www.lls.org Open in urlscan Pro
54.83.53.190 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://click.e.lls.org/?qs=15dd36d7324431a9b4e335ae2283f1531133ee1821aefa950bd543dcde4f92e63c7876ec79acd7111a14edd708c5...
Effective URL:
https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&...
Submission: On August 30 via manual (August 30th 2023, 3:37:42 pm UTC) from US — Scanned from DE

Summary HTTP 314 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 67 IPs in 6 countries across 49 domains to perform 314 HTTP transactions. The main IP is 54.83.53.190, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.lls.org. The Cisco Umbrella rank of the primary domain is 207793.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 19th 2023. Valid for: a year.

This is the only time www.lls.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.180.223 13.111.180.223	14340 (SALESFORCE) (SALESFORCE)
20	54.83.53.190 54.83.53.190	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
10	18.218.75.13 18.218.75.13	16509 (AMAZON-02) (AMAZON-02)
1	104.22.55.118 104.22.55.118	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2 4	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1	52.222.208.154 52.222.208.154	16509 (AMAZON-02) (AMAZON-02)
1	65.9.78.118 65.9.78.118	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:440... 2606:4700:4400::6812:2412	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	44.208.176.114 44.208.176.114	14618 (AMAZON-AES) (AMAZON-AES)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 2	54.144.30.117 54.144.30.117	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2 12	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:ac00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:220... 2600:9000:2204:3c00:a:84d7:f480:93a1	16509 (AMAZON-02) (AMAZON-02)
18	2606:4700::68... 2606:4700::6812:c55f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	23.38.98.112 23.38.98.112	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
16	2606:4700::68... 2606:4700::6812:7c49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	40.114.177.156 40.114.177.156	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
35	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
4	3.20.118.146 3.20.118.146	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:480... 2a02:26f0:480:f::213:7edd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.222.139.19 52.222.139.19	16509 (AMAZON-02) (AMAZON-02)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
5	2600:9000:225... 2600:9000:2250:c00:2:8531:afc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
1	52.222.236.63 52.222.236.63	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20e... 2600:9000:20eb:fc00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	20.231.53.73 20.231.53.73	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.143.247.24 52.143.247.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1	13.32.121.78 13.32.121.78	16509 (AMAZON-02) (AMAZON-02)
19	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
1	52.222.139.101 52.222.139.101	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
49	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:25e... 2600:9000:25e8:3800:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	44.238.101.88 44.238.101.88	16509 (AMAZON-02) (AMAZON-02)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
4	162.247.243.29 162.247.243.29	() ()
8	2a00:1450:400... 2a00:1450:400c:c04::5c	15169 (GOOGLE) (GOOGLE)
1	52.30.58.64 52.30.58.64	() ()
1	13.248.139.42 13.248.139.42	() ()
24	2a00:1450:400... 2a00:1450:4001:81c::200e	() ()
314	67

1 13.111.180.223 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: click.e.lls.org

click.e.lls.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 54.83.53.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-53-190.compute-1.amazonaws.com

www.lls.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.218.75.13 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-218-75-13.us-east-2.compute.amazonaws.com

tgbwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.55.118 (None, )

ASN13335 (CLOUDFLARENET, US)

widgets.guidestar.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.198 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f6.1e100.net

8977078.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.78.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-78-118.ams1.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2412 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

action.dstillery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.208.176.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-176-114.compute-1.amazonaws.com

media2.legacy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.144.30.117 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-30-117.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:ac00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.143.56 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2204:3c00:a:84d7:f480:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.dev.shift4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700::6812:c55f (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prod-frs.content.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pay.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.38.98.112 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-38-98-112.deploy.static.akamaitechnologies.com

aa.trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700::6812:7c49 (United States)

ASN13335 (CLOUDFLARENET, US)

givenow.lls.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.114.177.156 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api.duckduckgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.20.118.146 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-20-118-146.us-east-2.compute.amazonaws.com

widget-backend.tgbwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:f::213:7edd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-19.ams50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

files.doublethedonation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2250:c00:2:8531:afc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.transcend.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:fc00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.231.53.73 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

q.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.143.247.24 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

htp.tokenex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

js.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-78.fra60.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-101.ams50.r.cloudfront.net

static.tgbwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:25e8:3800:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.238.101.88 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-101-88.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.247.243.29 (None, )

ASN- ()

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400c:c04::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.58.64 (None, )

ASN- ()

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.139.42 (None, )

ASN- ()

api.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:81c::200e (None, )

ASN- ()

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	stripe.com js.stripe.com — Cisco Umbrella Rank: 1355 q.stripe.com — Cisco Umbrella Rank: 8608 m.stripe.com — Cisco Umbrella Rank: 1292 merchant-ui-api.stripe.com r.stripe.com	916 KB
47	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 3238 adservice.google.com — Cisco Umbrella Rank: 105 pay.google.com — Cisco Umbrella Rank: 2833 play.google.com	924 KB
37	lls.org 1 redirects click.e.lls.org www.lls.org — Cisco Umbrella Rank: 207793 capigw.lls.org Failed givenow.lls.org — Cisco Umbrella Rank: 312352	746 KB
35	gstatic.com www.gstatic.com fonts.gstatic.com	1 MB
18	classy.org sdk.classy.org — Cisco Umbrella Rank: 60085 prod-frs.content.classy.org — Cisco Umbrella Rank: 57844 pay.classy.org — Cisco Umbrella Rank: 63285 assets.classy.org — Cisco Umbrella Rank: 67492	1 MB
15	tgbwidget.com tgbwidget.com — Cisco Umbrella Rank: 794298 widget-backend.tgbwidget.com static.tgbwidget.com	2 MB
11	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 8977078.fls.doubleclick.net — Cisco Umbrella Rank: 319495 stats.g.doubleclick.net — Cisco Umbrella Rank: 87	9 KB
7	google.de www.google.de — Cisco Umbrella Rank: 6457	1 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 900 q.clarity.ms — Cisco Umbrella Rank: 7774 c.clarity.ms — Cisco Umbrella Rank: 1455	27 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	541 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 365 www.linkedin.com — Cisco Umbrella Rank: 625 px4.ads.linkedin.com — Cisco Umbrella Rank: 6371	5 KB
5	transcend.io cdn.transcend.io — Cisco Umbrella Rank: 5560	141 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2547	42 KB
4	nr-data.net bam.nr-data.net	2 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 374 c.bing.com — Cisco Umbrella Rank: 236	14 KB
3	trkn.us 1 redirects trkn.us — Cisco Umbrella Rank: 2256 aa.trkn.us — Cisco Umbrella Rank: 31490	1 KB
3	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1489 insight.adsrvr.org — Cisco Umbrella Rank: 589	3 KB
3	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 327 s.amazon-adsystem.com — Cisco Umbrella Rank: 310	10 KB
2	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 386	42 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1413	18 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 83	67 KB
2	braintreegateway.com js.braintreegateway.com — Cisco Umbrella Rank: 9116 api.braintreegateway.com	52 KB
2	doublethedonation.com files.doublethedonation.com — Cisco Umbrella Rank: 77492	141 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 727 script.hotjar.com — Cisco Umbrella Rank: 906	59 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 760	6 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 41	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	239 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1240 pixel.quantserve.com — Cisco Umbrella Rank: 928	10 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 169	170 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 149	4 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 733	30 KB
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 14064	43 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 875	3 KB
1	tokenex.com htp.tokenex.com — Cisco Umbrella Rank: 32701	5 KB
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 881	374 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 954	7 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 742	395 B
1	t.co t.co — Cisco Umbrella Rank: 577	376 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1523	637 B
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1344	8 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 758	15 KB
1	duckduckgo.com api.duckduckgo.com — Cisco Umbrella Rank: 415586	2 KB
1	shift4.com js.dev.shift4.com — Cisco Umbrella Rank: 820412	63 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1136	2 KB
1	legacy.com media2.legacy.com — Cisco Umbrella Rank: 382329	77 B
1	media6degrees.com action.media6degrees.com — Cisco Umbrella Rank: 9299	231 B
1	dstillery.com 1 redirects action.dstillery.com — Cisco Umbrella Rank: 8268	225 B
1	guidestar.org widgets.guidestar.org — Cisco Umbrella Rank: 35578	4 KB
0	merklesearch.com Failed cdn.merklesearch.com Failed
314	49

	Domain	Requested by
37	r.stripe.com	js.stripe.com
24	play.google.com	www.gstatic.com
20	www.lls.org	www.lls.org
19	js.stripe.com	cdn.transcend.io js.stripe.com
18	fonts.gstatic.com	fonts.googleapis.com www.google.com tgbwidget.com
17	www.gstatic.com	www.google.com www.gstatic.com pay.google.com
16	givenow.lls.org	www.lls.org givenow.lls.org cdn.transcend.io
14	prod-frs.content.classy.org	givenow.lls.org cdn.transcend.io www.lls.org prod-frs.content.classy.org
12	q.stripe.com	www.lls.org
12	www.google.com	2 redirects www.lls.org tgbwidget.com www.google.com www.gstatic.com
10	tgbwidget.com	www.lls.org tgbwidget.com
8	pay.google.com	js.stripe.com pay.google.com www.lls.org www.gstatic.com
7	www.google.de	www.lls.org tgbwidget.com
6	www.googletagmanager.com	www.lls.org www.googletagmanager.com
5	cdn.transcend.io	givenow.lls.org cdn.transcend.io
5	googleads.g.doubleclick.net	2 redirects www.lls.org www.googletagmanager.com
4	bam.nr-data.net	www.lls.org
4	widget-backend.tgbwidget.com	tgbwidget.com
4	8977078.fls.doubleclick.net	2 redirects www.googletagmanager.com
3	m.stripe.com	m.stripe.network
3	px.ads.linkedin.com	3 redirects
3	bat.bing.com	www.lls.org
3	www.google-analytics.com	www.lls.org www.googletagmanager.com
2	js-agent.newrelic.com	www.lls.org
2	c.clarity.ms	1 redirects
2	m.stripe.network	js.stripe.com m.stripe.network
2	pay.classy.org	cdn.transcend.io
2	www.youtube.com	cdn.transcend.io
2	q.clarity.ms	tgbwidget.com
2	files.doublethedonation.com	givenow.lls.org cdn.transcend.io
2	www.clarity.ms	www.lls.org www.clarity.ms
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	fonts.googleapis.com	tgbwidget.com cdn.transcend.io
2	www.facebook.com	www.lls.org
2	adservice.google.com	8977078.fls.doubleclick.net
2	s.amazon-adsystem.com	1 redirects www.lls.org
2	region1.google-analytics.com	www.googletagmanager.com
2	stats.g.doubleclick.net	www.lls.org www.googletagmanager.com
2	trkn.us	1 redirects www.lls.org
2	insight.adsrvr.org	www.lls.org
2	connect.facebook.net	www.lls.org
2	www.googleadservices.com	www.lls.org
1	api.braintreegateway.com	cdn.transcend.io
1	merchant-ui-api.stripe.com	js.stripe.com
1	c.bing.com	1 redirects
1	code.jquery.com	cdn.transcend.io
1	assets.classy.org	www.lls.org
1	static.tgbwidget.com	tgbwidget.com
1	cdn.plaid.com	cdn.transcend.io
1	js.braintreegateway.com	cdn.transcend.io
1	unpkg.com	cdn.transcend.io
1	htp.tokenex.com	cdn.transcend.io
1	px4.ads.linkedin.com	tgbwidget.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	tgbwidget.com
1	static.cloudflareinsights.com	givenow.lls.org
1	analytics.twitter.com	tgbwidget.com
1	t.co	tgbwidget.com
1	script.hotjar.com	static.hotjar.com
1	alb.reddit.com	tgbwidget.com
1	www.redditstatic.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	api.duckduckgo.com	tgbwidget.com
1	aa.trkn.us	www.lls.org
1	pixel.quantserve.com	www.lls.org
1	sdk.classy.org	www.lls.org
1	region1.analytics.google.com	www.googletagmanager.com
1	js.dev.shift4.com	tgbwidget.com
1	rules.quantcount.com	www.lls.org
1	media2.legacy.com	www.lls.org
1	action.media6degrees.com	www.lls.org
1	action.dstillery.com	1 redirects
1	js.adsrvr.org	www.lls.org
1	c.amazon-adsystem.com	www.lls.org
1	secure.quantserve.com	www.lls.org
1	widgets.guidestar.org	www.lls.org
1	click.e.lls.org	1 redirects
0	capigw.lls.org Failed	www.lls.org
0	cdn.merklesearch.com Failed	www.lls.org
314	80

This site contains links to these domains. Also see Links.

Domain
givenow.lls.org
careers.lls.org
www.llsform.org
impact.lls.org
diy.lls.org
www.volunteerlls.org
secure.everyaction.com
www.amazon.com
smile.amazon.com
www.thegivingblock.com
www.gemini.com
cloud.e.lls.org
www.llscanada.org
www.facebook.com
twitter.com
instagram.com
www.youtube.com
www.linkedin.com
www.charitynavigator.org
www.causereports.com
www.guidestar.org
greatnonprofits.org
www.charitywatch.org
www.onecause.com

Subject Issuer	Validity	Valid
www.lls.org DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
tgbwidget.com R3	`2023-08-22` - `2023-11-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-23` - `2024-06-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-08` - `2023-09-06`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.legacy.com Go Daddy Secure Certificate Authority - G2	`2023-06-08` - `2024-07-09`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
quantserve.com R3	`2023-08-12` - `2023-11-10`	3 months	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
js.securionpay.com Amazon RSA 2048 M01	`2022-10-13` - `2023-11-11`	a year	crt.sh
classy.org Cloudflare Inc ECC CA-3	`2023-04-03` - `2024-04-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
cert1-prod.aut.a24365.net R3	`2023-08-28` - `2023-11-26`	3 months	crt.sh
givenow.lls.org Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-19`	a year	crt.sh
*.duckduckgo.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-11-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-25` - `2024-02-21`	6 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
snie5b5gl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-17` - `2024-05-17`	a year	crt.sh
transcend.io Amazon RSA 2048 M02	`2023-06-20` - `2024-07-18`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2023-10-15`	6 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
api.tokenex.com Go Daddy Secure Certificate Authority - G2	`2023-02-08` - `2024-01-12`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-08-19` - `2023-12-10`	4 months	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2023-03-09` - `2024-04-08`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-07-31` - `2023-11-30`	4 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-08-01` - `2023-11-02`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-31` - `2023-10-26`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
api.braintreegateway.com DigiCert SHA2 Extended Validation Server CA	`2022-09-07` - `2023-10-08`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
Frame ID: 30929C36FA508591D75AAA493D3CF4EF
Requests: 71 HTTP requests in this frame

Frame: https://tgbwidget.com/?charityID=135644916
Frame ID: 8E464ED7C6492514CDA23A94C986F432
Requests: 47 HTTP requests in this frame

Frame: https://8977078.fls.doubleclick.net/activityi;dc_pre=CJuo5qfbhIEDFcK9nwodCIUCag;src=8977078;type=allpg;cat=allpgst;ord=3028716704816;auiddc=1244355439.1693409857;u1=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252;u3=;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252
Frame ID: EF7ACAE47F4C76898208FECC2AA79E4A
Requests: 2 HTTP requests in this frame

Frame: https://8977078.fls.doubleclick.net/activityi;dc_pre=CJus5qfbhIEDFaoFaAgdV-YHag;src=8977078;type=allpg;cat=allpgun;ord=1;num=7846738406162;auiddc=1244355439.1693409857;u1=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252;u3=;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252
Frame ID: F8D2126B1BFD7A9252BBF8552099B045
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?pid=929accd0-a3ae-4970-be69-076876794af5&event=PageView&ts=1693409856676&dcc=t
Frame ID: 3C30626BE2AC198882A674EBC28944C1
Requests: 1 HTTP requests in this frame

Frame: https://givenow.lls.org/give/390400/
Frame ID: C642AD79E417C30CF88489B678C590CE
Requests: 58 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ&co=aHR0cHM6Ly90Z2J3aWRnZXQuY29tOjQ0Mw..&hl=de&type=image&v=0hCdE87LyjzAkFO5Ff-v7Hj1&theme=light&size=invisible&badge=bottomright&cb=owc80scxiey
Frame ID: 1A797B9ACF88632D57611822A1F106AB
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ
Frame ID: B1F84C4EEBC1891FADA61961393F8C78
Requests: 11 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: C55EE926C511675EA71AF2B1A4DA5B5A
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 4421B168E8F3A85FAF59E47C239154A5
Requests: 6 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=nvtufgc&ref=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252&upid=r20lbgl&upv=1.1.0
Frame ID: 4D8F418C370998AF18158695B4AD0BB3
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-4da4524a5fa6b6e21718aad8cf2e8e34.html
Frame ID: CE673C6A34DBDD6C4E046DB1221CE658
Requests: 43 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-eaf0a50ed05c72394aac24b3203f1851.html
Frame ID: 080AE007B27248F9F533ED735BFBF13A
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-6ed49e0a89ebafd68251dfe0172dd59c.html
Frame ID: 9C08AFC78209DC6698649E1AA14502DA
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-eaf0a50ed05c72394aac24b3203f1851.html
Frame ID: 620AF1BAF409077017143BC613904263
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-6ed49e0a89ebafd68251dfe0172dd59c.html
Frame ID: EE6C5911FBD62912277AF1A5A26D3D79
Requests: 5 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 08F4CCC1CF2B6E0F02C4A7CEBB74E52E
Requests: 13 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 95FAB8171FF91B9EDDF149BF56F8E189
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate Cryptocurrency | Leukemia and Lymphoma Society

Page URL History Show full URLs

http://click.e.lls.org/?qs=15dd36d7324431a9b4e335ae2283f1531133ee1821aefa950bd543dcde4f92e63c7876ec... HTTP 302
https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+R... Page URL

Detected technologies

Braintree (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.braintreegateway\.com

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

314
Requests

97 %
HTTPS

49 %
IPv6

49
Domains

80
Subdomains

67
IPs

6
Countries

8345 kB
Transfer

26518 kB
Size

54
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://givenow.lls.org/give/390400/#!/donation/checkout
Title: Donate

Search URL Search Domain Scan URL

URL: https://careers.lls.org/us/en
Title: Work at LLS

Search URL Search Domain Scan URL

URL: https://www.llsform.org/ho0999SER/qm43km6adu/index.html
Title: Apply for an Academic Grant

Search URL Search Domain Scan URL

URL: https://givenow.lls.org/give/394054/#!/donation/checkout
Title: Donate Online

Search URL Search Domain Scan URL

URL: https://impact.lls.org/
Title: Wills, Trusts and Annuities

Search URL Search Domain Scan URL

URL: https://diy.lls.org/campaign/the-leukemia-and-lymphoma-society-memorials-and-tributes/c441759
Title: Create a Tribute Page

Search URL Search Domain Scan URL

URL: https://www.volunteerlls.org/
Title: Volunteer LLS Portal

Search URL Search Domain Scan URL

URL: https://secure.everyaction.com/WifpRVArKU-wTPxQUj2BBQ2
Title: Sign Up to Be an Advocate

Search URL Search Domain Scan URL

URL: https://www.amazon.com/LLS?pldnSite=1
Title: Shop

Search URL Search Domain Scan URL

URL: https://smile.amazon.com/LLS
Title: LLS Store

Search URL Search Domain Scan URL

URL: https://www.thegivingblock.com/
Title: The Giving Block

Search URL Search Domain Scan URL

URL: https://www.gemini.com/
Title: Gemini Trust Exchange

Search URL Search Domain Scan URL

URL: https://www.thegivingblock.com/faq
Title: The Giving Block's FAQs

Search URL Search Domain Scan URL

URL: https://cloud.e.lls.org/emailsignup
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://www.llscanada.org/
Title: LLS Canada

Search URL Search Domain Scan URL

URL: https://www.facebook.com/LLSusa

Search URL Search Domain Scan URL

URL: http://twitter.com/llsusa

Search URL Search Domain Scan URL

URL: https://instagram.com/llsusa/

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/LeukemiaLymphomaSoc

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/the-leukemia-&-lymphoma-society

Search URL Search Domain Scan URL

URL: https://www.charitynavigator.org/ein/135644916

Search URL Search Domain Scan URL

URL: http://www.causereports.com/

Search URL Search Domain Scan URL

URL: https://www.guidestar.org/profile/shared/40d84a97-8b7b-4b09-9feb-b93994d2003d

Search URL Search Domain Scan URL

URL: https://greatnonprofits.org/org/the-leukemia-lymphoma-society

Search URL Search Domain Scan URL

URL: https://www.charitywatch.org/charities/leukemia-lymphoma-society

Search URL Search Domain Scan URL

URL: https://www.onecause.com/raise/awards/hall-of-fame

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click.e.lls.org/?qs=15dd36d7324431a9b4e335ae2283f1531133ee1821aefa950bd543dcde4f92e63c7876ec79acd7111a14edd708c56df2fc0f0337109af423f7263067f15fddfa HTTP 302
https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://8977078.fls.doubleclick.net/activityi;src=8977078;type=allpg;cat=allpgst;ord=3028716704816;auiddc=1244355439.1693409857;u1=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252;u3=;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252 HTTP 302
https://8977078.fls.doubleclick.net/activityi;dc_pre=CJuo5qfbhIEDFcK9nwodCIUCag;src=8977078;type=allpg;cat=allpgst;ord=3028716704816;auiddc=1244355439.1693409857;u1=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252;u3=;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252

Request Chain 20

https://8977078.fls.doubleclick.net/activityi;src=8977078;type=allpg;cat=allpgun;ord=1;num=7846738406162;auiddc=1244355439.1693409857;u1=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252;u3=;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252 HTTP 302
https://8977078.fls.doubleclick.net/activityi;dc_pre=CJus5qfbhIEDFaoFaAgdV-YHag;src=8977078;type=allpg;cat=allpgun;ord=1;num=7846738406162;auiddc=1244355439.1693409857;u1=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252;u3=;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252

Request Chain 31

https://action.dstillery.com/orbserv/nsjs?adv=cl168994728806628&ns=8154&nc=ros&ncv=49&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP 302
https://action.media6degrees.com/orbserv/nsjs?adv=cl168994728806628&ns=8154&nc=ros&ncv=49&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

Request Chain 35

https://trkn.us/pixel/c?ppt=20749&g=sitewide&gid=48665&gtmcb=1188105995 HTTP 302
https://trkn.us/pixel/c?ppt=20749&g=sitewide&gid=48665&gtmcb=1188105995&ip=217.114.218.27&cuidchk=1

