544001b130b5ed1f7f2e2b8c1ac817823452288bc678afc57e6
c0c067d3512326ee1d73cce9dccbb1bb59c24b279df3ea650ddf80578182bda6
c0ee34fcf7db9c8bc2412f47c264d8de575c2d477198cabc635ba538ddcd77f0
c1f92dcc7494187b5787cabe4834de25f4502ff2aa4228956b919785118df04d
c3c193a2e64fe803deba1f8c52fbec46e6a2089c546d8b18dc1f9a56ec4ca692
c50703a9859028e070c5ba54517ac39c873fcfc5015907f5dac21c78648ccbdf
c5f029e7d120c7bdaa60a171dd9d6dc1e7c5709bced861bbba31dc54f59510e4
c91d4a23e0001862471bd7f67ca563d90b10f95d32b6f0af3874ef27d399388f
c963fd1212d60ca1c683bccb3c3ace830cdedc1dccf7256c112a9708f9e7cf88
cb48d9e8351750646223a61d5868a0eda7972e2ea278c69677577300810b0ad4
cb6f9e60e6bf41a5af731690552807e6e4ca7be8994fd8804b9cf15592d3ef5c
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
cfad4b4f0465f07e02061b695a232fab34f9cc28d7b8fea62b6c644a2abc8847
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1802297dea21b3e6a860ccb64dac092312598f1743b8b6b9dd6c30adb4bfe45
d30717f2e8dc64c231e7f24843ca4ba6c9076d5e838b08e4d6efc0ee66b9f9c6
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d3f7e24515a6e8e17332b556ae1a433f0b6e00cdaea90167be98c2734b0049a0
d4660c763169716a38ee1153d2cc4eca87ca421195d67bd89ea964b10bfbacac
d593f238db22d6ee7dab5bb51ca650974d71bd20c67a76db3f011942d8f91029
d677a40759751e1183da07b77b0db15a2f93c18d576acee25de76ff0b5721b34
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81
db2fe02b994fdded9fe3acc3f595150e738f4a0c34d9a41e76a6627be26b5352
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df9d8e18a3cec3afcf01338e9a26209eeb89e3d0eaf97f0d5298f039776ffc8a
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e2717d806962fe1e4c9810ca869fb82c8bbd86638ca6787d01ff8c947c20df3c
e2a900b2a6524b9f6a640eddeda6e045bea4aff194c9203ea660e6db5743b69b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c8fe4ac56ac1f536ba88f1283c274214c3f86b02310e80d705740c49c4e993
e46de8ce43bbbc4282b65b9805f4f7c462f812ce23b615379b468beb09a989a7
e4a34dfb89703969c90a5d415cd197b4f57bfa19ce73cb038aded283cf05a22a
e50d15896eb602b52225697467a0e13195cddd10423d86ccafc7598f8a6a6111
e7e7f216e2add2e5655784665bea48f8efed39c8be96c40782b3f0cf84df6bbf
e8c93ef021764cd1c709a63b70e5b23281c9b91be48b79313b900ea114b1765c
e944de09b6e048d89b1dff57baf718b2ac1dc0d273e55560decb4c82cc828c8f
e9719b638317091bed0ab518c0ef99c5dbf1a3083d8b481673d376c47b3da124
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
ebd6d32400095fb406e63e748a6a8451eb6cdefc0f57d5f3217de10fdc57b416
ecfcb4ac1fc57085f8dc35d689edfc42ed902d331ff5a08b316203a366035300
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed65c6a123ede5d87c2988f03538d507d12ee74c0f0bb39e2fb7efbef279236f
eefe1e7d99ab4810bfb479ff54c275efb459b6ae9abfebfd221c4a518ead27d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16ade3e5da5d485764a1d4ca2aa3f94f757b785195b04d391de88680adf76ea
f1b69ed532f7817296e305991e48085d9622448234c3fc00876e627a4605c2c5
f300f66c1304e23bfc15a23908129f0b10ff24c89f5a2727bc52735acda82d57
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
f4df36e15df2960947ccc39a9e1e22e3656b0855b5c48af6b773a4d86dfd4dcf
f55809ae21d5dcfb8a6e01596d12eb88c0630f7e0aeff4c285b981df7864aed5
f8cd06506717ca4b233b2fd62746d5a39c9230b4ea3c4bb56206edf928ed8d05
f8e7a944adcb9d32eaf4e2f6e85cb7d1f9029b74de22ad7ff2d46ef82b189c95
fbfcec286e36b8f4223b247ba7988be0fa69dbc6938fb81707f84d3993663d98
fc3a41aaf9de8dcdbb1aa7c552942868390ff131f4ae48acd79df9d5a7ff996f
fc55855c62e6c45d94a47288f04f024964b0de27359245afa41c98f3fe5e2d19