Request Chain 45

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/779965559/?random=1014552792&cv=11&fst=1693409856665&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252&label=AiKNCNiBvqkBEPeo9fMC&hn=www.googleadservices.com&frm=0&tiba=Donate%20Cryptocurrency%20%7C%20Leukemia%20and%20Lymphoma%20Society&value=0&auid=1244355439.1693409857&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=QGLvZOC1LoqbiM0Pr7qlkAI&sscte=1&crd=&eitems=ChAI8NG7pwYQ8ovSrpLsn7M-Eh0ALE-GW0AbCc1M9ldPTUENVloqxLV7-c6GYIfzcA&pscrd=Ek5DaEFJOE5HN3B3WVExLS1qaWZ2SC1jNEVFaVlBQ2RpYWhGU3pqQ0FuTl9fTTJvR0U1cy1iSm9hOVlLakg3cnJMSWhOemRLcXV1RFgzdlEaWENoQUk4Tkc3cHdZUTlQMzF2Znljb2VsSkVpNEFWV2hOOE54emFiWjg3cjlPeEpYMm1uYlRscVh2WTdVQlhOd3hoUWQtVE1SR3JQT2FnNS1xME9nZjBQQVciEwjg1eKn24SBAxWKDaIDHS9dCSI HTTP 302
https://www.google.com/pagead/1p-conversion/779965559/?random=1014552792&cv=11&fst=1693409856665&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252&label=AiKNCNiBvqkBEPeo9fMC&hn=www.googleadservices.com&frm=0&tiba=Donate%20Cryptocurrency%20%7C%20Leukemia%20and%20Lymphoma%20Society&value=0&auid=1244355439.1693409857&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE5HN3B3WVExLS1qaWZ2SC1jNEVFaVlBQ2RpYWhGU3pqQ0FuTl9fTTJvR0U1cy1iSm9hOVlLakg3cnJMSWhOemRLcXV1RFgzdlEaWENoQUk4Tkc3cHdZUTlQMzF2Znljb2VsSkVpNEFWV2hOOE54emFiWjg3cjlPeEpYMm1uYlRscVh2WTdVQlhOd3hoUWQtVE1SR3JQT2FnNS1xME9nZjBQQVciEwjg1eKn24SBAxWKDaIDHS9dCSI&is_vtc=1&ocp_id=QGLvZOC1LoqbiM0Pr7qlkAI&cid=CAQSKQBpAlJWp0h5k68mGAA8JXqGogiYqcIdfOgI28uGCgt_u76IF-ZBd-lO&eitems=ChAI8NG7pwYQ8ovSrpLsn7M-Eh0ALE-GW9JgJ2GHqFWMieOL5yTU05H_MZgyw6Nqxg&random=2620190009 HTTP 302
https://www.google.de/pagead/1p-conversion/779965559/?random=1014552792&cv=11&fst=1693409856665&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252&label=AiKNCNiBvqkBEPeo9fMC&hn=www.googleadservices.com&frm=0&tiba=Donate%20Cryptocurrency%20%7C%20Leukemia%20and%20Lymphoma%20Society&value=0&auid=1244355439.1693409857&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE5HN3B3WVExLS1qaWZ2SC1jNEVFaVlBQ2RpYWhGU3pqQ0FuTl9fTTJvR0U1cy1iSm9hOVlLakg3cnJMSWhOemRLcXV1RFgzdlEaWENoQUk4Tkc3cHdZUTlQMzF2Znljb2VsSkVpNEFWV2hOOE54emFiWjg3cjlPeEpYMm1uYlRscVh2WTdVQlhOd3hoUWQtVE1SR3JQT2FnNS1xME9nZjBQQVciEwjg1eKn24SBAxWKDaIDHS9dCSI&is_vtc=1&ocp_id=QGLvZOC1LoqbiM0Pr7qlkAI&cid=CAQSKQBpAlJWp0h5k68mGAA8JXqGogiYqcIdfOgI28uGCgt_u76IF-ZBd-lO&eitems=ChAI8NG7pwYQ8ovSrpLsn7M-Eh0ALE-GW9JgJ2GHqFWMieOL5yTU05H_MZgyw6Nqxg&random=2620190009&ipr=y

Request Chain 47

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070099938/?random=1215644618&cv=11&fst=1693409856667&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252&label=I-AeCPL35vYBEOLbof4D&hn=www.googleadservices.com&frm=0&tiba=Donate%20Cryptocurrency%20%7C%20Leukemia%20and%20Lymphoma%20Society&value=0&auid=1244355439.1693409857&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=QGLvZO-6Lo2OiM0P2aev2Ac&sscte=1&crd=CKK4sQI&eitems=ChAI8NG7pwYQ8ovSrpLsn7M-Eh0ALE-GWzsDl7SLquJ613x3sMJ0FIKcZqkMDu6gnw&pscrd=Ek5DaEFJOE5HN3B3WVExLS1qaWZ2SC1jNEVFaVlBQ2RpYWhGU3pqQ0FuTl9fTTJvR0U1cy1iSm9hOVlLakg3cnJMSWhOemRLcXV1RFgzdlEaWENoQUk4Tkc3cHdZUTlQMzF2Znljb2VsSkVpNEFWV2hOOElhcGJGR3hoa0RVaTFNUndoLUlEdURjR3lYUDZNYjZvR3ZmeDcwUl8yZE1wUzloQmx2VlQyOW0iEwjv2uKn24SBAxUNB6IDHdnTC3s HTTP 302
https://www.google.com/pagead/1p-conversion/1070099938/?random=1215644618&cv=11&fst=1693409856667&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252&label=I-AeCPL35vYBEOLbof4D&hn=www.googleadservices.com&frm=0&tiba=Donate%20Cryptocurrency%20%7C%20Leukemia%20and%20Lymphoma%20Society&value=0&auid=1244355439.1693409857&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKK4sQI&pscrd=Ek5DaEFJOE5HN3B3WVExLS1qaWZ2SC1jNEVFaVlBQ2RpYWhGU3pqQ0FuTl9fTTJvR0U1cy1iSm9hOVlLakg3cnJMSWhOemRLcXV1RFgzdlEaWENoQUk4Tkc3cHdZUTlQMzF2Znljb2VsSkVpNEFWV2hOOElhcGJGR3hoa0RVaTFNUndoLUlEdURjR3lYUDZNYjZvR3ZmeDcwUl8yZE1wUzloQmx2VlQyOW0iEwjv2uKn24SBAxUNB6IDHdnTC3s&is_vtc=1&ocp_id=QGLvZO-6Lo2OiM0P2aev2Ac&cid=CAQSKQBpAlJWGGHe6uMtPEBEwGE0lJIhOBqUubg20IsWIsUvOyeV1g628LRd&eitems=ChAI8NG7pwYQ8ovSrpLsn7M-Eh0ALE-GW8UeQQWpM-shPGd472-JGJylgrk4inH-VQ&random=4117068396 HTTP 302
https://www.google.de/pagead/1p-conversion/1070099938/?random=1215644618&cv=11&fst=1693409856667&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252&label=I-AeCPL35vYBEOLbof4D&hn=www.googleadservices.com&frm=0&tiba=Donate%20Cryptocurrency%20%7C%20Leukemia%20and%20Lymphoma%20Society&value=0&auid=1244355439.1693409857&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKK4sQI&pscrd=Ek5DaEFJOE5HN3B3WVExLS1qaWZ2SC1jNEVFaVlBQ2RpYWhGU3pqQ0FuTl9fTTJvR0U1cy1iSm9hOVlLakg3cnJMSWhOemRLcXV1RFgzdlEaWENoQUk4Tkc3cHdZUTlQMzF2Znljb2VsSkVpNEFWV2hOOElhcGJGR3hoa0RVaTFNUndoLUlEdURjR3lYUDZNYjZvR3ZmeDcwUl8yZE1wUzloQmx2VlQyOW0iEwjv2uKn24SBAxUNB6IDHdnTC3s&is_vtc=1&ocp_id=QGLvZO-6Lo2OiM0P2aev2Ac&cid=CAQSKQBpAlJWGGHe6uMtPEBEwGE0lJIhOBqUubg20IsWIsUvOyeV1g628LRd&eitems=ChAI8NG7pwYQ8ovSrpLsn7M-Eh0ALE-GW8UeQQWpM-shPGd472-JGJylgrk4inH-VQ&random=4117068396&ipr=y

Request Chain 49

https://s.amazon-adsystem.com/iu3?pid=929accd0-a3ae-4970-be69-076876794af5&event=PageView&ts=1693409856676 HTTP 302
https://s.amazon-adsystem.com/iu3?pid=929accd0-a3ae-4970-be69-076876794af5&event=PageView&ts=1693409856676&dcc=t

Request Chain 117

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3516122&time=1693409858523&url=https%3A%2F%2Fwww.lls.org%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3516122&time=1693409858523&url=https%3A%2F%2Fwww.lls.org%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3516122%26time%3D1693409858523%26url%3Dhttps%253A%252F%252Fwww.lls.org%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3516122&time=1693409858523&url=https%3A%2F%2Fwww.lls.org%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3516122&time=1693409858523&url=https%3A%2F%2Fwww.lls.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQIHvdNPsfa2JQAAAYpHF9gcRx2rizRG6fVGqmX0f26o8XIb_duSZYMBMcCGMl5NA3LqRSQNoz2S

Request Chain 197

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=CA4C2827563F4D3296F41ED76041B29A&RedC=c.clarity.ms&MXFR=2FE714137AC86DCD3E84076E7EC86302 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CA4C2827563F4D3296F41ED76041B29A&MUID=2E779B6C34D768A419FB8811357B6960

314 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request donate-cryptocurrency Show response
www.lls.org/
Redirect Chain

http://click.e.lls.org/?qs=15dd36d7324431a9b4e335ae2283f1531133ee1821aefa950bd543dcde4f92e63c7876ec79acd7111a14edd708c56df2fc0f0337109af423f7263067f15fddfa
https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

133 KB
31 KB

1344ms
906ms

Document
text/html

54.83.53.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.83.53.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-83-53-190.compute-1.amazonaws.com

Software

nginx /

Resource Hash

1a4eebde263d5394185d71e1d50596e341c1408f04e673346df1d0641f3b57fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: must-revalidate, no-cache, private
content-encoding: gzip
content-language: en
content-type: text/html; charset=UTF-8
date: Wed, 30 Aug 2023 15:37:36 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
server: nginx
vary: Accept-Encoding
via: varnish
x-ah-environment: prod
x-cache: MISS
x-commerce-core: 2
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-generator: Drupal 9 (https://www.drupal.org)
x-request-id: v-247f70e6-474b-11ee-8fd7-2764a86e8e7d
x-ua-compatible: IE=edge

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 280
Content-Type: text/html; charset=utf-8
Date: Wed, 30 Aug 2023 15:37:34 GMT
Location: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 413 KB
108 KB 113ms
60ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PC52XK

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e223cb233ceee5080513e3ba10438d0e6ac5fe7b5c5f5bfd8efdd5f6d06092e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110044
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 30 Aug 2023 15:37:36 GMT

GET
H2 200 css_ivRUp5D4cxXPArFFLy7C2D2Iz87X8C_04WJ7S0wWbp8.css
www.lls.org/sites/default/files/css/ 10 KB
3 KB 112ms
112ms Stylesheet
text/css 54.83.53.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lls.org/sites/default/files/css/css_ivRUp5D4cxXPArFFLy7C2D2Iz87X8C_04WJ7S0wWbp8.css

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.83.53.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-83-53-190.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8af454a790f87315cf02b1452f2ec2d83d88cfced7f02ff4e1627b4b4c166e9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-cache-hits: 15340
date: Wed, 30 Aug 2023 15:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: varnish
age: 524864
x-cache: HIT
x-ah-environment: prod
content-length: 2726
x-request-id: v-198bccf4-4285-11ee-85c4-abaa443278d8
last-modified: Thu, 17 Aug 2023 18:39:59 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 07 Sep 2023 13:49:52 GMT

GET
H2 200 css_e0xAX08BCry_lbbjEIH48PU4a8HvQp2aaPGvZDkdRH4.css
www.lls.org/sites/default/files/css/ 1 MB
118 KB 113ms
112ms Stylesheet
text/css 54.83.53.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lls.org/sites/default/files/css/css_e0xAX08BCry_lbbjEIH48PU4a8HvQp2aaPGvZDkdRH4.css

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.83.53.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-83-53-190.compute-1.amazonaws.com

Software

nginx /

Resource Hash

7b4c405f4f010abcbf95b6e31081f8f0f5386bc1ef429d9a68f1af64391d447e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-cache-hits: 71509
date: Wed, 30 Aug 2023 15:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: varnish
age: 524883
x-cache: HIT
x-ah-environment: prod
content-length: 120578
x-request-id: v-0e5b8f68-4285-11ee-bbab-0fd7ebbe09fa
last-modified: Fri, 28 Jul 2023 17:46:21 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 07 Sep 2023 13:49:33 GMT

GET
H2 200 / Show response
tgbwidget.com/ Frame 8E46 777 B
1 KB 420ms
120ms Document
text/html 18.218.75.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tgbwidget.com/?charityID=135644916

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.218.75.13 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-218-75-13.us-east-2.compute.amazonaws.com

Software

Resource Hash

04d497dc0809bb860f4dddffb25fb91c69c0e6d3c9632fc9eedcffe6b8210c0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 777
content-type: text/html
date: Wed, 30 Aug 2023 15:37:36 GMT
etag: "64ef3d07-309"
expires: Wed, 30 Aug 2023 15:37:35 GMT
last-modified: Wed, 30 Aug 2023 12:58:47 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 logo.svg
www.lls.org/themes/custom/llscorp/ 12 KB
12 KB 222ms
219ms Image
image/svg+xml 54.83.53.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lls.org/themes/custom/llscorp/logo.svg

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.83.53.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-83-53-190.compute-1.amazonaws.com

Software

nginx /

Resource Hash

cd71c3d76b43b13f4baf71d417cc2305eaf7cc314cd4a6454691776c22b8434e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Thu, 07 Sep 2023 13:49:33 GMT
date: Wed, 30 Aug 2023 15:37:36 GMT
via: varnish
x-content-type-options: nosniff
last-modified: Tue, 04 Jul 2023 09:45:02 GMT
server: nginx
age: 524883
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=1209600
x-ah-environment: prod
accept-ranges: bytes
content-length: 12269
x-request-id: v-0e722ba6-4285-11ee-be2b-2ffaf2799005
x-cache-hits: 67738

GET
H2 200 logos-gb-crypto.jpg
www.lls.org/sites/default/files/2021-11/ 4 KB
4 KB 222ms
219ms Image
image/jpeg 54.83.53.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lls.org/sites/default/files/2021-11/logos-gb-crypto.jpg

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.83.53.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-83-53-190.compute-1.amazonaws.com

Software

nginx /

Resource Hash

53c07facf7000599b115bc9f4b8a44796ea8a6bc43021f3ca49c5755914e2704

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Tue, 12 Sep 2023 16:36:11 GMT
date: Wed, 30 Aug 2023 15:37:36 GMT
via: varnish
x-content-type-options: nosniff
last-modified: Fri, 05 Nov 2021 17:02:58 GMT
server: nginx
age: 82885
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=1209600
x-ah-environment: prod
accept-ranges: bytes
content-length: 4152
x-request-id: v-29c1b1fc-468a-11ee-8c37-bf66caf86383
x-cache-hits: 82

GET
H2 200 footer-logo-charity-navigator-four-star.png
www.lls.org/sites/default/files/2022-11/ 13 KB
13 KB 222ms
219ms Image
image/png 54.83.53.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lls.org/sites/default/files/2022-11/footer-logo-charity-navigator-four-star.png

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.83.53.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-83-53-190.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f5a317a64defc5638075d882495f7033f07246f9c7276d24d143f2466229b930

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Thu, 07 Sep 2023 13:49:33 GMT
date: Wed, 30 Aug 2023 15:37:36 GMT
via: varnish
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 16:36:07 GMT
server: nginx
age: 524882
x-cache: HIT
content-type: image/png
cache-control: max-age=1209600
x-ah-environment: prod
accept-ranges: bytes
content-length: 13174
x-request-id: v-0e9577a0-4285-11ee-b038-0795ddc6e7ff
x-cache-hits: 66544

GET
H2 200 footer-logo-cause-reports-best-in-class-22.png
www.lls.org/sites/default/files/2023-04/ 22 KB
22 KB 222ms
220ms Image
image/png 54.83.53.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lls.org/sites/default/files/2023-04/footer-logo-cause-reports-best-in-class-22.png

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.83.53.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-83-53-190.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c5c4f8fa13e70da553be9cf33e51916f6b26561e75f39363247c6c21b4032a04

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Thu, 07 Sep 2023 13:49:33 GMT
date: Wed, 30 Aug 2023 15:37:36 GMT
via: varnish
x-content-type-options: nosniff
last-modified: Mon, 24 Apr 2023 19:52:43 GMT
server: nginx
age: 524882
x-cache: HIT
content-type: image/png
cache-control: max-age=1209600
x-ah-environment: prod
accept-ranges: bytes
content-length: 22266
x-request-id: v-0e96de74-4285-11ee-b2a7-4f0d88fa929d
x-cache-hits: 66550

GET
H2 200 6939026
widgets.guidestar.org/TransparencySeal/ 13 KB
4 KB 577ms
493ms Image
image/svg+xml 104.22.55.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.guidestar.org/TransparencySeal/6939026
Requested by: Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.55.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5ee4dbeb415263a1bd1ff3f3903cac7f086f10d596e250c6fb68194e284f11fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 15:37:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/svg+xml
cache-control: no-cache
cf-ray: 7fee1db3edce1e66-FRA
expires: -1

GET
H2 200 footer-logo-great-nonprofits-2022.png
www.lls.org/sites/default/files/2022-11/ 14 KB
14 KB 222ms
220ms Image
image/png 54.83.53.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lls.org/sites/default/files/2022-11/footer-logo-great-nonprofits-2022.png

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.83.53.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-83-53-190.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6b7d5ccd463bc2218a1a0342153acd45be78745a8029ced1387c6a4c5165090c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Thu, 07 Sep 2023 13:49:33 GMT
date: Wed, 30 Aug 2023 15:37:36 GMT
via: varnish
x-content-type-options: nosniff
last-modified: Thu, 03 Nov 2022 16:13:34 GMT
server: nginx
age: 524882
x-cache: HIT
content-type: image/png
cache-control: max-age=1209600
x-ah-environment: prod
accept-ranges: bytes
content-length: 14148
x-request-id: v-0e96df3c-4285-11ee-8cfd-db432ece2922
x-cache-hits: 66022

GET
H2 200 footer-logo-charity-watch.png
www.lls.org/sites/default/files/2021-10/ 5 KB
5 KB 222ms
220ms Image
image/png 54.83.53.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lls.org/sites/default/files/2021-10/footer-logo-charity-watch.png

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.83.53.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-83-53-190.compute-1.amazonaws.com

Software

nginx /

Resource Hash

cab31fc0a6902621b57ffe6afec60a97aa570de05fafda357daaeece9c29485d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Thu, 07 Sep 2023 13:49:33 GMT
date: Wed, 30 Aug 2023 15:37:36 GMT
via: varnish
x-content-type-options: nosniff
last-modified: Thu, 28 Oct 2021 14:58:19 GMT
server: nginx
age: 524882
x-cache: HIT
content-type: image/png
cache-control: max-age=1209600
x-ah-environment: prod
accept-ranges: bytes
content-length: 5191
x-request-id: v-0e96e342-4285-11ee-85d2-23c12d4c0678
x-cache-hits: 65801

GET
H2 200 footer-logo-onecause.png
www.lls.org/sites/default/files/2022-10/ 9 KB
9 KB 222ms
220ms Image
image/png 54.83.53.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lls.org/sites/default/files/2022-10/footer-logo-onecause.png

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.83.53.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-83-53-190.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c24c023cdd14f3bbda5f5674d9a6a82a9a0dee9652c6a6a119aff6da2cb59e02

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Thu, 07 Sep 2023 13:49:33 GMT
date: Wed, 30 Aug 2023 15:37:36 GMT
via: varnish
x-content-type-options: nosniff
last-modified: Mon, 24 Oct 2022 19:58:16 GMT
server: nginx
age: 524882
x-cache: HIT
content-type: image/png
cache-control: max-age=1209600
x-ah-environment: prod
accept-ranges: bytes
content-length: 8995
x-request-id: v-0e96ea40-4285-11ee-ab7e-1f0c84c27d93
x-cache-hits: 66169

GET
H2 200 footer-logo-fastcompany-btm-22.png
www.lls.org/sites/default/files/2022-10/ 11 KB
12 KB 331ms
329ms Image
image/png 54.83.53.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lls.org/sites/default/files/2022-10/footer-logo-fastcompany-btm-22.png

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.83.53.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-83-53-190.compute-1.amazonaws.com

Software

nginx /

Resource Hash

08e70504edea96699795ab6db427f28b2a4e81355ae907f46dafc4bc891d919e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Thu, 07 Sep 2023 13:49:33 GMT
date: Wed, 30 Aug 2023 15:37:36 GMT
via: varnish
x-content-type-options: nosniff
last-modified: Mon, 24 Oct 2022 19:59:47 GMT
server: nginx
age: 524882
x-cache: HIT
content-type: image/png
cache-control: max-age=1209600
x-ah-environment: prod
accept-ranges: bytes
content-length: 11631
x-request-id: v-0e96f4ea-4285-11ee-b825-cbfa18d954f1
x-cache-hits: 66143

GET
H2 200 footer-logo-fastcompany-bwfi-23.png
www.lls.org/sites/default/files/2023-07/ 12 KB
12 KB 331ms
329ms Image
image/png 54.83.53.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lls.org/sites/default/files/2023-07/footer-logo-fastcompany-bwfi-23.png

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.83.53.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-83-53-190.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bee9d20d5ab7c8dc6c2462e3c668c6e00166c148ff55c8a643d86ce099e4da27

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Thu, 07 Sep 2023 13:49:33 GMT
date: Wed, 30 Aug 2023 15:37:36 GMT
via: varnish
x-content-type-options: nosniff
last-modified: Mon, 10 Jul 2023 18:54:00 GMT
server: nginx
age: 524882
x-cache: HIT
content-type: image/png
cache-control: max-age=1209600
x-ah-environment: prod
accept-ranges: bytes
content-length: 11845
x-request-id: v-0e96ec20-4285-11ee-97e7-374d4344c58f
x-cache-hits: 66203

GET
H2 200 js_UTPmaeXpeIi04RlMt4uaAnlopolhoszsG6MDIjW9loM.js Show response
www.lls.org/sites/default/files/js/ 280 KB
81 KB 220ms
219ms Script
text/javascript 54.83.53.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lls.org/sites/default/files/js/js_UTPmaeXpeIi04RlMt4uaAnlopolhoszsG6MDIjW9loM.js

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.83.53.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-83-53-190.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5133e669e5e97888b4e1194cb78b9a027968a68961a2ccec1ba3032235bd9683

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-cache-hits: 57402
date: Wed, 30 Aug 2023 15:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: varnish
age: 524882
x-cache: HIT
x-ah-environment: prod
content-length: 82938
x-request-id: v-0e96ded8-4285-11ee-8fb8-538aba7f4dfe
last-modified: Fri, 28 Jul 2023 17:46:21 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 07 Sep 2023 13:49:33 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/970754387/ 3 KB
2 KB 137ms
67ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/970754387/?random=1693409856622&cv=11&fst=1693409856622&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252&hn=www.googleadservices.com&frm=0&tiba=Donate%20Cryptocurrency%20%7C%20Leukemia%20and%20Lymphoma%20Society&auid=1244355439.1693409857&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12ac4a17806ae1f6bcdd3547dcf8a1bc681908fd976c61b9f4a40b29ceda3607

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 15:37:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1420
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 77ms
22ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 30 Aug 2023 13:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6793
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 30 Aug 2023 15:44:23 GMT

GET
H2 200 lls-hero-donate-crypto.jpg
www.lls.org/sites/default/files/styles/hero_short_desktop/public/heroes/hero-short/desktop/2021-04/ 34 KB
34 KB 329ms
329ms Image
image/jpeg 54.83.53.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lls.org/sites/default/files/styles/hero_short_desktop/public/heroes/hero-short/desktop/2021-04/lls-hero-donate-crypto.jpg?itok=FkYnpunj

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.83.53.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-83-53-190.compute-1.amazonaws.com

Software

nginx /

Resource Hash

151625dc258ed1d27b73caa4db6134ea495dbaceff12e6cef69fa1a0772e3cbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Tue, 12 Sep 2023 16:36:11 GMT
date: Wed, 30 Aug 2023 15:37:36 GMT
via: varnish
x-content-type-options: nosniff
last-modified: Tue, 01 Jun 2021 18:42:54 GMT
server: nginx
age: 82885
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=1209600
x-ah-environment: prod
accept-ranges: bytes
content-length: 34447
x-request-id: v-29c94c0a-468a-11ee-89b6-0b5692ec33ea
x-cache-hits: 81

GET
H2 200 lls-hero-ways-give.jpg
www.lls.org/sites/default/files/styles/hero_short_desktop/public/heroes/hero-short/desktop/2021-04/ 31 KB
32 KB 331ms
330ms Image
image/jpeg 54.83.53.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lls.org/sites/default/files/styles/hero_short_desktop/public/heroes/hero-short/desktop/2021-04/lls-hero-ways-give.jpg?itok=lGWFiyzc

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.83.53.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-83-53-190.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8615b97de7d915ac3c19fc793cf19c12aed0df7aba16a5673a2c0ffc68d385c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Tue, 12 Sep 2023 16:36:11 GMT
date: Wed, 30 Aug 2023 15:37:36 GMT
via: varnish
x-content-type-options: nosniff
last-modified: Tue, 01 Jun 2021 18:42:54 GMT
server: nginx
age: 82885
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=1209600
x-ah-environment: prod
accept-ranges: bytes
content-length: 31991
x-request-id: v-29ccfb16-468a-11ee-9f71-6790172367ff
x-cache-hits: 81

GET
H2

200

activityi;dc_pre=CJuo5qfbhIEDFcK9nwodCIUCag;src=8977078;type=allpg;cat=allpgst;ord=3028716704816;auiddc=1244355439.1693409857;u1=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfm... Show response
8977078.fls.doubleclick.net/ Frame EF7A
Redirect Chain

https://8977078.fls.doubleclick.net/activityi;src=8977078;type=allpg;cat=allpgst;ord=3028716704816;auiddc=1244355439.1693409857;u1=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Ds...
https://8977078.fls.doubleclick.net/activityi;dc_pre=CJuo5qfbhIEDFcK9nwodCIUCag;src=8977078;type=allpg;cat=allpgst;ord=3028716704816;auiddc=1244355439.1693409857;u1=https%3A%2F%2Fwww.lls.org%2Fdona...

777 B
427 B

319ms
318ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8977078.fls.doubleclick.net/activityi;dc_pre=CJuo5qfbhIEDFcK9nwodCIUCag;src=8977078;type=allpg;cat=allpgst;ord=3028716704816;auiddc=1244355439.1693409857;u1=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252;u3=;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PC52XK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

cafe /

Resource Hash

2e8a6785bb0504bcf11d6a3c0a1eb017dcf01ee7c9a6db27e2ce380c78f69192

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 15:37:36 GMT
expires: Wed, 30 Aug 2023 15:37:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 15:37:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8977078.fls.doubleclick.net/activityi;dc_pre=CJuo5qfbhIEDFcK9nwodCIUCag;src=8977078;type=allpg;cat=allpgst;ord=3028716704816;auiddc=1244355439.1693409857;u1=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252;u3=;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CJus5qfbhIEDFaoFaAgdV-YHag;src=8977078;type=allpg;cat=allpgun;ord=1;num=7846738406162;auiddc=1244355439.1693409857;u1=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source... Show response
8977078.fls.doubleclick.net/ Frame F8D2
Redirect Chain

https://8977078.fls.doubleclick.net/activityi;src=8977078;type=allpg;cat=allpgun;ord=1;num=7846738406162;auiddc=1244355439.1693409857;u1=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_sour...
https://8977078.fls.doubleclick.net/activityi;dc_pre=CJus5qfbhIEDFaoFaAgdV-YHag;src=8977078;type=allpg;cat=allpgun;ord=1;num=7846738406162;auiddc=1244355439.1693409857;u1=https%3A%2F%2Fwww.lls.org%...

783 B
471 B

142ms
141ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8977078.fls.doubleclick.net/activityi;dc_pre=CJus5qfbhIEDFaoFaAgdV-YHag;src=8977078;type=allpg;cat=allpgun;ord=1;num=7846738406162;auiddc=1244355439.1693409857;u1=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252;u3=;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PC52XK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

cafe /

Resource Hash

a31ea64b19549b23d3d91dbbe4b8ee8457cfb47870adcc7e9adf51d6fb42887c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 361
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 15:37:36 GMT
expires: Wed, 30 Aug 2023 15:37:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 15:37:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8977078.fls.doubleclick.net/activityi;dc_pre=CJus5qfbhIEDFaoFaAgdV-YHag;src=8977078;type=allpg;cat=allpgun;ord=1;num=7846738406162;auiddc=1244355439.1693409857;u1=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252;u3=;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1070099938/ 3 KB
2 KB 103ms
68ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070099938/?random=1693409856664&cv=11&fst=1693409856664&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252&hn=www.googleadservices.com&frm=0&tiba=Donate%20Cryptocurrency%20%7C%20Leukemia%20and%20Lymphoma%20Society&auid=1244355439.1693409857&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e084341e6f15ca33f624cb37af7489b084d2563d1dabc4f7bbc80338d3e59a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 15:37:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1423
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/779965559/ 3 KB
2 KB 129ms
60ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/779965559/?random=1693409856665&cv=11&fst=1693409856665&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252&label=AiKNCNiBvqkBEPeo9fMC&hn=www.googleadservices.com&frm=0&tiba=Donate%20Cryptocurrency%20%7C%20Leukemia%20and%20Lymphoma%20Society&value=0&bttype=purchase&auid=1244355439.1693409857&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3423c793635ff63c663656940acb65f80939ab0985130d906d6e0a1ebfd8022

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 15:37:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1735
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1070099938/ 3 KB
2 KB 127ms
61ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1070099938/?random=1693409856667&cv=11&fst=1693409856667&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252&label=I-AeCPL35vYBEOLbof4D&hn=www.googleadservices.com&frm=0&tiba=Donate%20Cryptocurrency%20%7C%20Leukemia%20and%20Lymphoma%20Society&value=0&bttype=purchase&auid=1244355439.1693409857&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

aab74c07a6d93c123fd56a38fdbaa9e974296385ec42eb877b529a6247d40fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 15:37:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1739
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 1 MB
69 KB 599ms
599ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WGKK4PM&l=dataLayer

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19d5fd5c306d7e083e4417377add9e1e1ff94a16aa3ed7d7c6bdceedf756dee1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70082
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 30 Aug 2023 15:37:37 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 193 KB
52 KB 82ms
25ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 30 Aug 2023 15:37:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 52127
x-xss-protection: 0
pragma: public
x-fb-debug: E9FeA4j981zgUEFp/S82rZadMZYI2+rExRFDfELQfBPUEOuGh02bFKWRYQiGS8QaLleaWJ4qBgQCCak5gatgiA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 42 KB
13 KB 103ms
44ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 30 Aug 2023 15:37:36 GMT
last-modified: Fri, 28 Jul 2023 18:19:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 22FA903A466C4A45A8CF8D02CF74852E Ref B: FRA31EDGE0706 Ref C: 2023-08-30T15:37:36Z
etag: "806f3b1280c1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12472

GET merkle_track.js
cdn.merklesearch.com/ 0
0

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 115ms
21ms Script
application/javascript 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:36 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 06 Sep 2023 15:37:36 GMT

GET
H2 200 amzn.js Show response
c.amazon-adsystem.com/aat/ 8 KB
9 KB 88ms
24ms Script
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aat/amzn.js
Requested by: Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6659d15d61adb57bfa2c9c5aa99052fb2a3d8bc997de5b5f04088ef37e3e1093

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: Nas5AN7fdylyVjyfO8A2Xs1YTuR5qGLS
date: Wed, 30 Aug 2023 08:02:43 GMT
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
last-modified: Mon, 07 Aug 2023 19:25:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 27294
x-amz-server-side-encryption: AES256
etag: "3a26860f1312111125d5d945bd319ee2"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 8617
x-amz-cf-id: AXbBhJNBVgJNpocp6THUOxpCeYlNHAsu3h6yB890DoOib8TI94_TYA==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 94ms
26ms Script
application/x-javascript 65.9.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-78-118.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 20:57:32 GMT
Content-Encoding: gzip
Via: 1.1 a31e887359e681523a84a0d401a4fe7c.cloudfront.net (CloudFront)
Last-Modified: Tue, 01 Aug 2023 20:10:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS1-C1
Age: 67205
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: BMiZnm2_Keaff7xaJRtSiHQi8_5eA3ukyByBbcXlRHrpHEI4fvLDHw==

GET
H2

200

nsjs Show response
action.media6degrees.com/orbserv/
Redirect Chain

https://action.dstillery.com/orbserv/nsjs?adv=cl168994728806628&ns=8154&nc=ros&ncv=49&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
https://action.media6degrees.com/orbserv/nsjs?adv=cl168994728806628&ns=8154&nc=ros&ncv=49&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

5 B
231 B

148ms
147ms

Script
text/html

2606:4700:4400::6812:2412
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://action.media6degrees.com/orbserv/nsjs?adv=cl168994728806628&ns=8154&nc=ros&ncv=49&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Requested by: Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
Protocol: H2
Server: 2606:4700:4400::6812:2412 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 15:37:38 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html;charset=ISO-8859-1
content-language: de-DE
access-control-allow-origin: *
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
cf-ray: 7fee1dbe1a2c0493-FRA

Redirect headers

location: https://action.media6degrees.com/orbserv/nsjs?adv=cl168994728806628&ns=8154&nc=ros&ncv=49&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
access-control-allow-origin: *
date: Wed, 30 Aug 2023 15:37:38 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7fee1dba8c9d0493-FRA
content-type: text/html; charset=iso-8859-1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
86 KB 49ms
49ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-63NN87E39V&l=dataLayer&cx=c

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5bda6e956de7118dbd1c83fdb2c4836dd4eedaf1517c5b31202a37e2fdf55dbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87898
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 30 Aug 2023 15:37:36 GMT

GET
H2 404 bind
media2.legacy.com/ 0
77 B 418ms
120ms Image
text/plain 44.208.176.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media2.legacy.com/bind?ckey1=LeukemiaLymphSoc;cvalue1=1;expiresDays=60;adct=image/gif;misc=123;&gtmcb=1517797668
Requested by: Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.208.176.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-208-176-114.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:37 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 171ms
54ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=k4816zm&ct=0:t1qofst&fmt=3&gtmcb=662466026
Requested by: Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 30 Aug 2023 15:37:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

c
trkn.us/pixel/
Redirect Chain

https://trkn.us/pixel/c?ppt=20749&g=sitewide&gid=48665&gtmcb=1188105995
https://trkn.us/pixel/c?ppt=20749&g=sitewide&gid=48665&gtmcb=1188105995&ip=217.114.218.27&cuidchk=1

42 B
780 B

622ms
622ms

Image
image/gif

54.144.30.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/c?ppt=20749&g=sitewide&gid=48665&gtmcb=1188105995&ip=217.114.218.27&cuidchk=1

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

HTTP/1.1

Server

54.144.30.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-144-30-117.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Aug 2023 15:37:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
Content-Type: image/gif
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Wed, 30 Aug 2023 15:37:37 GMT
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/html; charset=UTF-8
Location: /pixel/c?ppt=20749&g=sitewide&gid=48665&gtmcb=1188105995&ip=217.114.218.27&cuidchk=1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
219 B 30ms
30ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2081365268&t=pageview&_s=1&dl=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252&ul=en-us&de=UTF-8&dt=Donate%20Cryptocurrency%20%7C%20Leukemia%20and%20Lymphoma%20Society&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAACAAI~&jid=1800087038&gjid=1931284310&cid=918100877.1693409857&tid=UA-225158-16&_gid=1075867999.1693409857&_slc=1&gtm=45He38s0n71PC52XK&z=1997368259

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f4127266ea61b68b1f9f631db260002079b883aa8162bd5649dcbff187310a20

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 15:37:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.lls.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
347 B 104ms
32ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-225158-16&cid=918100877.1693409857&jid=1800087038&gjid=1931284310&_gid=1075867999.1693409857&_u=YGBAgEABAAAAAGAAI~&z=2022285761

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 30 Aug 2023 15:37:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.lls.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 85ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-63NN87E39V&gtm=45je38s0&_p=2081365268&cid=918100877.1693409857&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693409856&sct=1&seg=0&dl=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252&dt=Donate%20Cryptocurrency%20%7C%20Leukemia%20and%20Lymphoma%20Society&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-63NN87E39V&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 15:37:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.lls.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
83 KB 52ms
51ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VDXXEBMB1M&cx=c&_slc=1

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4df7f23c081fca6271cff172ada7f57cfb82045381624689e0c179c1e5a0fb83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84908
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 30 Aug 2023 15:37:36 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/970754387/ 42 B
455 B 88ms
35ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/970754387/?random=1693409856622&cv=11&fst=1693407600000&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252&frm=0&tiba=Donate%20Cryptocurrency%20%7C%20Leukemia%20and%20Lymphoma%20Society&fmt=3&is_vtc=1&random=1288003311&rmt_tld=0&ipr=y

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 15:37:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/970754387/ 42 B
455 B 89ms
35ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/970754387/?random=1693409856622&cv=11&fst=1693407600000&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252&frm=0&tiba=Donate%20Cryptocurrency%20%7C%20Leukemia%20and%20Lymphoma%20Society&fmt=3&is_vtc=1&random=1288003311&rmt_tld=1&ipr=y

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 15:37:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1070099938/ 42 B
108 B 34ms
33ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1070099938/?random=1693409856664&cv=11&fst=1693407600000&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252&frm=0&tiba=Donate%20Cryptocurrency%20%7C%20Leukemia%20and%20Lymphoma%20Society&fmt=3&is_vtc=1&random=2611128290&rmt_tld=0&ipr=y

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 15:37:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1070099938/ 42 B
108 B 38ms
36ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1070099938/?random=1693409856664&cv=11&fst=1693407600000&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252&frm=0&tiba=Donate%20Cryptocurrency%20%7C%20Leukemia%20and%20Lymphoma%20Society&fmt=3&is_vtc=1&random=2611128290&rmt_tld=1&ipr=y

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 15:37:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 5527522.js Show response
bat.bing.com/p/action/ 0
118 B 47ms
47ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5527522.js

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 30 Aug 2023 15:37:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7680AFBF6EE04D77829B9A60F731E92E Ref B: FRA31EDGE0706 Ref C: 2023-08-30T15:37:36Z
x-cache: CONFIG_NOCACHE

GET
H2

200

/
www.google.de/pagead/1p-conversion/779965559/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/779965559/?random=1014552792&cv=11&fst=1693409856665&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww....
https://www.google.com/pagead/1p-conversion/779965559/?random=1014552792&cv=11&fst=1693409856665&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lls.org%2Fdonate-cryp...
https://www.google.de/pagead/1p-conversion/779965559/?random=1014552792&cv=11&fst=1693409856665&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lls.org%2Fdonate-crypt...

42 B
108 B

49ms
48ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/779965559/?random=1014552792&cv=11&fst=1693409856665&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252&label=AiKNCNiBvqkBEPeo9fMC&hn=www.googleadservices.com&frm=0&tiba=Donate%20Cryptocurrency%20%7C%20Leukemia%20and%20Lymphoma%20Society&value=0&auid=1244355439.1693409857&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE5HN3B3WVExLS1qaWZ2SC1jNEVFaVlBQ2RpYWhGU3pqQ0FuTl9fTTJvR0U1cy1iSm9hOVlLakg3cnJMSWhOemRLcXV1RFgzdlEaWENoQUk4Tkc3cHdZUTlQMzF2Znljb2VsSkVpNEFWV2hOOE54emFiWjg3cjlPeEpYMm1uYlRscVh2WTdVQlhOd3hoUWQtVE1SR3JQT2FnNS1xME9nZjBQQVciEwjg1eKn24SBAxWKDaIDHS9dCSI&is_vtc=1&ocp_id=QGLvZOC1LoqbiM0Pr7qlkAI&cid=CAQSKQBpAlJWp0h5k68mGAA8JXqGogiYqcIdfOgI28uGCgt_u76IF-ZBd-lO&eitems=ChAI8NG7pwYQ8ovSrpLsn7M-Eh0ALE-GW9JgJ2GHqFWMieOL5yTU05H_MZgyw6Nqxg&random=2620190009&ipr=y

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 15:37:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 15:37:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/779965559/?random=1014552792&cv=11&fst=1693409856665&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252&label=AiKNCNiBvqkBEPeo9fMC&hn=www.googleadservices.com&frm=0&tiba=Donate%20Cryptocurrency%20%7C%20Leukemia%20and%20Lymphoma%20Society&value=0&auid=1244355439.1693409857&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOE5HN3B3WVExLS1qaWZ2SC1jNEVFaVlBQ2RpYWhGU3pqQ0FuTl9fTTJvR0U1cy1iSm9hOVlLakg3cnJMSWhOemRLcXV1RFgzdlEaWENoQUk4Tkc3cHdZUTlQMzF2Znljb2VsSkVpNEFWV2hOOE54emFiWjg3cjlPeEpYMm1uYlRscVh2WTdVQlhOd3hoUWQtVE1SR3JQT2FnNS1xME9nZjBQQVciEwjg1eKn24SBAxWKDaIDHS9dCSI&is_vtc=1&ocp_id=QGLvZOC1LoqbiM0Pr7qlkAI&cid=CAQSKQBpAlJWp0h5k68mGAA8JXqGogiYqcIdfOgI28uGCgt_u76IF-ZBd-lO&eitems=ChAI8NG7pwYQ8ovSrpLsn7M-Eh0ALE-GW9JgJ2GHqFWMieOL5yTU05H_MZgyw6Nqxg&random=2620190009&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p--C-1BUzjxqyCQ.js Show response
rules.quantcount.com/ 7 KB
2 KB 104ms
25ms Script
application/javascript 2600:9000:223c:ac00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p--C-1BUzjxqyCQ.js
Requested by: Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ac00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a8eae662e01a138b9efa50f109ae2a9205fc53a3262916727551470ac441e1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:34:30 GMT
content-encoding: gzip
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 187
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Sat, 30 Apr 2022 03:35:07 GMT
server: AmazonS3
etag: W/"e68d0e9c216771ac3c9b658393e29e79"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: sSPTp8ofozT2zc8EMMLF5m9yy7WGTEY-piHaYcz42n2AGDK0mrddRw==

GET
H2

200

/
www.google.de/pagead/1p-conversion/1070099938/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070099938/?random=1215644618&cv=11&fst=1693409856667&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww...
https://www.google.com/pagead/1p-conversion/1070099938/?random=1215644618&cv=11&fst=1693409856667&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lls.org%2Fdonate-cry...
https://www.google.de/pagead/1p-conversion/1070099938/?random=1215644618&cv=11&fst=1693409856667&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lls.org%2Fdonate-cryp...

42 B
108 B

44ms
43ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1070099938/?random=1215644618&cv=11&fst=1693409856667&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252&label=I-AeCPL35vYBEOLbof4D&hn=www.googleadservices.com&frm=0&tiba=Donate%20Cryptocurrency%20%7C%20Leukemia%20and%20Lymphoma%20Society&value=0&auid=1244355439.1693409857&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKK4sQI&pscrd=Ek5DaEFJOE5HN3B3WVExLS1qaWZ2SC1jNEVFaVlBQ2RpYWhGU3pqQ0FuTl9fTTJvR0U1cy1iSm9hOVlLakg3cnJMSWhOemRLcXV1RFgzdlEaWENoQUk4Tkc3cHdZUTlQMzF2Znljb2VsSkVpNEFWV2hOOElhcGJGR3hoa0RVaTFNUndoLUlEdURjR3lYUDZNYjZvR3ZmeDcwUl8yZE1wUzloQmx2VlQyOW0iEwjv2uKn24SBAxUNB6IDHdnTC3s&is_vtc=1&ocp_id=QGLvZO-6Lo2OiM0P2aev2Ac&cid=CAQSKQBpAlJWGGHe6uMtPEBEwGE0lJIhOBqUubg20IsWIsUvOyeV1g628LRd&eitems=ChAI8NG7pwYQ8ovSrpLsn7M-Eh0ALE-GW8UeQQWpM-shPGd472-JGJylgrk4inH-VQ&random=4117068396&ipr=y

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 15:37:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 15:37:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1070099938/?random=1215644618&cv=11&fst=1693409856667&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252&label=I-AeCPL35vYBEOLbof4D&hn=www.googleadservices.com&frm=0&tiba=Donate%20Cryptocurrency%20%7C%20Leukemia%20and%20Lymphoma%20Society&value=0&auid=1244355439.1693409857&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKK4sQI&pscrd=Ek5DaEFJOE5HN3B3WVExLS1qaWZ2SC1jNEVFaVlBQ2RpYWhGU3pqQ0FuTl9fTTJvR0U1cy1iSm9hOVlLakg3cnJMSWhOemRLcXV1RFgzdlEaWENoQUk4Tkc3cHdZUTlQMzF2Znljb2VsSkVpNEFWV2hOOElhcGJGR3hoa0RVaTFNUndoLUlEdURjR3lYUDZNYjZvR3ZmeDcwUl8yZE1wUzloQmx2VlQyOW0iEwjv2uKn24SBAxUNB6IDHdnTC3s&is_vtc=1&ocp_id=QGLvZO-6Lo2OiM0P2aev2Ac&cid=CAQSKQBpAlJWGGHe6uMtPEBEwGE0lJIhOBqUubg20IsWIsUvOyeV1g628LRd&eitems=ChAI8NG7pwYQ8ovSrpLsn7M-Eh0ALE-GW8UeQQWpM-shPGd472-JGJylgrk4inH-VQ&random=4117068396&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 489186234582967 Show response
connect.facebook.net/signals/config/ 381 KB
118 KB 266ms
265ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/489186234582967?v=2.9.125&r=stable&domain=www.lls.org

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

80ab810deb9206ac862cc4d906331153e0190c42580c0a9b93f7de5dc9fd9b8e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 30 Aug 2023 15:37:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: ktBA2BF2kFFwGVciq0lCoyaOQ3SW1ZNq94ARpk34MY/kiBk3osjkYnaCbPwo7R29diURxsE/77KxquPwxXrpQg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 3C30
Redirect Chain

https://s.amazon-adsystem.com/iu3?pid=929accd0-a3ae-4970-be69-076876794af5&event=PageView&ts=1693409856676
https://s.amazon-adsystem.com/iu3?pid=929accd0-a3ae-4970-be69-076876794af5&event=PageView&ts=1693409856676&dcc=t

65 B
896 B

132ms
132ms

Document
text/html

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?pid=929accd0-a3ae-4970-be69-076876794af5&event=PageView&ts=1693409856676&dcc=t

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 65
Content-Type: text/html;charset=ISO-8859-1
Date: Wed, 30 Aug 2023 15:37:37 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 8B6V78PPMVCSVF9Y9B5G

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Wed, 30 Aug 2023 15:37:37 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?pid=929accd0-a3ae-4970-be69-076876794af5&event=PageView&ts=1693409856676&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: XPE4K863SEVPCM812WEZ

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 61ms
60ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-225158-16&cid=918100877.1693409857&jid=1800087038&_u=YGBAgEABAAAAAGAAI~&z=1450900155

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 15:37:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 66ms
65ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-225158-16&cid=918100877.1693409857&jid=1800087038&_u=YGBAgEABAAAAAGAAI~&z=1450900155

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 15:37:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 search.svg
www.lls.org/themes/custom/llscorp/img/svg/ 642 B
942 B 115ms
111ms Image
image/svg+xml 54.83.53.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lls.org/themes/custom/llscorp/img/svg/search.svg

Requested by

Host: www.lls.org
URL: https://www.lls.org/sites/default/files/css/css_e0xAX08BCry_lbbjEIH48PU4a8HvQp2aaPGvZDkdRH4.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.83.53.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-83-53-190.compute-1.amazonaws.com

Software

nginx /

Resource Hash

7852694db11f08ee046e3b8324b94364bbcae38f18ca61bf8dec43000068d9fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/sites/default/files/css/css_e0xAX08BCry_lbbjEIH48PU4a8HvQp2aaPGvZDkdRH4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Thu, 07 Sep 2023 13:49:36 GMT
date: Wed, 30 Aug 2023 15:37:36 GMT
via: varnish
x-content-type-options: nosniff
last-modified: Tue, 04 Jul 2023 09:45:02 GMT
server: nginx
age: 524880
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=1209600
x-ah-environment: prod
accept-ranges: bytes
content-length: 642
x-request-id: v-0ff61fd2-4285-11ee-a1c0-0b2e0b9c7d0a
x-cache-hits: 31805

GET
H2 200 drop.svg
www.lls.org/themes/custom/llscorp/img/svg/ 525 B
826 B 200ms
195ms Image
image/svg+xml 54.83.53.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lls.org/themes/custom/llscorp/img/svg/drop.svg

Requested by

Host: www.lls.org
URL: https://www.lls.org/sites/default/files/css/css_e0xAX08BCry_lbbjEIH48PU4a8HvQp2aaPGvZDkdRH4.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.83.53.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-83-53-190.compute-1.amazonaws.com

Software

nginx /

Resource Hash

cf1b7c7ecc75bbc92846715b31759293a11f4e24dbf879d8ed3a79ba22d0b55c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/sites/default/files/css/css_e0xAX08BCry_lbbjEIH48PU4a8HvQp2aaPGvZDkdRH4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Thu, 07 Sep 2023 13:49:36 GMT
date: Wed, 30 Aug 2023 15:37:36 GMT
via: varnish
x-content-type-options: nosniff
last-modified: Tue, 04 Jul 2023 10:17:50 GMT
server: nginx
age: 524880
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=1209600
x-ah-environment: prod
accept-ranges: bytes
content-length: 525
x-request-id: v-0ff7137e-4285-11ee-8389-831432bdb6be
x-cache-hits: 32184

GET
H2 200 fa-brands-400.woff2
www.lls.org/themes/custom/llscorp/node_modules/%40fortawesome/fontawesome-free/webfonts/ 105 KB
106 KB 114ms
112ms Font
text/plain 54.83.53.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lls.org/themes/custom/llscorp/node_modules/%40fortawesome/fontawesome-free/webfonts/fa-brands-400.woff2

Requested by

Host: www.lls.org
URL: https://www.lls.org/sites/default/files/css/css_e0xAX08BCry_lbbjEIH48PU4a8HvQp2aaPGvZDkdRH4.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.83.53.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-83-53-190.compute-1.amazonaws.com

Software

nginx /

Resource Hash

31a12839c1ac6d6fbb1a69a420c523097bfd91ed4061779056cb86cd10a2a0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.lls.org/sites/default/files/css/css_e0xAX08BCry_lbbjEIH48PU4a8HvQp2aaPGvZDkdRH4.css
Origin: https://www.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Thu, 07 Sep 2023 13:49:36 GMT
date: Wed, 30 Aug 2023 15:37:36 GMT
via: varnish
x-content-type-options: nosniff
last-modified: Tue, 04 Jul 2023 09:28:34 GMT
server: nginx
age: 524880
x-cache: HIT
cache-control: max-age=1209600
x-ah-environment: prod
accept-ranges: bytes
content-length: 108000
x-request-id: v-105e375c-4285-11ee-bb80-336c4a35c275
x-cache-hits: 66957

GET
H2 200 fa-solid-900.woff2
www.lls.org/themes/custom/llscorp/node_modules/%40fortawesome/fontawesome-free/webfonts/ 146 KB
147 KB 198ms
196ms Font
text/plain 54.83.53.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lls.org/themes/custom/llscorp/node_modules/%40fortawesome/fontawesome-free/webfonts/fa-solid-900.woff2

Requested by

Host: www.lls.org
URL: https://www.lls.org/sites/default/files/css/css_e0xAX08BCry_lbbjEIH48PU4a8HvQp2aaPGvZDkdRH4.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.83.53.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-83-53-190.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5b01f04ad1cd7cc927b6cd89a3c4b21bffa11180e140cb37bf1fb01ea83fdd7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.lls.org/sites/default/files/css/css_e0xAX08BCry_lbbjEIH48PU4a8HvQp2aaPGvZDkdRH4.css
Origin: https://www.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Thu, 07 Sep 2023 13:49:36 GMT
date: Wed, 30 Aug 2023 15:37:36 GMT
via: varnish
x-content-type-options: nosniff
last-modified: Tue, 04 Jul 2023 10:01:52 GMT
server: nginx
age: 524880
x-cache: HIT
cache-control: max-age=1209600
x-ah-environment: prod
accept-ranges: bytes
content-length: 149908
x-request-id: v-0fee3eac-4285-11ee-bcb4-6fa6f17d0e27
x-cache-hits: 67113

GET
H2 200 Druk-Medium-Web.woff2
www.lls.org/themes/custom/llscorp/fonts/ 28 KB
28 KB 203ms
202ms Font
text/plain 54.83.53.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lls.org/themes/custom/llscorp/fonts/Druk-Medium-Web.woff2

Requested by

Host: www.lls.org
URL: https://www.lls.org/sites/default/files/css/css_e0xAX08BCry_lbbjEIH48PU4a8HvQp2aaPGvZDkdRH4.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.83.53.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-83-53-190.compute-1.amazonaws.com

Software

nginx /

Resource Hash

1bd5520bc078d37cabf8b53bb157a0393544a998a8d06afde52356b361ec93b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.lls.org/sites/default/files/css/css_e0xAX08BCry_lbbjEIH48PU4a8HvQp2aaPGvZDkdRH4.css
Origin: https://www.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Thu, 07 Sep 2023 13:49:36 GMT
date: Wed, 30 Aug 2023 15:37:36 GMT
via: varnish
x-content-type-options: nosniff
last-modified: Tue, 04 Jul 2023 09:45:33 GMT
server: nginx
age: 524880
x-cache: HIT
cache-control: max-age=1209600
x-ah-environment: prod
accept-ranges: bytes
content-length: 28797
x-request-id: v-0fee3eac-4285-11ee-9c4b-5725c297ddf9
x-cache-hits: 16549

GET
H2 200 config.js Show response
tgbwidget.com/ Frame 8E46 804 B
1 KB 123ms
122ms Script
application/javascript 18.218.75.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tgbwidget.com/config.js

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=135644916

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.218.75.13 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-218-75-13.us-east-2.compute.amazonaws.com

Software

Resource Hash

e3d0a5f56b697152ffe5ce1c12355a49bcb55e6902be553e6c6d2ebf2de18530

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/?charityID=135644916
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 30 Aug 2023 12:59:55 GMT
etag: "64ef3d4b-324"
content-type: application/javascript
cache-control: no-cache
accept-ranges: bytes
content-length: 804
x-xss-protection: 1; mode=block
expires: Wed, 30 Aug 2023 15:37:36 GMT

GET
H2 200 shift4.js Show response
js.dev.shift4.com/ Frame 8E46 220 KB
63 KB 319ms
58ms Script
text/javascript 2600:9000:2204:3c00:a:84d7:f480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.dev.shift4.com/shift4.js
Requested by: Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=135644916
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2204:3c00:a:84d7:f480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3b81efb04d151989cae325d2c8dffb13090039372478be8a3b07f1fc79fac06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:37 GMT
content-encoding: br
via: 1.1 e7150584c93f85e64aa53364c55a16c6.cloudfront.net (CloudFront)
last-modified: Wed, 30 Aug 2023 12:35:22 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 7
x-amz-server-side-encryption: AES256
etag: W/"1d45fad6d6eb79a8d19cfc997c54a2f1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=60
x-amz-cf-id: tYGovej7lyLQc7J7kpbJ-LvDcJBmJWUBrD9QEFNercTvU9wTzmb99w==

GET
H2 200 main.80fa4128.js Show response
tgbwidget.com/static/js/ Frame 8E46 4 MB
1 MB 137ms
127ms Script
application/javascript 18.218.75.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tgbwidget.com/static/js/main.80fa4128.js

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=135644916

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.218.75.13 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-218-75-13.us-east-2.compute.amazonaws.com

Software

Resource Hash

a16e31fd6dc32c3e6f299457e494ace4b3c0d2bec04d838f9e334886659f8551

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/?charityID=135644916
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 30 Aug 2023 12:58:47 GMT
etag: W/"64ef3d07-3c5e5f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30 Aug 2023 15:37:36 GMT

GET
H2 200 main.5985e09c.css
tgbwidget.com/static/css/ Frame 8E46 6 KB
2 KB 123ms
123ms Stylesheet
text/css 18.218.75.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tgbwidget.com/static/css/main.5985e09c.css

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=135644916

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.218.75.13 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-218-75-13.us-east-2.compute.amazonaws.com

Software

Resource Hash

86c6832c9dce5b5fc9b98d2e15f03e4c2ce11b660ab95aa71f68b58c51ed6ca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/?charityID=135644916
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 30 Aug 2023 12:58:47 GMT
etag: W/"64ef3d07-1623"
vary: Accept-Encoding
content-type: text/css
cache-control: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 30 Aug 2023 15:37:36 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 33ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-VDXXEBMB1M&gtm=45je38s0&_p=2081365268&_gaz=1&ul=en-us&sr=1600x1200&cid=918100877.1693409857&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252&dt=Donate%20Cryptocurrency%20%7C%20Leukemia%20and%20Lymphoma%20Society&sid=1693409857&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VDXXEBMB1M&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 15:37:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.lls.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 40ms
38ms Ping
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VDXXEBMB1M&cid=918100877.1693409857&gtm=45je38s0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VDXXEBMB1M&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 15:37:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.lls.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 65ms
64ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VDXXEBMB1M&cid=918100877.1693409857&gtm=45je38s0&aip=1&z=2015925957

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 15:37:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 embedded-giving.js Show response
sdk.classy.org/ 40 KB
10 KB 229ms
56ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.classy.org/embedded-giving.js

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f6a79e880a8c6410628950d9b6ea2dae5f661b5fad6c1430f39271729b32349

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 154
x-amz-request-id: 66MAGXVJ38W8KPG0
x-amz-server-side-encryption: AES256
x-amz-id-2: hfwOXjIHrJSqouDpz0CKrLH+g/1X6ERiTBidY6RPTScM9fykmfO2FLwXZTe3xTKOsEkpS6C+MXg=
last-modified: Thu, 24 Aug 2023 21:44:50 GMT
cf-bgj: minify
server: cloudflare
etag: W/"ec660e3751c7e549407abf9af5c9445c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=60, s-maxage=900, stale-while-revalidate=60
cf-ray: 7fee1db7c8829280-FRA

GET
H2 200 dc_pre=CJus5qfbhIEDFaoFaAgdV-YHag;src=8977078;type=allpg;cat=allpgun;ord=1;num=7846738406162;auiddc=*;u1=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%2...
adservice.google.com/ddm/fls/z/ Frame F8D2 42 B
401 B 288ms
127ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJus5qfbhIEDFaoFaAgdV-YHag;src=8977078;type=allpg;cat=allpgun;ord=1;num=7846738406162;auiddc=*;u1=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252;u3=;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252

Requested by

Host: 8977078.fls.doubleclick.net
URL: https://8977078.fls.doubleclick.net/activityi;dc_pre=CJus5qfbhIEDFaoFaAgdV-YHag;src=8977078;type=allpg;cat=allpgun;ord=1;num=7846738406162;auiddc=1244355439.1693409857;u1=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252;u3=;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8977078.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 15:37:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=1296670426;labels=_fp.event.Default;rf=0;a=p--C-1BUzjxqyCQ;url=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_202...
pixel.quantserve.com/ 35 B
473 B 54ms
25ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1296670426;labels=_fp.event.Default;rf=0;a=p--C-1BUzjxqyCQ;url=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252;uht=2;fpan=1;fpa=P0-1897490784-1693409856811;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=lls.org;dst=1;et=1693409857082;tzo=-120;ogl=;ses=a7b737d7-f076-4435-9e67-24fc4f1cc76e;mdl=

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 15:37:37 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 204
No Content cs.js Show response
aa.trkn.us/1/e/ 0
166 B 166ms
21ms Script
text/plain 23.38.98.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.trkn.us/1/e/cs.js?cid=c013&evid=6894817b-ce68-494a-a2cd-4e160ce0f1d8&suu=1&dmn=www.lls.org
Requested by: Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Wed, 30 Aug 2023 15:37:37 GMT
Cache-Control: private, max-age=3600
Connection: keep-alive
Expires: Wed, 30 Aug 2023 16:37:37 GMT

GET
H2 204 0
bat.bing.com/action/ 0
288 B 48ms
47ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5527522&Ver=2&mid=419b9158-8ffe-4834-b443-ddc764799b7b&sid=256d4860474b11eeb0019f2e8a38e28c&vid=256eee30474b11ee8019f7d25b144ae2&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20Cryptocurrency%20%7C%20Leukemia%20and%20Lymphoma%20Society&kw=donate%20bitcoin,%20donate%20cryptocurrency,%20donate%20Ethereum,%20cancer%20donation,%20cancer%20research%20donation,%20childhood%20cancer%20donation,%20cryptocurrencies,%20charities%20accepting%20bitcoin,%20charities%20accepting%20cryptocurrencies,%20donate%20pediatric%20cancer&p=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252&r=&lt=2563&evt=pageLoad&sv=1&rn=256930

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 30 Aug 2023 15:37:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 09D19C8A228B4DB4BC10299E7B76E6C6 Ref B: FRA31EDGE0706 Ref C: 2023-08-30T15:37:37Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST events
capigw.lls.org/ 0
0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 73ms
21ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=489186234582967&ev=PageView&dl=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252&rl=&if=false&ts=1693409857199&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&fbp=fb.1.1693409857189.387978127&eid=ob3_plugin-set_5660a3972b95699f1216348335448b1c24f09296f34dac8c9db34dd201eec79e&cs_est=true&it=1693409856823&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 30 Aug 2023 15:37:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 dc_pre=CJuo5qfbhIEDFcK9nwodCIUCag;src=8977078;type=allpg;cat=allpgst;ord=3028716704816;auiddc=*;u1=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_c...
adservice.google.com/ddm/fls/z/ Frame EF7A 42 B
107 B 126ms
126ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJuo5qfbhIEDFcK9nwodCIUCag;src=8977078;type=allpg;cat=allpgst;ord=3028716704816;auiddc=*;u1=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252;u3=;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252

Requested by

Host: 8977078.fls.doubleclick.net
URL: https://8977078.fls.doubleclick.net/activityi;dc_pre=CJuo5qfbhIEDFcK9nwodCIUCag;src=8977078;type=allpg;cat=allpgst;ord=3028716704816;auiddc=1244355439.1693409857;u1=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252;u3=;gtm=45He38s0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8977078.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 15:37:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
givenow.lls.org/give/390400/ Frame C642 103 KB
31 KB 988ms
895ms Document
text/html 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/give/390400/

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5aec2cba1c384868e2a5dab344bc7ff062eb291e2508cbfaad496c553b0fc2f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.lls.org https://lls.org https://llscorp.dev3.lls.org https://llscorp.stg.lls.org https://llscorp.lndo.site https://llscorp.dev.lls.org;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 7fee1db8f8288fd1-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self' https://www.lls.org https://lls.org https://llscorp.dev3.lls.org https://llscorp.stg.lls.org https://llscorp.lndo.site https://llscorp.dev.lls.org;
content-type: text/html; charset=utf-8
date: Wed, 30 Aug 2023 15:37:38 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
api.duckduckgo.com/ Frame 8E46 2 KB
2 KB 178ms
77ms Fetch
application/x-javascript 40.114.177.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.duckduckgo.com/?q=whats+my+user+agent&format=json&pretty=1

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/js/main.80fa4128.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.114.177.156 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

557e6bcf50e0942ee29df4705f7c7d7020b951f4b70ca7fc8e1be2b32f51bd54

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; connect-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:38 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'none' ; connect-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; manifest-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; media-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; script-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' 'unsafe-eval' ; font-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; img-src data: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; style-src https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ 'unsafe-inline' ; object-src 'none' ; worker-src blob: ; child-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-src blob: https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; form-action https://duckduckgo.com https://*.duckduckgo.com https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/ ; frame-ancestors 'self' ; base-uri 'self' ; block-all-mixed-content ;
content-encoding: br
server-timing: total;dur=44;desc="Backend Total"
x-xss-protection: 1;mode=block
x-duckduckgo-locale: de_DE
referrer-policy: origin
server: nginx
expect-ct: max-age=0
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
x-duckduckgo-results: 1
cache-control: max-age=1
permissions-policy: interest-cohort=()
expires: Wed, 30 Aug 2023 15:37:39 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8E46 9 KB
1 KB 86ms
32ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500%7CPoppins:300,400,500

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/js/main.80fa4128.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5fb5dfe83179cd20586ec32be992d469f085c4ee3b28bf2f74608696a6633a23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Aug 2023 15:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 15:37:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Aug 2023 15:37:38 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 8E46 331 KB
104 KB 59ms
59ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MFW73RT&gtm_auth=TAXRt3--3hUY43PhmclkGw&gtm_preview=env-1&gtm_cookies_win=x

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d0c90c32d816767b01f895dee8d70ccb4c975840a890f4bdbec05589405997f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106509
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ Frame 8E46 1 KB
878 B 33ms
33ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/js/main.80fa4128.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c685ccd0295a1765484cfb19d7ef545269703d94d6ea25b39b9da72474402697

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 857
x-xss-protection: 1; mode=block
expires: Wed, 30 Aug 2023 15:37:38 GMT

GET
H2 200 charity-logo.59df9c7ed75f9c787561.jpg
tgbwidget.com/static/media/ Frame 8E46 10 KB
10 KB 119ms
118ms Image
image/jpeg 18.218.75.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tgbwidget.com/static/media/charity-logo.59df9c7ed75f9c787561.jpg

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=135644916

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.218.75.13 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-218-75-13.us-east-2.compute.amazonaws.com

Software

Resource Hash

acf248fe0795120ec1119705b4fde86c6d8a52a71988bfbd34e40194b11df933

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/?charityID=135644916
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 30 Aug 2023 12:58:48 GMT
etag: "64ef3d08-276f"
content-type: image/jpeg
cache-control: no-cache
accept-ranges: bytes
content-length: 10095
x-xss-protection: 1; mode=block
expires: Wed, 30 Aug 2023 15:37:37 GMT

GET
DATA 200
OK truncated
/ Frame 8E46 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 122555c03065b07b4d64d57ca9f3b6f242d0c0912b38b118a9aa9906b53e0b56

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 powered-by-tgb-logo.8549fba1b762989623b9.png
tgbwidget.com/static/media/ Frame 8E46 61 KB
61 KB 125ms
124ms Image
image/png 18.218.75.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tgbwidget.com/static/media/powered-by-tgb-logo.8549fba1b762989623b9.png

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=135644916

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.218.75.13 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-218-75-13.us-east-2.compute.amazonaws.com

Software

Resource Hash

9b88f620688228fe83d5cfd2c327325267f5130868b6d8fd6768d86fedf3a7fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/?charityID=135644916
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 30 Aug 2023 12:58:48 GMT
etag: "64ef3d08-f372"
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 62322
x-xss-protection: 1; mode=block
expires: Wed, 30 Aug 2023 15:37:37 GMT

GET
H2 200 Poppins-SemiBold.ac8d04b620e54be9b0f0.ttf
tgbwidget.com/static/media/ Frame 8E46 152 KB
152 KB 118ms
118ms Font
application/octet-stream 18.218.75.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tgbwidget.com/static/media/Poppins-SemiBold.ac8d04b620e54be9b0f0.ttf

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/css/main.5985e09c.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.218.75.13 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-218-75-13.us-east-2.compute.amazonaws.com

Software

Resource Hash

248c0244b350ec68880996aa6be6d7796274b49992d5fcbbefe251906aa4ea36

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tgbwidget.com/static/css/main.5985e09c.css
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 30 Aug 2023 12:58:48 GMT
etag: "64ef3d08-25e60"
content-type: application/octet-stream
accept-ranges: bytes
content-length: 155232
x-xss-protection: 1; mode=block

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 8E46 454 KB
183 KB 77ms
22ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tgbwidget.com/
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188627
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 186637
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Aug 2024 11:13:51 GMT

POST
H2 200 list Show response
widget-backend.tgbwidget.com/v1/currencies/ Frame 8E46 21 KB
21 KB 121ms
121ms Fetch
application/json 3.20.118.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget-backend.tgbwidget.com/v1/currencies/list

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/js/main.80fa4128.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.20.118.146 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-20-118-146.us-east-2.compute.amazonaws.com

Software

Resource Hash

8cef0a548a05f945992ad9afec739b15ac45f5b483f603a42b87594cd663bad9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tgbwidget.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type: application/json

Response headers

x-response-time: 6ms
date: Wed, 30 Aug 2023 15:37:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-rate-limit-limit: 10
x-rate-limit-remaining: 9
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-rate-limit-reset: 1693409859
request-id: bbcf8146-f6f5-4a3e-86a6-e35f1d0c98aa
content-length: 21222
x-xss-protection: 1; mode=block

OPTIONS
H2 204 list
widget-backend.tgbwidget.com/v1/currencies/ Frame 0
0 375ms
121ms Preflight 3.20.118.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget-backend.tgbwidget.com/v1/currencies/list

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.20.118.146 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-20-118-146.us-east-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://tgbwidget.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,Content-Language,Cache-Control
access-control-allow-methods: PUT,GET,POST,DELETE,OPTIONS
access-control-allow-origin: *
date: Wed, 30 Aug 2023 15:37:38 GMT
request-id: eb2ccc87-0cdb-4304-9ae1-faa5f7463e0d
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 4ms
x-xss-protection: 1; mode=block

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8E46 15 KB
16 KB 98ms
44ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500%7CPoppins:300,400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 15:22:55 GMT
x-content-type-options: nosniff
age: 432883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Aug 2024 15:22:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8E46 15 KB
15 KB 103ms
49ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500%7CPoppins:300,400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 473446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Aug 2024 04:06:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8E46 16 KB
16 KB 120ms
66ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500%7CPoppins:300,400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 02:35:09 GMT
x-content-type-options: nosniff
age: 392549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 02:35:09 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 8E46 8 KB
8 KB 134ms
80ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500%7CPoppins:300,400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 12:23:15 GMT
x-content-type-options: nosniff
age: 443663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7840
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Aug 2024 12:23:15 GMT

GET
H2 200 Poppins-Light.7641a0f76ca9ef6c252c.ttf
tgbwidget.com/static/media/ Frame 8E46 156 KB
157 KB 121ms
119ms Font
application/octet-stream 18.218.75.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tgbwidget.com/static/media/Poppins-Light.7641a0f76ca9ef6c252c.ttf

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/css/main.5985e09c.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.218.75.13 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-218-75-13.us-east-2.compute.amazonaws.com

Software

Resource Hash

647f014d36822ef7e0413ffbb65598ae0cb57fb798e635c63912c93d94eb356a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tgbwidget.com/static/css/main.5985e09c.css
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 30 Aug 2023 12:58:48 GMT
etag: "64ef3d08-27094"
content-type: application/octet-stream
accept-ranges: bytes
content-length: 159892
x-xss-protection: 1; mode=block

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 8E46 8 KB
8 KB 130ms
77ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500%7CPoppins:300,400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 19:33:17 GMT
x-content-type-options: nosniff
age: 417861
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Aug 2024 19:33:17 GMT

GET
H2 200 Poppins-Regular.35d26b781dc5fda684cc.ttf
tgbwidget.com/static/media/ Frame 8E46 155 KB
155 KB 124ms
123ms Font
application/octet-stream 18.218.75.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tgbwidget.com/static/media/Poppins-Regular.35d26b781dc5fda684cc.ttf

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/css/main.5985e09c.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.218.75.13 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-218-75-13.us-east-2.compute.amazonaws.com

Software

Resource Hash

707fdc5c8bab57a90061c6a8ed7b70d5ffb82fc810e994e79f90bace890c255a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tgbwidget.com/static/css/main.5985e09c.css
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 30 Aug 2023 12:58:48 GMT
etag: "64ef3d08-26a20"
content-type: application/octet-stream
accept-ranges: bytes
content-length: 158240
x-xss-protection: 1; mode=block

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 8E46 8 KB
8 KB 127ms
74ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500%7CPoppins:300,400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 05:30:43 GMT
x-content-type-options: nosniff
age: 382015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 05:30:43 GMT

GET
H2 200 Poppins-Medium.673ed42382ab264e0bf5.ttf
tgbwidget.com/static/media/ Frame 8E46 153 KB
153 KB 120ms
119ms Font
application/octet-stream 18.218.75.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tgbwidget.com/static/media/Poppins-Medium.673ed42382ab264e0bf5.ttf

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/css/main.5985e09c.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.218.75.13 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-218-75-13.us-east-2.compute.amazonaws.com

Software

Resource Hash

8d909883de81344e0fbcfef30e931872e92d9aeecdf85b6dcf6e0b28c078e98e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tgbwidget.com/static/css/main.5985e09c.css
Origin: https://tgbwidget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:38 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 30 Aug 2023 12:58:48 GMT
etag: "64ef3d08-26368"
content-type: application/octet-stream
accept-ranges: bytes
content-length: 156520
x-xss-protection: 1; mode=block

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/692125522/ Frame 8E46 3 KB
1 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/692125522/?random=1693409858312&cv=11&fst=1693409858312&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftgbwidget.com%2F%3FcharityID%3D135644916&ref=https%3A%2F%2Fwww.lls.org%2F&hn=www.googleadservices.com&frm=2&tiba=The%20Giving%20Block&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFW73RT&gtm_auth=TAXRt3--3hUY43PhmclkGw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d07f4cdb1140747b14c4d7710328d71b9516017e7938f4a545874d0d4c311df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 15:37:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 8E46 52 KB
21 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFW73RT&gtm_auth=TAXRt3--3hUY43PhmclkGw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 30 Aug 2023 13:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6795
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 30 Aug 2023 15:44:23 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame 8E46 1 KB
702 B 122ms
38ms Script
application/x-javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFW73RT&gtm_auth=TAXRt3--3hUY43PhmclkGw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

09175e4bf29bcada94ab400b8c3fc66a032341f16d2ab497c8503c0f729b63a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 12:14:14 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=57071
accept-ranges: bytes
content-length: 491

GET
H2 200 hotjar-2773626.js Show response
static.hotjar.com/c/ Frame 8E46 9 KB
4 KB 132ms
65ms Script
application/javascript 52.222.139.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2773626.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFW73RT&gtm_auth=TAXRt3--3hUY43PhmclkGw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.139.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-139-19.ams50.r.cloudfront.net

Software

Resource Hash

13d4d39305baf3cd4bfcca7e22939cb0d4c40b883357885c0f787a5556e3b118

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:38 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 ff34f581ad0f4009e4c404975952e7f0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
etag: W/d02809f44778e28160ec8766cb40b8b0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 9O7BNNvDUxW3wmrHDqPrMYNgZT58YsSE4AQaI1js-PV6BRqJwU_KuA==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ Frame 8E46 56 KB
15 KB 142ms
34ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFW73RT&gtm_auth=TAXRt3--3hUY43PhmclkGw&gtm_preview=env-1&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:38 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-etou8220024-FRA

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ Frame 8E46 23 KB
8 KB 75ms
23ms Script
application/javascript 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFW73RT&gtm_auth=TAXRt3--3hUY43PhmclkGw&gtm_preview=env-1&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:38 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7409

GET
H2 200 ijckla7xb0 Show response
www.clarity.ms/tag/ Frame 8E46 1023 B
1 KB 198ms
116ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ijckla7xb0?ref=gtm2
Requested by: Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1070488cb31ca9a2cf7182c240f7da0f377308dfdf248af3679caab48bdc08d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: -1
date: Wed, 30 Aug 2023 15:37:38 GMT
x-azure-ref: 20230830T153738Z-3m8ey8nkvd087exf37d0h6vdzw00000006hg00000001fr9q
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1023
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 8E46 286 KB
92 KB 46ms
46ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B61YEXCGZ2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFW73RT&gtm_auth=TAXRt3--3hUY43PhmclkGw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

465f71e36d9f0c8ed6ac2458e558790f11b0ffcc318e1141adbf7cbb03eaf1eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93957
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 30 Aug 2023 15:37:38 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/692125522/ Frame 8E46 42 B
64 B 36ms
36ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/692125522/?random=1693409858312&cv=11&fst=1693407600000&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftgbwidget.com%2F%3FcharityID%3D135644916&ref=https%3A%2F%2Fwww.lls.org%2F&frm=2&tiba=The%20Giving%20Block&fmt=3&is_vtc=1&random=2754343698&rmt_tld=0&ipr=y

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=135644916

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 15:37:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/692125522/ Frame 8E46 42 B
64 B 35ms
34ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/692125522/?random=1693409858312&cv=11&fst=1693407600000&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftgbwidget.com%2F%3FcharityID%3D135644916&ref=https%3A%2F%2Fwww.lls.org%2F&frm=2&tiba=The%20Giving%20Block&fmt=3&is_vtc=1&random=2754343698&rmt_tld=1&ipr=y

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=135644916

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 15:37:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 1A79 55 KB
31 KB 50ms
50ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ&co=aHR0cHM6Ly90Z2J3aWRnZXQuY29tOjQ0Mw..&hl=de&type=image&v=0hCdE87LyjzAkFO5Ff-v7Hj1&theme=light&size=invisible&badge=bottomright&cb=owc80scxiey

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/js/main.80fa4128.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a01b7f5d331b098ecdcba202679473422b6785ed5fead92d773804bc56ecab77

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nWMR7w3OuRQtY0XQgPU74A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tgbwidget.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 31351
content-security-policy: script-src 'report-sample' 'nonce-nWMR7w3OuRQtY0XQgPU74A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 15:37:38 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 main.css
prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/frs/ Frame C642 1 MB
143 KB 69ms
51ms Stylesheet
text/css 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/frs/main.css

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/390400/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c303c87ed727ae26835c51ee27d5729d304e19c93a647319441ecdb393ca81b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: QM4NBN2SH2W2G11Z
age: 57995
cf-polished: origSize=1130287
x-amz-server-side-encryption: AES256
x-amz-id-2: dVP1TfeiTLtvCEEvwgscZ0x+1y8SKhRjYicON3eBZ+ZtAmVUd6af7EMNFC31I60ALUkKnCqiuwg=
cf-bgj: minify
last-modified: Mon, 28 Aug 2023 20:29:59 GMT
server: cloudflare
etag: W/"0c4c020a54f2cc15ee062d9d549911c7"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 7fee1dbf8b789280-FRA

GET
H2 200 ddplugin.css
files.doublethedonation.com/app/ Frame C642 154 KB
26 KB 283ms
23ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/app/ddplugin.css
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/390400/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CF6) /
Resource Hash: fd3eec8037d2a554fa5cea4e654e265e908623e3ede0621cfb89f3aea6611386

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 30 Aug 2023 15:37:38 GMT
content-encoding: gzip
content-md5: +KHz5mdSRxNBPtuHqT3WZA==
age: 560
x-cache: HIT
content-length: 26172
x-ms-lease-status: unlocked
last-modified: Tue, 29 Aug 2023 18:03:56 GMT
server: ECAcc (frc/4CF6)
etag: 0x8DBA8BA50400FF2
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
x-ms-request-id: a089476d-b01e-0022-7f56-db8018000000
cache-control: public, max-age=3600;
x-ms-version: 2009-09-19
expires: Wed, 30 Aug 2023 16:37:38 GMT

GET
H2 200 airgap.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame C642 131 KB
45 KB 110ms
26ms Script
application/javascript 2600:9000:2250:c00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/390400/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:c00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

3a97639f32ac5f603e8d12fcc742ac9fe917917ce294b42015fe7c58510a5f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:38 GMT
content-encoding: br
via: 1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
x-content-type-options: nosniff
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: psn2dzV5tpKvNdyNezmwnM_9aVPs0dcKjhxn4m3V9aNkErgod094IQ==
x-xss-protection: 1; mode=block

GET
H2 200 rp.gif
alb.reddit.com/ Frame 8E46 42 B
637 B 236ms
121ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1693409858462&id=t2_cdcf5fdn&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=0d47f456-1021-4163-847b-e29fae7ce766&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by: Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=135644916
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:38 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame 8E46 13 KB
5 KB 38ms
37ms Script
application/x-javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 12:14:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=57187
accept-ranges: bytes
content-length: 4862

GET
H2 200 modules.a3468f42d231409b8e10.js Show response
script.hotjar.com/ Frame 8E46 223 KB
55 KB 88ms
27ms Script
application/javascript 52.222.236.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.a3468f42d231409b8e10.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2773626.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-63.fra56.r.cloudfront.net

Software

Resource Hash

0554d35c1bd2cf97476fb414cd0ec781e4702a8c6de954c6330f4c27d59fbd61

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 11:46:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 13892
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55526
last-modified: Wed, 30 Aug 2023 11:45:39 GMT
etag: "c13decd92d1f1836fb24b886803ca070"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: vjobnfwVq4kow6WXH0rfXl7-tpy8cnAISKn7a7f3nP87GqaUdHVswA==

GET
H2 200 adsct
t.co/i/ Frame 8E46 43 B
376 B 258ms
203ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=6230bc92-82db-412d-84bb-91ee59820709&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ed3707e5-dc8f-47fa-82ac-1732076970a6&tw_document_href=https%3A%2F%2Ftgbwidget.com%2F%3FcharityID%3D135644916&tw_document_referrer=https%3A%2F%2Fwww.lls.org%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7wdw&type=javascript&version=2.3.29

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=135644916

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-response-time: 182
date: Wed, 30 Aug 2023 15:37:38 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 09ee0c23d1d74b97
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 59d60a17a32fee435f605752c2d0291229ec792544b74eae2b3650a516b07976
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 8E46 43 B
395 B 193ms
138ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=6230bc92-82db-412d-84bb-91ee59820709&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ed3707e5-dc8f-47fa-82ac-1732076970a6&tw_document_href=https%3A%2F%2Ftgbwidget.com%2F%3FcharityID%3D135644916&tw_document_referrer=https%3A%2F%2Fwww.lls.org%2F&tw_iframe_status=1&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7wdw&type=javascript&version=2.3.29

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=135644916

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-response-time: 109
date: Wed, 30 Aug 2023 15:37:38 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: bdc78acb8313e743
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 0f03a3a9234708aa4d17036bb48f4993b9839e8d4d64d3cc593b5c49722b0330
content-length: 43

GET
H2 200 rocket-loader.min.js Show response
givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame C642 12 KB
4 KB 25ms
24ms Script
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: givenow.lls.org
URL: https://givenow.lls.org/give/390400/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/give/390400/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 23 Aug 2023 13:09:20 GMT
server: cloudflare
content-encoding: gzip
etag: W/"64e60500-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7fee1dc058a58fd1-FRA
expires: Fri, 01 Sep 2023 15:37:38 GMT

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame C642 20 KB
7 KB 113ms
67ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: givenow.lls.org
URL: https://givenow.lls.org/give/390400/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://givenow.lls.org/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:38 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7fee1dc0dc59bb5f-FRA

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 1A79 55 KB
24 KB 70ms
23ms Stylesheet
text/css 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ&co=aHR0cHM6Ly90Z2J3aWRnZXQuY29tOjQ0Mw..&hl=de&type=image&v=0hCdE87LyjzAkFO5Ff-v7Hj1&theme=light&size=invisible&badge=bottomright&cb=owc80scxiey

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Aug 2024 13:58:58 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 1A79 454 KB
182 KB 82ms
35ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188627
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 186637
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Aug 2024 11:13:51 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3516122/domain/tgbwidget.com/ Frame 8E46 36 B
374 B 98ms
23ms XHR
application/json 2600:9000:20eb:fc00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3516122/domain/tgbwidget.com/token
Requested by: Host: tgbwidget.com
URL: https://tgbwidget.com/static/js/main.80fa4128.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:fc00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://tgbwidget.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:01:55 GMT
content-encoding: gzip
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 2143
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: HoVIysnaAoSnXkcbX2gjlBVO-MOA_3weW70FJe2CN22a1-XR2p7Bgw==

GET
H2

200

collect
px4.ads.linkedin.com/ Frame 8E46
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3516122&time=1693409858523&url=https%3A%2F%2Fwww.lls.org%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3516122&time=1693409858523&url=https%3A%2F%2Fwww.lls.org%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3516122%26time%3D1693409858523%26url%3Dhttps%253A%252F%252Fwww.lls.org%252F%26coo...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3516122&time=1693409858523&url=https%3A%2F%2Fwww.lls.org%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3516122&time=1693409858523&url=https%3A%2F%2Fwww.lls.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQIHvdNPsfa2JQAAAYpHF9gcRx2rizRG6fVGqmX0f26o8XIb_...

0
268 B

295ms
203ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3516122&time=1693409858523&url=https%3A%2F%2Fwww.lls.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQIHvdNPsfa2JQAAAYpHF9gcRx2rizRG6fVGqmX0f26o8XIb_duSZYMBMcCGMl5NA3LqRSQNoz2S
Requested by: Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=135644916
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:39 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: D6BC4CB042A34D33AB6D643FB43D4F1F Ref B: DUS30EDGE0314 Ref C: 2023-08-30T15:37:40Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYEJbUsSF3rYFTHrvQs2g==

Redirect headers

date: Wed, 30 Aug 2023 15:37:39 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: CB62D4585B234A0EBAF39DF460E6FDCC Ref B: FRAEDGE1310 Ref C: 2023-08-30T15:37:39Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3516122&time=1693409858523&url=https%3A%2F%2Fwww.lls.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQIHvdNPsfa2JQAAAYpHF9gcRx2rizRG6fVGqmX0f26o8XIb_duSZYMBMcCGMl5NA3LqRSQNoz2S
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYEJbUkEJD6QBrtsBhiLA==

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.10/ Frame 8E46 57 KB
24 KB 48ms
48ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.10/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ijckla7xb0?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:38 GMT
content-encoding: br
last-modified: Wed, 30 Aug 2023 13:00:13 GMT
etag: W/"0x8DBA9590CF82A62"
vary: Accept-Encoding
x-azure-ref: 20230830T153738Z-3m8ey8nkvd087exf37d0h6vdzw00000006hg00000001frae
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 824507aa-201e-006e-2d46-db7bf4000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 1A79 2 KB
2 KB 24ms
24ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 01:27:29 GMT
x-content-type-options: nosniff
age: 51009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 06 Sep 2023 01:27:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1A79 15 KB
15 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 08:35:58 GMT
x-content-type-options: nosniff
age: 370900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 08:35:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1A79 15 KB
15 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:41:40 GMT
x-content-type-options: nosniff
age: 78958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Aug 2024 17:41:40 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 1A79 102 B
134 B 36ms
35ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c548ab92911cb0c3db4cbbe04248ddbfd4f50759d33b73ba54f6086cb7716b68

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ&co=aHR0cHM6Ly90Z2J3aWRnZXQuY29tOjQ0Mw..&hl=de&type=image&v=0hCdE87LyjzAkFO5Ff-v7Hj1&theme=light&size=invisible&badge=bottomright&cb=owc80scxiey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 30 Aug 2023 15:37:38 GMT

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ Frame 8E46 0
293 B 367ms
112ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: tgbwidget.com
URL: https://tgbwidget.com/static/js/main.80fa4128.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://tgbwidget.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://tgbwidget.com
Date: Wed, 30 Aug 2023 15:37:39 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 27ms
27ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=489186234582967&ev=Microdata&dl=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252&rl=&if=false&ts=1693409858713&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Donate%20Cryptocurrency%20%7C%20Leukemia%20and%20Lymphoma%20Society%22%2C%22meta%3Adescription%22%3A%22LLS%20now%20accepts%20cryptocurrency%20donations%2C%20like%20Bitcoin.%20When%20you%20donate%20to%20LLS%2C%20you%20not%20only%20save%20lives%2C%20you%20can%20lower%20your%20tax%20bill.%20Help%20LLS%20fund%20lifesaving%20research%20and%20critical%20information%20to%20patients%20throughout%20their%20cancer%20journey.%22%2C%22meta%3Akeywords%22%3A%22donate%20bitcoin%2C%20donate%20cryptocurrency%2C%20donate%20Ethereum%2C%20cancer%20donation%2C%20cancer%20research%20donation%2C%20childhood%20cancer%20donation%2C%20cryptocurrencies%2C%20charities%20accepting%20bitcoin%2C%20charities%20accepting%20cryptocurrencies%2C%20donate%20pediatric%20cancer%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.125&r=stable&ec=1&o=30&fbp=fb.1.1693409857189.387978127&eid=ob3_plugin-set_453d8c9e10ced6b92d4753ec61c75120db34a5785dea8c36debb041e290ba45f&it=1693409856823&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 30 Aug 2023 15:37:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 xdi.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame C642 26 KB
12 KB 71ms
28ms Script
text/javascript 2600:9000:2250:c00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/xdi.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:c00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3dda1bc1dc1466b3dd828774a2a6132d169fe952be52107dacb0cd9f6d7c4d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://givenow.lls.org/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: H_AgrqnfWvCrfTHhwHRNI2ODogYufnND
content-encoding: gzip
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
date: Wed, 30 Aug 2023 03:37:35 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 43204
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 17 Aug 2023 00:28:15 GMT
server: AmazonS3
etag: W/"9be013ecebf7e02f5ca8abc57fd6ba92-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: ZFX1iDfhhLIVaLwG0OznMjdPnZ6R7Gmy5OcphPOd97v2_eyRkpinyA==

GET
H2 200 ui.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame C642 267 KB
77 KB 40ms
25ms Script
text/javascript 2600:9000:2250:c00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ui.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:c00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

899634df29a5b6a5097ff3fb06cccfcd398d2885ae0326749c8bbdfcec5538c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://givenow.lls.org/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: mOguFFa50wjqo4NoUS75IS3hRRwYoYce
content-encoding: gzip
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
date: Wed, 30 Aug 2023 00:49:52 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 53267
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 17 Aug 2023 00:28:15 GMT
server: AmazonS3
etag: W/"e8412e4f3c2ac8f356560b4841e848cb-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: KFohajU-GuPBXke9i9swbeq4Xf4j_NOHrNJK6feGonf-GTTiQF-fmg==

GET
H2 200 iframe-v3.min.js Show response
htp.tokenex.com/iframe/ Frame C642 18 KB
5 KB 590ms
143ms Script
application/javascript 52.143.247.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://htp.tokenex.com/iframe/iframe-v3.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8028a80160247b9a0c01d7986bf837f839a67521874b58b436d82a5e09353a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 30 Aug 2023 15:37:38 GMT
last-modified: Tue, 22 Aug 2023 20:27:22 GMT
etag: "03110e37d5d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4786
x-xss-protection: 1; mode=block

GET
H2 200 paypal-js.legacy.min.js Show response
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ Frame C642 7 KB
3 KB 91ms
36ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:39 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 10919579
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GYY3RGJ4D9XSPG1ZQF9BXTDW-fra
server: cloudflare
etag: W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7fee1dc2bce6367d-FRA

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/frs/donation/ Frame C642 182 KB
37 KB 49ms
48ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/frs/donation/module.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f1f13c056eade7f7dc72195f4c4a2a94ee3baf4afa841a1f2e0d33b54c12e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Aug 2023 20:29:59 GMT
server: cloudflare
x-amz-request-id: QM4Q53P98Z8G38BH
age: 57995
etag: W/"98325479de57f0d3a5a13763f7a02406"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7fee1dc26fc49280-FRA
x-amz-id-2: /EKmSRi4FZHkanFjIj0o4IuDPaGpOV7an0bbBk2C4ToQIAxJM2V9us8FOxrFMc6sko9rZPJuhXs=

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/global/ Frame C642 2 MB
383 KB 56ms
54ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/global/module.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c4dd509c18fc1d84f3cfe2862748eadbf3470baebabae235b9a4fa3b4a592d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Aug 2023 20:30:00 GMT
server: cloudflare
x-amz-request-id: QM4QTEM7ZTT7KQQT
age: 58038
etag: W/"1687f7f3e6ea563c55eb0dd63b8f6029"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7fee1dc26fc59280-FRA
x-amz-id-2: 2nXv3h70y0/QnpMoHl7G/1OMoqGC0ZSdUPteFzoLcY9luTDxjwEy5YF0V/osVjVFc0xN4rmqcQU=

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/global/ Frame C642 1 MB
430 KB 59ms
58ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/global/libs.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Aug 2023 20:30:00 GMT
server: cloudflare
x-amz-request-id: QM4QSZWE2AYQVFV4
age: 58038
etag: W/"772e1301b871cc2545926cb86ee5965f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 7fee1dc26fc79280-FRA
x-amz-id-2: 1O1thgBouV6FsetlGcApKyS+tq7uSJwE43pWUC0VjB5YCiZWchMQOwaI8iZ3eiSS0ASwgQ2HTak=

GET
H2 200 braintree.js Show response
js.braintreegateway.com/v2/ Frame C642 175 KB
50 KB 121ms
22ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/v2/braintree.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBB) /

Resource Hash

2f57fab97c15bf3519176fcd494f12d36d24ca3d761a787a1e66a1058bc6b30f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:39 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Mon, 21 Aug 2023 21:19:36 GMT
server: ECAcc (frc/4CBB)
etag: "64e3d4e8-2bc3c+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 50985
expires: Thu, 31 Aug 2023 15:37:39 GMT

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ Frame C642 143 KB
43 KB 107ms
49ms Script
application/javascript 13.32.121.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-78.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c9b09598483b7091f36e95542d9c40ecb7018101c537d55948a4a36e3e555208

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: q.kHGly4.NeAZuVOA8lBewOVfE9iH6n1
content-encoding: gzip
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
date: Tue, 29 Aug 2023 19:35:42 GMT
x-amz-request-id: GV96AC0NKZBAB9M6
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
age: 72166
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: kRwuEsZqzZgRhCKzgrSfmUeLgjFgodp+LMOsEDT0y4YNfTIU981iEWEmkN7ovHgeP45m/tMvkToHefdCiIYk+0ExOL03L2erpkCf9XEjMko=
last-modified: Tue, 22 Aug 2023 19:11:37 GMT
server: AmazonS3
etag: W/"1ef72301cbb3ab3094f44a817baefea1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: NUW91WWUpDpJeQvPbdnt2U-Lz2M-QIixCpTDylYrCwn9I10dn_haTA==

GET
H2 200 / Show response
js.stripe.com/v3/ Frame C642 524 KB
146 KB 88ms
23ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0364f06b1f86c5783648c8a418d1762f4478eda2ee2bf3f771eb78566bafae36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 30 Aug 2023 15:37:39 GMT
via: 1.1 varnish
age: 37
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 149370
x-request-id: 7c1fc23c-69f4-4550-92fb-cac4f91556bd
x-served-by: cache-fra-eddf8230125-FRA
last-modified: Tue, 29 Aug 2023 21:17:38 GMT
server: Fastly
etag: "d6d433dc3980e1591f874a06fd4eae57"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 10

GET
H2 200 ddplugin.js Show response
files.doublethedonation.com/app/ Frame C642 446 KB
115 KB 23ms
23ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/app/ddplugin.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C94) /
Resource Hash: 31d60aa93510814063d487e3450e139d51650d791ba2c1060f38f1c93b2cdea4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 30 Aug 2023 15:37:38 GMT
content-encoding: gzip
content-md5: 6owxf5KROs6sxv+SswgBMA==
age: 509
x-cache: HIT
content-length: 117184
x-ms-lease-status: unlocked
last-modified: Tue, 29 Aug 2023 18:03:56 GMT
server: ECAcc (frc/4C94)
etag: 0x8DBA8BA504F9E0D
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-ms-request-id: c36694bb-d01e-001b-6756-db7b04000000
cache-control: public, max-age=3600;
x-ms-version: 2009-09-19
expires: Wed, 30 Aug 2023 16:37:38 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame B1F8 7 KB
1 KB 37ms
36ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

76d77de6d13d886adeb5c992461890d2a44a168aeae0935353a1299373129c91

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZuSt7PVmWkQDlu26w0snmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tgbwidget.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1158
content-security-policy: script-src 'report-sample' 'nonce-ZuSt7PVmWkQDlu26w0snmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 30 Aug 2023 15:37:38 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame B1F8 55 KB
24 KB 23ms
23ms Stylesheet
text/css 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 13:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Aug 2024 13:58:58 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame B1F8 454 KB
182 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 11:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 186637
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Aug 2024 11:13:51 GMT

POST
H2 200 initialize Show response
widget-backend.tgbwidget.com/v1/ Frame 8E46 589 B
937 B 136ms
136ms Fetch
application/json 3.20.118.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget-backend.tgbwidget.com/v1/initialize

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/static/js/main.80fa4128.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.20.118.146 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-20-118-146.us-east-2.compute.amazonaws.com

Software

Resource Hash

c839c2208fbbc806ee7626ed839c22205212254797d7d7b9fe17c3ac7d36ba6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tgbwidget.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type: application/json

Response headers

x-response-time: 17ms
date: Wed, 30 Aug 2023 15:37:39 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-rate-limit-limit: 10
x-rate-limit-remaining: 8
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-rate-limit-reset: 1693409859
request-id: 31e84588-0cbc-4cce-a0de-9a270f139c38
content-length: 589
x-xss-protection: 1; mode=block

OPTIONS
H2 204 initialize
widget-backend.tgbwidget.com/v1/ Frame 0
0 118ms
117ms Preflight 3.20.118.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget-backend.tgbwidget.com/v1/initialize

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.20.118.146 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-20-118-146.us-east-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://tgbwidget.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,Content-Language,Cache-Control
access-control-allow-methods: PUT,GET,POST,DELETE,OPTIONS
access-control-allow-origin: *
date: Wed, 30 Aug 2023 15:37:39 GMT
request-id: 63684572-ad7b-4e53-9207-7e59bef6146e
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 2ms
x-xss-protection: 1; mode=block

GET
H2 200 cm.css
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ Frame C642 15 KB
4 KB 24ms
24ms Stylesheet
text/css 2600:9000:2250:c00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/cm.css

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:c00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4b30da9caad65ee78eaa78e84571694935dbdcc393b1d7302eeb8c1ac9b2735a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: JktQoJ3p0lwNVfLIX1f9l7z_aVDIV4FZ
content-encoding: gzip
via: 1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
date: Wed, 30 Aug 2023 00:41:47 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 53753
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 17 Aug 2023 00:28:15 GMT
server: AmazonS3
etag: W/"0e0e602f03ad86f1ce7418fdf404c358-1"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: RjcxZEBnUe9i-8VnAe92MGXw5_EORvVDVI2S75KLeRswo1wTIquQow==

GET
H2 200 en.json Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/ Frame C642 7 KB
2 KB 22ms
21ms Fetch
application/json 2600:9000:2250:c00:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/en.json

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:c00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d753ba5858b763254777232595736e27632ba3439f807d29cf31c86c4238dafe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: dY.Ta22mfWflC_K00ChDRhry1fKhcjeI
content-encoding: gzip
via: 1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
date: Wed, 30 Aug 2023 03:57:47 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 41993
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 17 Aug 2023 00:28:15 GMT
server: AmazonS3
etag: W/"63e4f221e16698c8d308c98241b7078f-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: xY-KuWa9KRE4SW-y2Px_Ts0YlC_1BTZqLZGbWLHOK6lvMZZW3RnaRQ==

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame B1F8 40 KB
24 KB 109ms
109ms XHR
application/json 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0013fa19576bc229ac65c62f63811cecdf81e8fa52ccb1d2ff6910f98ac9640c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 30 Aug 2023 15:37:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24902
x-xss-protection: 1; mode=block
expires: Wed, 30 Aug 2023 15:37:39 GMT

GET
H2 200 sdk.js Show response
givenow.lls.org/sso/ Frame C642 26 KB
7 KB 510ms
510ms Script
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/sso/sdk.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72051eea2680cb85200568da3f230eb824e7c40e206c010376021de4a96021b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/give/390400/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 30 Aug 2023 14:43:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=1200
cf-ray: 7fee1dc4df748fd1-FRA
expires: Wed, 30 Aug 2023 15:57:39 GMT

GET
H2 200 LLS.jpg
static.tgbwidget.com/ Frame 8E46 8 KB
8 KB 615ms
508ms Image
image/jpeg 52.222.139.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tgbwidget.com/LLS.jpg
Requested by: Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=135644916
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-101.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f9da6e7045ce48b13bab551c010dfd61808e1234ace9dc8147058d5e843653d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
via: 1.1 dbd13e5e9621f4e45e6a452ed9862bf0.cloudfront.net (CloudFront)
last-modified: Fri, 17 Jun 2022 11:27:24 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
etag: "7d2c2d2ca0529e130b0c98b0d14979e0"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 7777
x-amz-cf-id: iFC1YB2gLj0ozKqftcyIh0M_9PSiAQ1UsD9ree_-uuMzu0491XskZw==

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame B1F8 600 B
624 B 25ms
24ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 09:41:47 GMT
x-content-type-options: nosniff
age: 366952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 02 Sep 2023 09:41:47 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame B1F8 530 B
554 B 26ms
25ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 15:22:46 GMT
x-content-type-options: nosniff
age: 432893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 01 Sep 2023 15:22:46 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame B1F8 665 B
689 B 26ms
25ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 03:43:50 GMT
x-content-type-options: nosniff
age: 474829
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 01 Sep 2023 03:43:50 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B1F8 15 KB
15 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=135644916

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 08:35:58 GMT
x-content-type-options: nosniff
age: 370901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 08:35:58 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B1F8 15 KB
15 KB 34ms
33ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=135644916

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 03:38:02 GMT
x-content-type-options: nosniff
age: 475177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Aug 2024 03:38:02 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B1F8 15 KB
15 KB 25ms
24ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=135644916

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:41:40 GMT
x-content-type-options: nosniff
age: 78959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Aug 2024 17:41:40 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame B1F8 30 KB
31 KB 36ms
35ms Image
image/jpeg 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06ADUVZwDjwwVJOhx19jMo6D8gwCStE2NhOfKd62DSMlu2H6uFhTZWeG0hJh17O9ukKa2Z7XzvM3EFEecEc3KDfUmRrl2bE9ftnhRCj_JhoCgaWyG7tSOI7nt6PpPF5gAsiz6t-NkSerLKl_fAJ_6LM0uPCi3zZLEfrUckMNqEQ_8_2xCfJGZY7s031c022jkOsUBVOfV4L4fOIEbhrCfcM3yIDSmC97pZ9A&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ

Requested by

Host: tgbwidget.com
URL: https://tgbwidget.com/?charityID=135644916

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ddd67054c303ec881ac73d874b557e2d4b70d97f64a09f67278f3e8ae3e6d48e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LdOc_AiAAAAACU6F_veeBQz_9JRD8AAoARx0_rJ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:39 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31218
x-xss-protection: 1; mode=block
expires: Wed, 30 Aug 2023 15:37:39 GMT

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame C55E 200 B
788 B 23ms
23ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 20622312
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 30 Aug 2023 15:37:39 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 21 Dec 2022 18:20:45 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 584127
x-content-type-options: nosniff
x-request-id: d20f8ca2-4357-4b16-a0b1-63e09f5f7e11
x-served-by: cache-fra-eddf8230125-FRA

GET
H2 200 iframe_api Show response
www.youtube.com/ Frame C642 993 B
2 KB 102ms
51ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

184ec0ea51ee2025234c8a4fdecd4fc8ec282bb57540110bc4294e29173e6273

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'report-sample' 'nonce-EjzIGgRfCZQsKUwEgWpdSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 30 Aug 2023 15:37:39 GMT

POST
H2 204 rum Show response
givenow.lls.org/cdn-cgi/ Frame C642 0
165 B 25ms
24ms XHR
text/plain 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/cdn-cgi/rum?

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-fe1d1d7ffee06344----1693409859732
traceparent: 00-8ab8b14b274b2e468505fd3e6b04b600-fe1d1d7ffee06344-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJmZTFkMWQ3ZmZlZTA2MzQ0IiwidHIiOiI4YWI4YjE0YjI3NGIyZTQ2ODUwNWZkM2U2YjA0YjYwMCIsInRpIjoxNjkzNDA5ODU5NzMyfX0=
content-type: application/json
Referer: https://givenow.lls.org/give/390400/

Response headers

date: Wed, 30 Aug 2023 15:37:39 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://givenow.lls.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7fee1dc76af08fd1-FRA

GET
H2 200 channels Show response
givenow.lls.org/frs-api/campaigns/390400/ Frame C642 1 KB
705 B 472ms
472ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/frs-api/campaigns/390400/channels?filter=channel_name%3DDoubletheDonation

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9c236101e3d93235bb9399cb76917a31f284f25e51ef5257af0878b3c893fc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: ZQFEjkDG-10i5gMhcNuO0y899iWL7S8R6pmY
tracestate: 423787@nr=0-1-423787-363751183-0db211aa89cdc711----1693409859737
traceparent: 00-c6c5f386ffc2974a7be2a7b8545d8000-0db211aa89cdc711-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIwZGIyMTFhYTg5Y2RjNzExIiwidHIiOiJjNmM1ZjM4NmZmYzI5NzRhN2JlMmE3Yjg1NDVkODAwMCIsInRpIjoxNjkzNDA5ODU5NzM3fX0=
Accept: application/json, text/plain, */*
csrf-token: ZQFEjkDG-10i5gMhcNuO0y899iWL7S8R6pmY
Referer: https://givenow.lls.org/give/390400/

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"40d-wMh3HV4RHXG0nwBjYwPxk/iX6ts"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7fee1dc76aff8fd1-FRA

GET
H2 200 tax-entities Show response
givenow.lls.org/frs-api/organizations/33874/ Frame C642 629 B
402 B 451ms
450ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/frs-api/organizations/33874/tax-entities

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e845b78d08276cc75ccfd4677a46b35d3f9c6c5f0cbca24aca703e93e9acead

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: ZQFEjkDG-10i5gMhcNuO0y899iWL7S8R6pmY
tracestate: 423787@nr=0-1-423787-363751183-3d09197f2071e116----1693409859794
traceparent: 00-c5858feaa9a4ebdfcc16ab757f6bf900-3d09197f2071e116-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIzZDA5MTk3ZjIwNzFlMTE2IiwidHIiOiJjNTg1OGZlYWE5YTRlYmRmY2MxNmFiNzU3ZjZiZjkwMCIsInRpIjoxNjkzNDA5ODU5Nzk0fX0=
Accept: application/json, text/plain, */*
csrf-token: ZQFEjkDG-10i5gMhcNuO0y899iWL7S8R6pmY
Referer: https://givenow.lls.org/give/390400/

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"275-goU9WbnvXXy73R7J46uuF/eIMys"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7fee1dc7cb518fd1-FRA

GET
H2 200 ach-account-routing Show response
givenow.lls.org/frs-api/organizations/33874/ Frame C642 32 B
168 B 474ms
473ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/frs-api/organizations/33874/ach-account-routing

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ca9d31f3f621954176f2af3955d7b2f691fde115dee35b03fdec5eb889209e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: ZQFEjkDG-10i5gMhcNuO0y899iWL7S8R6pmY
tracestate: 423787@nr=0-1-423787-363751183-869403b97fbf1163----1693409859885
traceparent: 00-a248352f755919b59d2ec37bb5410e00-869403b97fbf1163-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI4Njk0MDNiOTdmYmYxMTYzIiwidHIiOiJhMjQ4MzUyZjc1NTkxOWI1OWQyZWMzN2JiNTQxMGUwMCIsInRpIjoxNjkzNDA5ODU5ODg1fX0=
Accept: application/json, text/plain, */*
csrf-token: ZQFEjkDG-10i5gMhcNuO0y899iWL7S8R6pmY
Referer: https://givenow.lls.org/give/390400/

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"20-IrwpdIgvwDw+aj4yRYzT7Xca9EM"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7fee1dc85bff8fd1-FRA
content-length: 32

GET
H2 200 currency-conversions Show response
givenow.lls.org/frs-api/i18n/ Frame C642 75 B
211 B 425ms
424ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/frs-api/i18n/currency-conversions?amount=1&from=USD&to=EUR

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8823c996823d4b9b66e2e763594f74b2660ad26a3749dc30f7aa7fd7ddcab2eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: ZQFEjkDG-10i5gMhcNuO0y899iWL7S8R6pmY
tracestate: 423787@nr=0-1-423787-363751183-0750fcf79f0a34ae----1693409859907
traceparent: 00-722bb327cce044295b2fe83fe2fa5900-0750fcf79f0a34ae-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIwNzUwZmNmNzlmMGEzNGFlIiwidHIiOiI3MjJiYjMyN2NjZTA0NDI5NWIyZmU4M2ZlMmZhNTkwMCIsInRpIjoxNjkzNDA5ODU5OTA3fX0=
Accept: application/json, text/plain, */*
csrf-token: ZQFEjkDG-10i5gMhcNuO0y899iWL7S8R6pmY
Referer: https://givenow.lls.org/give/390400/

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"4b-0BChZ8IdKg+PF3QpYFfgT9m2bGI"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7fee1dc87c418fd1-FRA

GET
H2 200 braintree Show response
pay.classy.org/token/ Frame C642 3 KB
2 KB 738ms
559ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/braintree?applicationId=3234&currency=EUR

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c98b1b46a1b380669aaa4a84c3eb49ebddd7b0227e707a3d9715e6ba42012457

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: abeeeef6-fc5f-4be5-a988-c77fb41d9945
cf-ray: 7fee1dc9bd15377b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 plaid Show response
pay.classy.org/token/ Frame C642 88 B
505 B 617ms
438ms XHR
application/json 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=3234&currency=EUR

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://givenow.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-classypay-version: 1
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-classypay-requestid: 19ea148c-0dc1-4286-825e-49122641400f
cf-ray: 7fee1dc9bd16377b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 user-icon.png
givenow.lls.org/static/global/images/ Frame C642 2 KB
2 KB 49ms
46ms Image
image/webp 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://givenow.lls.org/static/global/images/user-icon.png

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/give/390400/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 1852842
cf-polished: origFmt=png, origSize=4588
content-disposition: inline; filename="user-icon.webp"
content-length: 2024
last-modified: Tue, 01 Aug 2023 23:03:30 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "64c98f42-11ec"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7fee1dc89c6a8fd1-FRA
expires: Thu, 08 Aug 2024 04:56:57 GMT

GET
H2 200 df89db70-890a-11ec-ad02-0a79afb50c1f.jpg
assets.classy.org/13648750/ Frame C642 16 KB
17 KB 70ms
59ms Image
image/webp 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/13648750/df89db70-890a-11ec-ad02-0a79afb50c1f.jpg

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ed607c6ab61cc879b8930c811deef44c87dbf7c45c69f7b404dd641a0fc14a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 c0f6d569dc3603537a21705f48d93398.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: hjzDn7mpQQdVqWiFXvyff5zooPFLr.jJ
age: 9065132
x-amz-cf-pop: BAH53-C1
cf-polished: qual=85, origFmt=jpeg, origSize=106162
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="df89db70-890a-11ec-ad02-0a79afb50c1f.webp"
content-length: 16584
last-modified: Tue, 08 Feb 2022 18:13:55 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "4b4db7743425296a33b06ad353486e2c"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 7fee1dc8a9259280-FRA
x-amz-cf-id: paM68wbwAr3OeXsD9tV9lOqhWVOr9jtLRXtAM_xCA-ytQbRr0uMWIA==

GET
H2 200 embedded-giving-logo-visa.svg
prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/global/images/embedded-giving/ Frame C642 1 KB
912 B 47ms
44ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/global/images/embedded-giving/embedded-giving-logo-visa.svg

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f872f37d93f6ad26cfde22f5fd7ae4e99f18c4dc7d3386384f92f845056750b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Aug 2023 20:30:00 GMT
server: cloudflare
x-amz-request-id: Z3QCB180MGDBT8MC
age: 57848
etag: W/"b327a8825ae28019462c8c3f5b4770c0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 7fee1dc8990a9280-FRA
x-amz-id-2: eRcDx/3dLVmp9+CvY7BZiWR9eXf83f2AfASE4Gv+AXvuqRxYFX9jvqdOocXplKC5fFmZUi4fMUk=

GET
H2 200 embedded-giving-logo-amex.svg
prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/global/images/embedded-giving/ Frame C642 1 KB
811 B 45ms
43ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/global/images/embedded-giving/embedded-giving-logo-amex.svg

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65ade054b003fb12ff528ad2640f69f49bca65d9f9d25b53dea8aee0d5d238cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Aug 2023 20:30:00 GMT
server: cloudflare
x-amz-request-id: Z3Q2FPS92SP08SPC
age: 57848
etag: W/"0b1b4bc87aebc780d3ad6095fd447a24"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 7fee1dc8990f9280-FRA
x-amz-id-2: IUyhZGQOhgIzqqhJymWFW6xvAkhk8E6+uH/rdYc8mFU6W82yff7d4D7W/Spz81closYrUZbp/cY=

GET
H2 200 embedded-giving-logo-discover.svg
prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/global/images/embedded-giving/ Frame C642 3 KB
1 KB 40ms
38ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/global/images/embedded-giving/embedded-giving-logo-discover.svg

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0fb4e1235c0c4815d6bd272ce4c9c65579c04f9c6e52a080a66393d01f84293

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Aug 2023 20:30:00 GMT
server: cloudflare
x-amz-request-id: Z3QCVAMBGX667W7M
age: 57848
etag: W/"d51cee8f590a54e755ac3501c1bd7342"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 7fee1dc899129280-FRA
x-amz-id-2: DluMHQmaMsMdn/ocST6L/s/EHJqqTqxBj34QaF5ihPjdkC1l0ZXNVkuNtgrnbS/09wCOTYk1fJQ=

GET
H2 200 embedded-giving-logo-mastercard.svg
prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/global/images/embedded-giving/ Frame C642 1 KB
707 B 45ms
44ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/global/images/embedded-giving/embedded-giving-logo-mastercard.svg

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f88c56c75499f8886bcdbd43330029b3108f9aefb7e496788f448ed36311b90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Aug 2023 20:30:00 GMT
server: cloudflare
x-amz-request-id: Z3Q2PMD7N4HDVY5N
age: 57848
etag: W/"26fb3de4519ed38ceec90bc98250ba1f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 7fee1dc899139280-FRA
x-amz-id-2: oPd0+grts87dvrBFoB5fUdh14iisKTAQ4cM1rYVmov/rShdLOQhAwxQcT7pgL/sv5jaW71YjB7fZeIDzOPQxdvotTi2smqugGBjdx/GXC0k=

GET
H2 200 embedded-giving-shield-icon.svg
prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/global/images/embedded-giving/ Frame C642 6 KB
2 KB 57ms
55ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/global/images/embedded-giving/embedded-giving-shield-icon.svg

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38bc775802a9e96e44997f4e9374726a41d5c781752e590a76ad5a4f06673458

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Aug 2023 20:30:00 GMT
server: cloudflare
x-amz-request-id: Z3QE5WT8BD8V4FG4
age: 57848
etag: W/"46fd834e95514def799fa0626c78233c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 7fee1dc8a9159280-FRA
x-amz-id-2: E4JMy4T7jGDo86VBztNLDNPoYEhm1Re0UdqJFzoz3kjg2XPVomBx2qeRZ4aCjQheihesLgJMwJM=

GET
H2 200 embedded-giving-logo-ach.svg
prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/global/images/embedded-giving/ Frame C642 1 KB
931 B 60ms
59ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/global/images/embedded-giving/embedded-giving-logo-ach.svg

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebeeb6852c8d5689249269cfa59febdad1141a9810331c31d4331f53f47750f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Aug 2023 20:30:00 GMT
server: cloudflare
x-amz-request-id: Z3Q6VEH3VAQ69PX7
age: 57848
etag: W/"d71add3c9962a21340ec557ac0628bf7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 7fee1dc8a9169280-FRA
x-amz-id-2: GgOr0t7fE59wv0qUQ2RC8L+9BPix8CRvwxWHp+/+ZF+9ZvZLGaw4QUHEhdhhlBGAuf5oHlA6HwQ=

GET
H2 200 logo-paypal.svg
givenow.lls.org/static/global/images/payments/ Frame C642 4 KB
3 KB 43ms
42ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://givenow.lls.org/static/global/images/payments/logo-paypal.svg

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

655fc56e3d81e573cdddfd666426b797ac6031526d792ab9f4622894f7fa9031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/give/390400/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Aug 2023 18:23:36 GMT
server: cloudflare
age: 166268
etag: W/"64e4fd28-1042"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7fee1dc89c6d8fd1-FRA
expires: Tue, 27 Aug 2024 17:26:31 GMT

GET
H2 200 dropdown-caret.png
prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/global/images/ Frame C642 394 B
1 KB 49ms
49ms Image
image/webp 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/global/images/dropdown-caret.png

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/frs/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: M50NPPWNZ4D5J4EG
age: 57994
cf-polished: origFmt=png, origSize=547
x-amz-server-side-encryption: AES256
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=2isd89Y_55PFjpcv35bd5juFRsHItqTYlxd8.rU85c4-1693409859-0-AW3XyyBDiRSnDml-Neb7T2AydnOycxmc1OlRQMMzhr9o05OcIpZjlYyCThdgAlSNWOU_XykNVJnYUslrFlfTEPb1b8FlQ8BvTpnIxYJ_trhrq-pUDk4DHwjLIeYQ1JfJ0QQ6H8lt8Wllf4hJhWZKMb2P3XHOhAbXRVTBJqB25pf1RSHtGrJ69UyswD72BOZPfFfwKrkv_hQ3y0AgyEMcfps; report-to cf-csp-endpoint
content-disposition: inline; filename="dropdown-caret.webp"
content-length: 394
x-amz-id-2: rUNHCgJ+XdtjcqqqUjp/Xux9OHfI9qOpwC3bUnEPt2snTaYxSLIfTw6djA2Boqs8WnTSgSk+pQckf3SGGXWBEg==
cf-bgj: imgq:85,h2pri
last-modified: Mon, 28 Aug 2023 20:30:00 GMT
server: cloudflare
etag: "43da60879cfe0801ed7fc830a628885c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=2isd89Y_55PFjpcv35bd5juFRsHItqTYlxd8.rU85c4-1693409859-0-AW3XyyBDiRSnDml-Neb7T2AydnOycxmc1OlRQMMzhr9o05OcIpZjlYyCThdgAlSNWOU_XykNVJnYUslrFlfTEPb1b8FlQ8BvTpnIxYJ_trhrq-pUDk4DHwjLIeYQ1JfJ0QQ6H8lt8Wllf4hJhWZKMb2P3XHOhAbXRVTBJqB25pf1RSHtGrJ69UyswD72BOZPfFfwKrkv_hQ3y0AgyEMcfps"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7fee1dc8a91f9280-FRA

GET
H2 200 ClassyIcons.woff
prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/global/fonts/ Frame C642 42 KB
43 KB 172ms
57ms Font
application/x-font-woff 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/global/fonts/ClassyIcons.woff

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

146949f3e984c96337d5482435d623b959b76f82ceb389c2827daa2be0024cbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/frs/main.css
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: 78EAAAHZ3XDNQE43
age: 24289
x-amz-server-side-encryption: AES256
content-length: 43184
x-amz-id-2: Fk4FVF23XG1q+ns7V1wvo6TQD138OqhovIU/pz+HsxsiFqgGCgyi3WLVZdZAKTU17qPUem5w8GE=
last-modified: Mon, 28 Aug 2023 20:29:59 GMT
server: cloudflare
etag: "c6132881f326dbd0e87722085d141dd0"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/x-font-woff
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7fee1dc95c82377b-FRA

GET
H2 200 fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/fonts/ Frame C642 65 KB
66 KB 173ms
58ms Font
binary/octet-stream 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/frs/main.css
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
x-amz-request-id: 78E8EC16KE6NXHHA
age: 28040
x-amz-server-side-encryption: AES256
content-length: 66624
x-amz-id-2: xA7RfzUc6l+DaUKeOxtv5j+17M2qcKB3y7owJJMuX9ZDbqeLmQmf5JSd+FUK4PHqwkFuOLCCzgg=
last-modified: Mon, 28 Aug 2023 20:29:59 GMT
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7fee1dc95c85377b-FRA

POST
H2 204 rum Show response
givenow.lls.org/cdn-cgi/ Frame C642 0
37 B 25ms
24ms XHR
text/plain 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/cdn-cgi/rum?

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-d3eb16f8f592008a----1693409859939
traceparent: 00-cc2eebae2a22840256ee7b2a00ec9500-d3eb16f8f592008a-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJkM2ViMTZmOGY1OTIwMDhhIiwidHIiOiJjYzJlZWJhZTJhMjI4NDAyNTZlZTdiMmEwMGVjOTUwMCIsInRpIjoxNjkzNDA5ODU5OTM5fX0=
content-type: application/json
Referer: https://givenow.lls.org/give/390400/

Response headers

date: Wed, 30 Aug 2023 15:37:39 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://givenow.lls.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7fee1dc8ac838fd1-FRA

GET
H3 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C55E 631 B
758 B 24ms
24ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 30 Aug 2023 15:37:39 GMT
via: 1.1 varnish
age: 7150947
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 396
x-request-id: 5bbfd789-2d72-4629-8a55-36629bda8b57
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Thu, 08 Jun 2023 20:06:50 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 559675

GET
H2 200 css
fonts.googleapis.com/ Frame C642 11 KB
841 B 51ms
50ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

53269878d5aafc41b44e729d4c787220da4cf746689526d56605f75ec697b167

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 30 Aug 2023 15:37:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 30 Aug 2023 15:37:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Aug 2023 15:37:39 GMT

GET
H2 200 transaction-estimates Show response
givenow.lls.org/frs-api/campaign/390400/ Frame C642 366 B
238 B 491ms
490ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/frs-api/campaign/390400/transaction-estimates?amex=false&amount=100&currency=USD&fot=false&international=false&payment_method=DW&processor_name=STRIPE

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5d5aeb431c1b58b5833010916188860ad90869f8c7d1ac3942b061279ccaaad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: ZQFEjkDG-10i5gMhcNuO0y899iWL7S8R6pmY
tracestate: 423787@nr=0-1-423787-363751183-0068c12f4558fcfa----1693409859953
traceparent: 00-0cc99dadab6d46e5b699a84d7b89e600-0068c12f4558fcfa-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIwMDY4YzEyZjQ1NThmY2ZhIiwidHIiOiIwY2M5OWRhZGFiNmQ0NmU1YjY5OWE4NGQ3Yjg5ZTYwMCIsInRpIjoxNjkzNDA5ODU5OTUzfX0=
Accept: application/json, text/plain, */*
csrf-token: ZQFEjkDG-10i5gMhcNuO0y899iWL7S8R6pmY
Referer: https://givenow.lls.org/give/390400/

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"16e-3sTxEBd0jVVEoEAIIVRWIBpIZ+8"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 7fee1dc8cc9e8fd1-FRA

GET
H2 200 transaction-estimates Show response
givenow.lls.org/frs-api/campaign/390400/ Frame C642 366 B
941 B 432ms
432ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/frs-api/campaign/390400/transaction-estimates?amex=false&amount=100&currency=USD&fot=false&international=false&payment_method=DW&processor_name=STRIPE

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5d5aeb431c1b58b5833010916188860ad90869f8c7d1ac3942b061279ccaaad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: ZQFEjkDG-10i5gMhcNuO0y899iWL7S8R6pmY
tracestate: 423787@nr=0-1-423787-363751183-878338c750a6b835----1693409859954
traceparent: 00-7d7e62136cf0f98ccea2de92858f8300-878338c750a6b835-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI4NzgzMzhjNzUwYTZiODM1IiwidHIiOiI3ZDdlNjIxMzZjZjBmOThjY2VhMmRlOTI4NThmODMwMCIsInRpIjoxNjkzNDA5ODU5OTU0fX0=
Accept: application/json, text/plain, */*
csrf-token: ZQFEjkDG-10i5gMhcNuO0y899iWL7S8R6pmY
Referer: https://givenow.lls.org/give/390400/

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"16e-3sTxEBd0jVVEoEAIIVRWIBpIZ+8"
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=NfjUT77syWd6ptCfDZ58pEEsWUxaMChD2L9o8uMCgP0-1693409860-0-AXdGfeKhBI058HNDelZQh_NCKz20uVwq_E8jzo9isJuDWXtIIglwtwf0XGZgg-xWodJNOLx8_chF7bFGv0zIuUCaxJ8DC4wKXbEK6d8rUnW6492AMtPeC3TpzmLZ8NSb2L4Q0HwJ87N2kmK3QdAaqzsKcZqoBfCzZigqxbIq0wlazmGQIkBArUXjLa4btMGs0Q; report-to cf-csp-endpoint
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=NfjUT77syWd6ptCfDZ58pEEsWUxaMChD2L9o8uMCgP0-1693409860-0-AXdGfeKhBI058HNDelZQh_NCKz20uVwq_E8jzo9isJuDWXtIIglwtwf0XGZgg-xWodJNOLx8_chF7bFGv0zIuUCaxJ8DC4wKXbEK6d8rUnW6492AMtPeC3TpzmLZ8NSb2L4Q0HwJ87N2kmK3QdAaqzsKcZqoBfCzZigqxbIq0wlazmGQIkBArUXjLa4btMGs0Q"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cf-ray: 7fee1dc8cca28fd1-FRA

POST
H/1.1 204
No Content collect Show response
q.clarity.ms/ Frame 8E46 0
293 B 109ms
109ms XHR
text/plain 20.231.53.73
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://q.clarity.ms/collect
Requested by: Host: tgbwidget.com
URL: https://tgbwidget.com/static/js/main.80fa4128.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://tgbwidget.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://tgbwidget.com
Date: Wed, 30 Aug 2023 15:37:40 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/16f9263d/www-widgetapi.vflset/ Frame C642 209 KB
65 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/16f9263d/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de46fb8e26ef2e02cc96f22b8986c1457c92616aeca80a0ce32b16a0faee024d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:19:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1080
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65919
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 01:50:38 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 29 Aug 2024 15:19:39 GMT

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ Frame C642 88 KB
30 KB 116ms
36ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer: https://givenow.lls.org/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
content-encoding: gzip
last-modified: Fri, 26 Aug 2022 17:36:05 GMT
server: nginx
etag: W/"63090485-15e40"
vary: Accept-Encoding
x-hw: 1693409860.dop057.fr8.t,1693409860.cds158.fr8.hn,1693409860.cds258.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30957

GET
H3 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v12/ Frame C642 28 KB
29 KB 29ms
28ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 15:40:19 GMT
x-content-type-options: nosniff
age: 431841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29156
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Aug 2024 15:40:19 GMT

GET
H3 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v12/ Frame C642 28 KB
29 KB 34ms
32ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 15:40:19 GMT
x-content-type-options: nosniff
age: 431841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29156
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Aug 2024 15:40:19 GMT

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ Frame C642 27 KB
27 KB 39ms
37ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 08:42:07 GMT
x-content-type-options: nosniff
age: 370533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 08:42:07 GMT

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ Frame C642 27 KB
27 KB 44ms
43ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 08:42:07 GMT
x-content-type-options: nosniff
age: 370533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 08:42:07 GMT

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ Frame C642 27 KB
27 KB 48ms
46ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 08:42:07 GMT
x-content-type-options: nosniff
age: 370533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 08:42:07 GMT

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ Frame C642 27 KB
27 KB 52ms
52ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 08:42:07 GMT
x-content-type-options: nosniff
age: 370533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 08:42:07 GMT

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ Frame C642 27 KB
27 KB 56ms
55ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://givenow.lls.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 08:42:07 GMT
x-content-type-options: nosniff
age: 370533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27428
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 08:42:07 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame C55E 0
716 B 606ms
199ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1693409860541134
x-envoy-upstream-service-time: 7
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 4
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1693409860538072
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame C55E 0
718 B 614ms
207ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1693409860541299
x-envoy-upstream-service-time: 17
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 12
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1693409860538119
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 4421 930 B
2 KB 127ms
29ms Document
text/html 2600:9000:25e8:3800:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25e8:3800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 103
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 30 Aug 2023 15:35:58 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 400be015a105355a3fb16d2aa2a6d926.cloudfront.net (CloudFront)
x-amz-cf-id: enHmIDR7nVtMMW30dXJ3lkYjFw-Mn86GssEoo9yWp47mdPvQuGDcJQ==
x-amz-cf-pop: AMS1-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 iframeResizer-6bb8ec1b02.js Show response
givenow.lls.org/sso/ssobuild/js/ Frame C642 22 KB
7 KB 54ms
54ms XHR
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/sso/ssobuild/js/iframeResizer-6bb8ec1b02.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb92a1ef1cf264bb8eea72c2931c0792c88263258e00e86de118bdd5f1aae997

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-af9e435bbc77a086----1693409860147
traceparent: 00-2c08093d1a4da9aea3e642f43f094700-af9e435bbc77a086-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJhZjllNDM1YmJjNzdhMDg2IiwidHIiOiIyYzA4MDkzZDFhNGRhOWFlYTNlNjQyZjQzZjA5NDcwMCIsInRpIjoxNjkzNDA5ODYwMTQ3fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://givenow.lls.org/give/390400/
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Apr 2023 17:59:18 GMT
cf-bgj: minify
server: cloudflare
age: 10438620
etag: W/"643eda76-893d"
cf-polished: origSize=35133
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 7fee1dc9fe208fd1-FRA
expires: Tue, 30 Apr 2024 20:00:40 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 4421 0
491 B 465ms
197ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1693409860538773
x-envoy-upstream-service-time: 7
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1693409860538195
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 4421 87 KB
16 KB 32ms
32ms Script
text/javascript 2600:9000:25e8:3800:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25e8:3800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 30 Aug 2023 15:33:28 GMT
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
via: 1.1 400be015a105355a3fb16d2aa2a6d926.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P3
etag: W/"69cb7809b5011312e716f29b3d19dce6"
age: 254
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: 4RoPtJye6srK3zcunmdR-yR6rk74WG41EB2TrGmbfwU64VtFDO5-UA==

GET
H2 200 status Show response
givenow.lls.org/sso/ Frame C642 90 B
1 KB 416ms
416ms XHR
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://givenow.lls.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery361020331278018443433_1693409860144&_=1693409860145

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39af441e3b316fc87987118057609de58494b98dd16f1f8e9b98bd2fcef104b3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.classy.org;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-9103c57c00f52e11----1693409860211
traceparent: 00-cd2215a7164b1b2b4d434c6851789c00-9103c57c00f52e11-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI5MTAzYzU3YzAwZjUyZTExIiwidHIiOiJjZDIyMTVhNzE2NGIxYjJiNGQ0MzRjNjg1MTc4OWMwMCIsInRpIjoxNjkzNDA5ODYwMjExfX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://givenow.lls.org/give/390400/
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
content-security-policy: frame-ancestors 'self' https://*.classy.org;
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
p3p: CP="Classy does not have a P3P policy."
cache-control: no-cache, private
cf-ray: 7fee1dca5e9a8fd1-FRA
x-xss-protection: 1; mode=block

POST
H2 200 6 Show response
m.stripe.com/ Frame 4421 156 B
668 B 599ms
196ms XHR
application/json 44.238.101.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.238.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-101-88.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

5f424f4fe2cbe0855b75bc772aa6c7b3fa96ea72591b63d1faa98fa9f94e0304

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1693409860763855
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1693409860763646
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2

200

c.gif
c.clarity.ms/ Frame 8E46
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=CA4C2827563F4D3296F41ED76041B29A&RedC=c.clarity.ms&MXFR=2FE714137AC86DCD3E84076E7EC86302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CA4C2827563F4D3296F41ED76041B29A&MUID=2E779B6C34D768A419FB8811357B6960

42 B
466 B

55ms
55ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CA4C2827563F4D3296F41ED76041B29A&MUID=2E779B6C34D768A419FB8811357B6960
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tgbwidget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 15:37:40 GMT
last-modified: Tue, 06 Jun 2023 17:31:23 GMT
server: Microsoft-IIS/10.0
etag: "dca6ffb69c98d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 30 Aug 2023 15:37:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9DD6492333AB4BEDBE8E6D61D813A61D Ref B: FRA31EDGE0706 Ref C: 2023-08-30T15:37:40Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CA4C2827563F4D3296F41ED76041B29A&MUID=2E779B6C34D768A419FB8811357B6960
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 nr-spa.1097a448-1.238.0.min.js Show response
js-agent.newrelic.com/ 76 KB
26 KB 79ms
22ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa.1097a448-1.238.0.min.js

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b2cffb3d4620ddeb697ba04e787b68c7749efaa66614d9c6d16bc6082444f3bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: b8eo8xMxP6q71yVPfdHT5aV6JuNPOpkg
content-encoding: br
via: 1.1 varnish
date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=300
x-amz-request-id: 80D0D0NP39TRH4DD
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 25963
x-amz-id-2: NQFBj3cN2OVBFRPxKym3xpFO3/+6vCEykNCKXxXAhA4AMbaXm9xkgBfodBC4wb5gUO4DeTPdohQ=
x-served-by: cache-fra-etou8220029-FRA
last-modified: Wed, 16 Aug 2023 21:40:47 GMT
server: AmazonS3
x-timer: S1693409860.328066,VS0,VE0
etag: "50ff460817c14cc3cdb0112cf58f1456"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1631

GET
H2 200 nr-spa-1208.min.js Show response
js-agent.newrelic.com/ 42 KB
17 KB 77ms
22ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1208.min.js

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

13e8b4f6220702a10a7566fb389055fedd388a364975146c8d2780c1d2fdc0d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: Vh.geaSzxk269x8Ss.5iG8XR8B7_1taB
content-encoding: br
via: 1.1 varnish
date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=300
x-amz-request-id: NEE20DXW5AXKERJC
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 16563
x-amz-id-2: 4xS2Pvmeeg52XIn+X14orNeiiz3zib5E+9R245oIsK9SPV76AzY045ygMHWaNJAzONb4X4ypkh0=
x-served-by: cache-fra-etou8220029-FRA
last-modified: Wed, 10 Mar 2021 16:24:31 GMT
server: AmazonS3
x-timer: S1693409860.328177,VS0,VE0
etag: "d9d4f5c3991c0454eca3e6b2ddfe31d9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 206

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 4D8F 0
181 B 54ms
54ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=nvtufgc&ref=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252&upid=r20lbgl&upv=1.1.0
Requested by: Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Wed, 30 Aug 2023 15:37:40 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 embedded-giving-logo-ach.svg
prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/global/images/embedded-giving/ Frame C642 1 KB
2 KB 40ms
39ms Image
image/svg+xml 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/f9530c3cdf5af90e8bf64b5639a34cfc5449fd1c/static/global/images/embedded-giving/embedded-giving-logo-ach.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebeeb6852c8d5689249269cfa59febdad1141a9810331c31d4331f53f47750f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: Z3Q6VEH3VAQ69PX7
age: 57849
x-amz-server-side-encryption: AES256
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=1aINa9FIijHP9ZM64WfkgIjOC_6eq5CvQgbh9.KkMNo-1693409860-0-ASLNIiylvh83vyZ-KB6NWUlMDdIWpxtuJhfnKu0UZcOylbwinO3e2zse2o335RoPOShY8ZZpPFuansXAMYV4Em8jQ9jXP33PwDS1_5IoetNiiRS3I1eiUj4HP1VNJnReYGVH8nuHJ037cDXd0hQob45xoJoOiP14pQh9GWbBC8ds-fjeSg77NiHPV98BaZ9DcWThySxQcFakTXvqafwtabw; report-to cf-csp-endpoint
x-amz-id-2: GgOr0t7fE59wv0qUQ2RC8L+9BPix8CRvwxWHp+/+ZF+9ZvZLGaw4QUHEhdhhlBGAuf5oHlA6HwQ=
last-modified: Mon, 28 Aug 2023 20:30:00 GMT
server: cloudflare
etag: W/"d71add3c9962a21340ec557ac0628bf7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=1aINa9FIijHP9ZM64WfkgIjOC_6eq5CvQgbh9.KkMNo-1693409860-0-ASLNIiylvh83vyZ-KB6NWUlMDdIWpxtuJhfnKu0UZcOylbwinO3e2zse2o335RoPOShY8ZZpPFuansXAMYV4Em8jQ9jXP33PwDS1_5IoetNiiRS3I1eiUj4HP1VNJnReYGVH8nuHJ037cDXd0hQob45xoJoOiP14pQh9GWbBC8ds-fjeSg77NiHPV98BaZ9DcWThySxQcFakTXvqafwtabw"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 7fee1dcb5d139280-FRA

GET
H/1.1 200
OK 4fd7bf0f13 Show response
bam.nr-data.net/1/ 56 B
497 B 638ms
579ms Script
text/javascript 162.247.243.29

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/4fd7bf0f13?a=493303644&v=1208.49599aa&to=ZF0DMkJXXkpTBkBRWl0XIAVEX19XHSFGTUVSVD0IX1JVZXEKWkxHXFQNA0JqflZWAGJRUER7DghERF9VXgBGFQtFUQQR&rst=5850&ck=1&ref=https://www.lls.org/donate-cryptocurrency&qt=9&ap=782&be=2520&fe=5732&dc=2563&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1693409854532,%22n%22:0,%22f%22:524,%22dn%22:524,%22dne%22:729,%22c%22:729,%22s%22:840,%22ce%22:962,%22rq%22:962,%22rp%22:1868,%22rpe%22:1980,%22dl%22:1874,%22di%22:2554,%22ds%22:2554,%22de%22:2563,%22dc%22:5730,%22l%22:5730,%22le%22:5733%7D,%22navigation%22:%7B%7D%7D&fp=2464&fcp=2464&at=SBoARApNTUQ%3D&jsonp=NREUM.setToken
Requested by: Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 56
x-served-by: cache-fra-eddf8230117-FRA

POST
H/1.1 200
OK 4fd7bf0f13 Show response
bam.nr-data.net/1/ 40 B
401 B 609ms
554ms XHR
text/plain 162.247.243.29

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/4fd7bf0f13?a=493303644&v=1.238.0&to=ZF0DMkJXXkpTBkBRWl0XIAVEX19XHSFGTUVSVD0IX1JVZXEKWkxHXFQNA0JqflZWAGJRUER7DghERF9VXgBGFQtFUQQR&rst=5852&ck=0&s=c1f32e64ed914a3e&ref=https://www.lls.org/donate-cryptocurrency&af=err,xhr,stn,ins,spa&qt=9&ap=782&be=1868&fe=3865&dc=695&at=SBoARApNTUQ%3D&perf=%7B%22timing%22:%7B%22of%22:1693409854532,%22n%22:0,%22f%22:524,%22dn%22:524,%22dne%22:728,%22c%22:728,%22s%22:840,%22ce%22:962,%22rq%22:962,%22rp%22:1868,%22rpe%22:1981,%22di%22:2554,%22ds%22:2554,%22de%22:2563,%22dc%22:5730,%22l%22:5730,%22le%22:5733%7D,%22navigation%22:%7B%7D%7D&fp=2464&fcp=2464
Requested by: Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer: https://www.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.lls.org
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 40
x-served-by: cache-fra-eddf8230037-FRA

GET
H3 200 controller-4da4524a5fa6b6e21718aad8cf2e8e34.html Show response
js.stripe.com/v3/ Frame CE67 325 B
874 B 23ms
23ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-4da4524a5fa6b6e21718aad8cf2e8e34.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b70b5fb689d8ec7cb7a9f5058853aa9498f6e16151e137595885bc3619163873

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 23
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=60
content-encoding: br
content-length: 189
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 30 Aug 2023 15:37:40 GMT
etag: "4da4524a5fa6b6e21718aad8cf2e8e34"
last-modified: Tue, 29 Aug 2023 20:45:48 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 7
x-content-type-options: nosniff
x-request-id: 40e45e24-9667-4e0c-bb53-a5dc6b9023bc
x-served-by: cache-fra-eddf8230097-FRA

GET
H3 200 payment-request-inner-google-pay-eaf0a50ed05c72394aac24b3203f1851.html Show response
js.stripe.com/v3/ Frame 080A 408 B
1 KB 23ms
23ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-eaf0a50ed05c72394aac24b3203f1851.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

079da7f98f652e556762fdad47d9532144559e6fe39fded68ceae90f6510be18

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 67763
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 221
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 30 Aug 2023 15:37:40 GMT
etag: "eaf0a50ed05c72394aac24b3203f1851"
last-modified: Tue, 29 Aug 2023 20:46:04 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 743
x-content-type-options: nosniff
x-request-id: 16be3f40-f279-45d6-a25b-b26160c1008a
x-served-by: cache-fra-eddf8230097-FRA

GET
H3 200 payment-request-inner-browser-6ed49e0a89ebafd68251dfe0172dd59c.html Show response
js.stripe.com/v3/ Frame 9C08 344 B
1 KB 23ms
23ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-6ed49e0a89ebafd68251dfe0172dd59c.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2d42bd85c29e779b03bb049753a596cb03e0dc3161babcf1175151231647a268

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 32
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=60
content-encoding: br
content-length: 203
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 30 Aug 2023 15:37:40 GMT
etag: "6ed49e0a89ebafd68251dfe0172dd59c"
last-modified: Tue, 29 Aug 2023 20:46:04 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: 7abd4e9d-f8b8-4234-aa3d-fb283af24d5d
x-served-by: cache-fra-eddf8230097-FRA

GET
H3 200 shared-acd224022d7259fd6ab5d01674c1a83f.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame CE67 457 KB
113 KB 25ms
23ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-4da4524a5fa6b6e21718aad8cf2e8e34.html

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

bcd922ca6210dbacf1d6b4debc16fc8b91faeed3fed5d48e9f87f4bfa61b4b75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-4da4524a5fa6b6e21718aad8cf2e8e34.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 30 Aug 2023 15:37:40 GMT
via: 1.1 varnish
age: 67778
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 115754
x-request-id: 200f3e5c-161f-4fb0-bd06-694c8cc77644
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Tue, 29 Aug 2023 20:46:03 GMT
server: Fastly
etag: "c5a0be0f92a7b390ddd439bb7e4fc222"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6657

GET
H3 200 controller-ac123426d7c4550f2997f23b0ea537ad.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame CE67 572 KB
154 KB 49ms
47ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-ac123426d7c4550f2997f23b0ea537ad.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-4da4524a5fa6b6e21718aad8cf2e8e34.html

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a24feed9b06092229d6574c0fa3b4c5620c2e9ec90a4d7912d9e204434ee12b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-4da4524a5fa6b6e21718aad8cf2e8e34.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 30 Aug 2023 15:37:40 GMT
via: 1.1 varnish
age: 76071
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 157160
x-request-id: 7cf83b54-8c34-4e1a-84e7-17f960fbe652
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Tue, 29 Aug 2023 18:27:35 GMT
server: Fastly
etag: "536891c78d3c857aea127aaacf9a3e47"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7079

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 080A 116 KB
36 KB 171ms
87ms Script
application/javascript 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-eaf0a50ed05c72394aac24b3203f1851.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5a025270d34177399149ca2afc963f8ec726986caaffbefbb7c91b5afa9f20ef

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-_RTz6Bt8Ul8hMbeDJB489A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-_RTz6Bt8Ul8hMbeDJB489A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 30 Aug 2023 15:37:40 GMT

GET
H3 200 shared-acd224022d7259fd6ab5d01674c1a83f.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 080A 457 KB
113 KB 66ms
66ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-eaf0a50ed05c72394aac24b3203f1851.html

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

bcd922ca6210dbacf1d6b4debc16fc8b91faeed3fed5d48e9f87f4bfa61b4b75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-eaf0a50ed05c72394aac24b3203f1851.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 30 Aug 2023 15:37:40 GMT
via: 1.1 varnish
age: 67778
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 115754
x-request-id: 84092b95-6114-4ee8-b7b8-c31ced873d24
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Tue, 29 Aug 2023 20:46:03 GMT
server: Fastly
etag: "c5a0be0f92a7b390ddd439bb7e4fc222"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6658

GET
H3 200 payment-request-inner-google-pay-f708febb2c3bfb05a286ddc88e6d2143.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 080A 10 KB
4 KB 26ms
25ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-f708febb2c3bfb05a286ddc88e6d2143.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-eaf0a50ed05c72394aac24b3203f1851.html

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

582f83b00f967c6a8c2c10fd9791f7befec6c945e92cb74fe2c2c3455fea4301

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-eaf0a50ed05c72394aac24b3203f1851.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 30 Aug 2023 15:37:40 GMT
via: 1.1 varnish
age: 2474587
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4170
x-request-id: f01421e7-2a74-4122-97f2-d46173cac122
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Tue, 01 Aug 2023 17:33:44 GMT
server: Fastly
etag: "06d594f6d0f8015f2a57b5d4eb5fcdb7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 17673

GET
H3 200 shared-acd224022d7259fd6ab5d01674c1a83f.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9C08 457 KB
113 KB 84ms
81ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-6ed49e0a89ebafd68251dfe0172dd59c.html

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

bcd922ca6210dbacf1d6b4debc16fc8b91faeed3fed5d48e9f87f4bfa61b4b75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-6ed49e0a89ebafd68251dfe0172dd59c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 30 Aug 2023 15:37:40 GMT
via: 1.1 varnish
age: 67778
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 115754
x-request-id: 64c06f84-afaf-4946-960a-097714c0afbc
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Tue, 29 Aug 2023 20:46:03 GMT
server: Fastly
etag: "c5a0be0f92a7b390ddd439bb7e4fc222"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6659

GET
H3 200 payment-request-inner-browser-60213628200f3cf52c380275976f0441.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9C08 12 KB
5 KB 87ms
84ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-60213628200f3cf52c380275976f0441.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-6ed49e0a89ebafd68251dfe0172dd59c.html

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

c90b93aefe3e302d14ecadafe3f8aa45b5f90db60d0d763d05650d205f518200

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-6ed49e0a89ebafd68251dfe0172dd59c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 30 Aug 2023 15:37:40 GMT
via: 1.1 varnish
age: 2467132
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4851
x-request-id: 14ec44e8-9709-4d9c-b463-97ca1d0539a7
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Tue, 01 Aug 2023 17:33:44 GMT
server: Fastly
etag: "7d273750df5052a69a1190dbf1228b5e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 27880

GET
H3 200 payment-request-inner-google-pay-eaf0a50ed05c72394aac24b3203f1851.html Show response
js.stripe.com/v3/ Frame 620A 408 B
1 KB 28ms
28ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-eaf0a50ed05c72394aac24b3203f1851.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

079da7f98f652e556762fdad47d9532144559e6fe39fded68ceae90f6510be18

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 67763
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 221
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 30 Aug 2023 15:37:40 GMT
etag: "eaf0a50ed05c72394aac24b3203f1851"
last-modified: Tue, 29 Aug 2023 20:46:04 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 744
x-content-type-options: nosniff
x-request-id: 6667c60e-6aa0-46b3-80b1-2056deefffc6
x-served-by: cache-fra-eddf8230097-FRA

GET
H3 200 payment-request-inner-browser-6ed49e0a89ebafd68251dfe0172dd59c.html Show response
js.stripe.com/v3/ Frame EE6C 344 B
1 KB 28ms
28ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-6ed49e0a89ebafd68251dfe0172dd59c.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2d42bd85c29e779b03bb049753a596cb03e0dc3161babcf1175151231647a268

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://givenow.lls.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 32
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=60
content-encoding: br
content-length: 203
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 30 Aug 2023 15:37:40 GMT
etag: "6ed49e0a89ebafd68251dfe0172dd59c"
last-modified: Tue, 29 Aug 2023 20:46:04 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: 0b9fa8aa-54fb-4351-9034-2f283997b978
x-served-by: cache-fra-eddf8230097-FRA

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 620A 116 KB
35 KB 160ms
123ms Script
application/javascript 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-eaf0a50ed05c72394aac24b3203f1851.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

57cf76380c788e84a3ac2555875f9437ad95163bf4fb1c1097579cf327cd3f5c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OLje8ByyapyhEITa5V57bg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-OLje8ByyapyhEITa5V57bg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 30 Aug 2023 15:37:40 GMT

GET
H3 200 shared-acd224022d7259fd6ab5d01674c1a83f.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 620A 457 KB
113 KB 43ms
43ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-eaf0a50ed05c72394aac24b3203f1851.html

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

bcd922ca6210dbacf1d6b4debc16fc8b91faeed3fed5d48e9f87f4bfa61b4b75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-eaf0a50ed05c72394aac24b3203f1851.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 30 Aug 2023 15:37:40 GMT
via: 1.1 varnish
age: 67778
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 115754
x-request-id: 4e0f6113-e5b7-4265-b654-8f7f3ed810eb
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Tue, 29 Aug 2023 20:46:03 GMT
server: Fastly
etag: "c5a0be0f92a7b390ddd439bb7e4fc222"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6660

GET
H3 200 payment-request-inner-google-pay-f708febb2c3bfb05a286ddc88e6d2143.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 620A 10 KB
4 KB 30ms
29ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-f708febb2c3bfb05a286ddc88e6d2143.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-eaf0a50ed05c72394aac24b3203f1851.html

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

582f83b00f967c6a8c2c10fd9791f7befec6c945e92cb74fe2c2c3455fea4301

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-eaf0a50ed05c72394aac24b3203f1851.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 30 Aug 2023 15:37:40 GMT
via: 1.1 varnish
age: 2474587
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4170
x-request-id: 0d69f391-8430-41ba-ae86-bbaecc0e010d
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Tue, 01 Aug 2023 17:33:44 GMT
server: Fastly
etag: "06d594f6d0f8015f2a57b5d4eb5fcdb7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 17674

GET
H3 200 shared-acd224022d7259fd6ab5d01674c1a83f.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame EE6C 457 KB
113 KB 44ms
44ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-6ed49e0a89ebafd68251dfe0172dd59c.html

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

bcd922ca6210dbacf1d6b4debc16fc8b91faeed3fed5d48e9f87f4bfa61b4b75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-6ed49e0a89ebafd68251dfe0172dd59c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 30 Aug 2023 15:37:40 GMT
via: 1.1 varnish
age: 67778
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 115754
x-request-id: cfc4e2ad-cdd6-47c6-b357-0f2b9233b3be
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Tue, 29 Aug 2023 20:46:03 GMT
server: Fastly
etag: "c5a0be0f92a7b390ddd439bb7e4fc222"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6661

GET
H3 200 payment-request-inner-browser-60213628200f3cf52c380275976f0441.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame EE6C 12 KB
5 KB 47ms
47ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-60213628200f3cf52c380275976f0441.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-6ed49e0a89ebafd68251dfe0172dd59c.html

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

c90b93aefe3e302d14ecadafe3f8aa45b5f90db60d0d763d05650d205f518200

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-6ed49e0a89ebafd68251dfe0172dd59c.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 30 Aug 2023 15:37:40 GMT
via: 1.1 varnish
age: 2467132
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4851
x-request-id: 231dc9c9-e2c5-45d6-ae39-90cf23d4a41d
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Tue, 01 Aug 2023 17:33:44 GMT
server: Fastly
etag: "7d273750df5052a69a1190dbf1228b5e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 27881

POST
H2 200 csp-report
q.stripe.com/ Frame CE67 0
716 B 195ms
195ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1693409860585118
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1693409860584801
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H3 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame CE67 474 B
623 B 47ms
23ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1492e3f222d0cc7fb2c657a22d234f698827f483fa5b3a8dff7e208d3caf92ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-4da4524a5fa6b6e21718aad8cf2e8e34.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 33
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 297
x-request-id: c7b4f1da-fadb-49b0-8988-1d468f840566
x-served-by: cache-fra-eddf8230025-FRA
last-modified: Tue, 29 Aug 2023 21:17:39 GMT
server: Fastly
etag: "0c207d758b3fcb71899c8938f460c2d1"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 9

POST
H2 200 csp-report
q.stripe.com/ Frame 9C08 0
717 B 304ms
303ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1693409860724571
x-envoy-upstream-service-time: 47
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 9
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1693409860723366
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 9C08 0
718 B 328ms
328ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1693409860732666
x-envoy-upstream-service-time: 69
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 55
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1693409860724975
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame CE67 2 KB
2 KB 355ms
228ms Fetch
application/json 52.30.58.64

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.30.58.64 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

c6f0903f51a521e2370ee4e3473e0a93c13d749be9442c9d56b6ca2760227fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 1648
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame EE6C 0
718 B 257ms
257ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1693409860729240
x-envoy-upstream-service-time: 17
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 12
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1693409860725988
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame EE6C 0
717 B 249ms
249ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1693409860727654
x-envoy-upstream-service-time: 10
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 4
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1693409860726026
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 398ms
363ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:40 GMT
x-stripe-server-envoy-start-time-us: 1693409860959525
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1693409860959128
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 402ms
367ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:40 GMT
x-stripe-server-envoy-start-time-us: 1693409860959765
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1693409860959230
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 542ms
508ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:41 GMT
x-stripe-server-envoy-start-time-us: 1693409861102572
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 7
x-stripe-client-envoy-start-time-us: 1693409861102345
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 410ms
377ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:40 GMT
x-stripe-server-envoy-start-time-us: 1693409860967183
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1693409860966903
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 352ms
319ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:40 GMT
x-stripe-server-envoy-start-time-us: 1693409860914653
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1693409860913993
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 349ms
317ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:40 GMT
x-stripe-server-envoy-start-time-us: 1693409860914640
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1693409860913807
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 398ms
365ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:40 GMT
x-stripe-server-envoy-start-time-us: 1693409860959748
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1693409860959205
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 410ms
378ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:40 GMT
x-stripe-server-envoy-start-time-us: 1693409860967630
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1693409860967104
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 402ms
370ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:40 GMT
x-stripe-server-envoy-start-time-us: 1693409860967130
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1693409860966659
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 407ms
376ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:40 GMT
x-stripe-server-envoy-start-time-us: 1693409860967155
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1693409860966828
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 403ms
372ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:40 GMT
x-stripe-server-envoy-start-time-us: 1693409860967071
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1693409860966820
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 397ms
367ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:40 GMT
x-stripe-server-envoy-start-time-us: 1693409860959555
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1693409860959039
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 408ms
378ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:40 GMT
x-stripe-server-envoy-start-time-us: 1693409860966785
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1693409860966544
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 407ms
378ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:40 GMT
x-stripe-server-envoy-start-time-us: 1693409860967263
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1693409860966737
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 390ms
361ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:40 GMT
x-stripe-server-envoy-start-time-us: 1693409860959937
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1693409860959288
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 406ms
377ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:40 GMT
x-stripe-server-envoy-start-time-us: 1693409860967543
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1693409860966976
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 389ms
360ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:40 GMT
x-stripe-server-envoy-start-time-us: 1693409860959538
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1693409860959268
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 391ms
362ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:40 GMT
x-stripe-server-envoy-start-time-us: 1693409860959814
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1693409860959399
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 399ms
372ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:40 GMT
x-stripe-server-envoy-start-time-us: 1693409860967058
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1693409860966521
access-control-allow-credentials: true
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 080A 0
718 B 221ms
221ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1693409860769919
x-envoy-upstream-service-time: 25
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 24
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1693409860769417
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 080A 0
716 B 194ms
193ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1693409860769819
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1693409860769528
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 configuration Show response
api.braintreegateway.com/merchants/cgxvz24xdjx952j7/client_api/v1/ Frame C642 2 KB
2 KB 573ms
501ms Script
application/javascript 13.248.139.42

General

Check archive.org

Show headers Download Go to

Full URL

https://api.braintreegateway.com/merchants/cgxvz24xdjx952j7/client_api/v1/configuration?authorizationFingerprint=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2OTM0OTYyNjAsImp0aSI6Ijg0YjU3NDI2LWQ1ZWYtNGY0OC05NmU0LWE4NDViNGZmZjcyZSIsInN1YiI6ImNneHZ6MjR4ZGp4OTUyajciLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6ImNneHZ6MjR4ZGp4OTUyajciLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0IjpmYWxzZX0sInJpZ2h0cyI6WyJtYW5hZ2VfdmF1bHQiXSwic2NvcGUiOlsiQnJhaW50cmVlOlZhdWx0Il0sIm9wdGlvbnMiOnt9fQ.0POQos7E0-5Kxb8SGrvQKjshvsOmdwcA4ncvTbZjJ9WXdAixKFZBHnO8DZzz6IDIKV1POCqcN5netM0gRoFE5A&callback=callback_jsonb23a06b020ae45d29175cd988011cfcf

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.139.42 -, , ASN (),

Reverse DNS

Software

Resource Hash

2be7bbcb64fdda134b55d9a2d69f975b0418c57b02f792048dbcb8f8be7e6cc8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains
paypal-debug-id: 1ec90cf32f8a4
x-xss-protection: 1; mode=block
x-request-id: 62cfaba3-daa4-42c0-b230-8aba2cc78696
x-runtime: 0.301087
referrer-policy: strict-origin-when-cross-origin
etag: W/"7f3ff44b9783503ab8df4a4155e806f6"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept, Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-broxyid: 62cfaba3-daa4-42c0-b230-8aba2cc78696

POST
H2 200 csp-report
q.stripe.com/ Frame 620A 0
718 B 230ms
229ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1693409860776970
x-envoy-upstream-service-time: 37
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 36
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1693409860776314
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 620A 0
718 B 261ms
260ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1693409860787785
x-envoy-upstream-service-time: 68
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 53
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1693409860776338
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 08F4 18 KB
8 KB 90ms
87ms Document
text/html 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

727ce6de7bb39bd58273c318c761b0abc145d838ada3d7e4d3339f13861b6c52

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JSBEcN56A7BiCd7bPxh8ZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-JSBEcN56A7BiCd7bPxh8ZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Wed, 30 Aug 2023 15:37:40 GMT
expires: Wed, 30 Aug 2023 15:37:40 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 95FA 18 KB
8 KB 82ms
81ms Document
text/html 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9e8330e730a8470ae3744996d3aab35ea7f26c5d75a2789f53b89ecf7924cf1a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7lCAIqmD9xIldnYD4CM8vQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-7lCAIqmD9xIldnYD4CM8vQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Wed, 30 Aug 2023 15:37:40 GMT
expires: Wed, 30 Aug 2023 15:37:40 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 483ms
483ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:41 GMT
x-stripe-server-envoy-start-time-us: 1693409861107727
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1693409861107131
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 482ms
482ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:41 GMT
x-stripe-server-envoy-start-time-us: 1693409861107505
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1693409861107257
access-control-allow-credentials: true
content-length: 0

GET
H3 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.rAG_vwTDXIs.es5.O/am=AGAM/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=... Frame 08F4 157 KB
56 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.rAG_vwTDXIs.es5.O/am=AGAM/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfri07A3CfJokJWanoct3dUqbgtRxLA/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b57d1b5e3f9d7947fc7940c1f4144335ed2ae95e9da59f0905bf92295684e42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56813
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 05:26:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Aug 2024 16:28:18 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 08F4 2 KB
2 KB 130ms
130ms Other
text/html 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.rAG_vwTDXIs.es5.O/am=AGAM/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=... Frame 95FA 157 KB
56 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b57d1b5e3f9d7947fc7940c1f4144335ed2ae95e9da59f0905bf92295684e42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56813
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 05:26:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Aug 2024 16:28:18 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 95FA 2 KB
2 KB 130ms
130ms Other
text/html 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.rAG_vwTDXIs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.hBr... Frame 08F4 72 KB
26 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.rAG_vwTDXIs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.hBrBgppgL5s.L.B1.O/am=AGAM/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrijLaL8DdnMLGpmHZCIWCrF71GGpg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.rAG_vwTDXIs.es5.O/am=AGAM/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfri07A3CfJokJWanoct3dUqbgtRxLA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34819351ef0008bcd5bc124c85bf05742e23696e0fed2e51b386f20503e4326b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26902
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 05:26:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Aug 2024 16:28:18 GMT

GET
H3 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.rAG_vwTDXIs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.hBr... Frame 95FA 72 KB
26 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34819351ef0008bcd5bc124c85bf05742e23696e0fed2e51b386f20503e4326b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26902
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 05:26:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Aug 2024 16:28:18 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 08F4 1 MB
371 KB 91ms
91ms XHR
text/html 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9ea891739593e813f40ef9b5472dfd5074590b42e1867c70c496dcaddfe59201

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9XHeLiN3-oDz_U-RsjJGOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-9XHeLiN3-oDz_U-RsjJGOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 30 Aug 2023 15:37:40 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.rAG_vwTDXIs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.hBr... Frame 08F4 9 KB
4 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.rAG_vwTDXIs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.hBrBgppgL5s.L.B1.O/am=AGAM/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrijLaL8DdnMLGpmHZCIWCrF71GGpg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f748a69e3312e02de9d9a62751a3c86ccc072b6b4dd407b470faadc52fe83ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3910
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 05:26:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Aug 2024 16:28:18 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.rAG_vwTDXIs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.hBr... Frame 08F4 36 KB
14 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.rAG_vwTDXIs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.hBrBgppgL5s.L.B1.O/am=AGAM/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrijLaL8DdnMLGpmHZCIWCrF71GGpg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07255c0494bba363e6eb4d0aa16df13ca0bf7f9a4cd754a7723c93cf64441fcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13852
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 05:26:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Aug 2024 16:28:18 GMT

POST
H3 200 log Show response
play.google.com/ Frame 08F4 131 B
155 B 131ms
76ms XHR
text/plain 2a00:1450:4001:81c::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 30 Aug 2023 15:37:41 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 30 Aug 2023 15:37:41 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 139ms
58ms Preflight
text/plain 2a00:1450:4001:81c::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 30 Aug 2023 15:37:40 GMT
expires: Wed, 30 Aug 2023 15:37:40 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 138ms
58ms Preflight
text/plain 2a00:1450:4001:81c::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 30 Aug 2023 15:37:40 GMT
expires: Wed, 30 Aug 2023 15:37:40 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 08F4 131 B
155 B 115ms
61ms XHR
text/plain 2a00:1450:4001:81c::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 30 Aug 2023 15:37:41 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 30 Aug 2023 15:37:41 GMT

POST
H3 200 log Show response
play.google.com/ Frame 08F4 131 B
155 B 128ms
76ms XHR
text/plain 2a00:1450:4001:81c::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 30 Aug 2023 15:37:41 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 30 Aug 2023 15:37:41 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 138ms
58ms Preflight
text/plain 2a00:1450:4001:81c::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 30 Aug 2023 15:37:40 GMT
expires: Wed, 30 Aug 2023 15:37:40 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 08F4 131 B
155 B 125ms
74ms XHR
text/plain 2a00:1450:4001:81c::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 30 Aug 2023 15:37:41 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 30 Aug 2023 15:37:41 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 137ms
58ms Preflight
text/plain 2a00:1450:4001:81c::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 30 Aug 2023 15:37:40 GMT
expires: Wed, 30 Aug 2023 15:37:40 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 95FA 1 MB
371 KB 95ms
95ms XHR
text/html 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

376c7e2828d3c32f1ca9b72a711714e76c4cc272f5fa4f2b4d1cf86c1aaddac5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-vBa-q9R40GusBpu0cGq6sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:40 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-vBa-q9R40GusBpu0cGq6sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 30 Aug 2023 15:37:40 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 4421 156 B
667 B 201ms
200ms XHR
application/json 44.238.101.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.238.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-101-88.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

5f424f4fe2cbe0855b75bc772aa6c7b3fa96ea72591b63d1faa98fa9f94e0304

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 30 Aug 2023 15:37:41 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1693409861008140
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1693409861007676
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame 4421 156 B
667 B 255ms
255ms XHR
application/json 44.238.101.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.238.101.88 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-101-88.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

5f424f4fe2cbe0855b75bc772aa6c7b3fa96ea72591b63d1faa98fa9f94e0304

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 30 Aug 2023 15:37:41 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1693409861056325
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1693409861055877
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.rAG_vwTDXIs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.hBr... Frame 95FA 9 KB
4 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.rAG_vwTDXIs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.hBrBgppgL5s.L.B1.O/am=AGAM/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrijLaL8DdnMLGpmHZCIWCrF71GGpg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f748a69e3312e02de9d9a62751a3c86ccc072b6b4dd407b470faadc52fe83ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3910
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 05:26:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Aug 2024 16:28:18 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.rAG_vwTDXIs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.hBr... Frame 95FA 36 KB
14 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.rAG_vwTDXIs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.hBrBgppgL5s.L.B1.O/am=AGAM/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrijLaL8DdnMLGpmHZCIWCrF71GGpg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07255c0494bba363e6eb4d0aa16df13ca0bf7f9a4cd754a7723c93cf64441fcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:28:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13852
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 05:26:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Aug 2024 16:28:18 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 104ms
60ms Preflight
text/plain 2a00:1450:4001:81c::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 30 Aug 2023 15:37:40 GMT
expires: Wed, 30 Aug 2023 15:37:40 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 95FA 131 B
155 B 128ms
77ms XHR
text/plain 2a00:1450:4001:81c::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 30 Aug 2023 15:37:41 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 30 Aug 2023 15:37:41 GMT

POST
H3 200 log Show response
play.google.com/ Frame 95FA 131 B
155 B 127ms
76ms XHR
text/plain 2a00:1450:4001:81c::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 30 Aug 2023 15:37:41 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 30 Aug 2023 15:37:41 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 103ms
59ms Preflight
text/plain 2a00:1450:4001:81c::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 30 Aug 2023 15:37:40 GMT
expires: Wed, 30 Aug 2023 15:37:40 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 95FA 131 B
155 B 124ms
73ms XHR
text/plain 2a00:1450:4001:81c::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 30 Aug 2023 15:37:41 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 30 Aug 2023 15:37:41 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 101ms
59ms Preflight
text/plain 2a00:1450:4001:81c::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 30 Aug 2023 15:37:40 GMT
expires: Wed, 30 Aug 2023 15:37:40 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 95FA 131 B
155 B 124ms
74ms XHR
text/plain 2a00:1450:4001:81c::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 30 Aug 2023 15:37:41 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 30 Aug 2023 15:37:41 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 101ms
59ms Preflight
text/plain 2a00:1450:4001:81c::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 30 Aug 2023 15:37:40 GMT
expires: Wed, 30 Aug 2023 15:37:40 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 315ms
314ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:41 GMT
x-stripe-server-envoy-start-time-us: 1693409861147941
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1693409861147685
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 316ms
315ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:41 GMT
x-stripe-server-envoy-start-time-us: 1693409861148373
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1693409861147761
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 306ms
300ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:41 GMT
x-stripe-server-envoy-start-time-us: 1693409861148218
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1693409861147810
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 303ms
300ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:41 GMT
x-stripe-server-envoy-start-time-us: 1693409861148901
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1693409861148122
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 303ms
302ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:41 GMT
x-stripe-server-envoy-start-time-us: 1693409861148857
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1693409861148401
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 304ms
304ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:41 GMT
x-stripe-server-envoy-start-time-us: 1693409861148754
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1693409861148090
access-control-allow-credentials: true
content-length: 0

POST
H3 200 log Show response
play.google.com/ Frame 08F4 131 B
155 B 114ms
66ms XHR
text/plain 2a00:1450:4001:81c::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 30 Aug 2023 15:37:41 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 30 Aug 2023 15:37:41 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 67ms
63ms Preflight
text/plain 2a00:1450:4001:81c::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 30 Aug 2023 15:37:40 GMT
expires: Wed, 30 Aug 2023 15:37:40 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 62ms
61ms Preflight
text/plain 2a00:1450:4001:81c::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 30 Aug 2023 15:37:40 GMT
expires: Wed, 30 Aug 2023 15:37:40 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 95FA 131 B
155 B 126ms
76ms XHR
text/plain 2a00:1450:4001:81c::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 30 Aug 2023 15:37:41 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 30 Aug 2023 15:37:41 GMT

POST
H3 200 log Show response
play.google.com/ Frame 08F4 131 B
155 B 110ms
75ms XHR
text/plain 2a00:1450:4001:81c::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 30 Aug 2023 15:37:41 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 30 Aug 2023 15:37:41 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 66ms
65ms Preflight
text/plain 2a00:1450:4001:81c::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 30 Aug 2023 15:37:41 GMT
expires: Wed, 30 Aug 2023 15:37:41 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 269ms
268ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:41 GMT
x-stripe-server-envoy-start-time-us: 1693409861148549
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1693409861148139
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 276ms
276ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:41 GMT
x-stripe-server-envoy-start-time-us: 1693409861152013
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1693409861151748
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 61ms
60ms Preflight
text/plain 2a00:1450:4001:81c::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 30 Aug 2023 15:37:41 GMT
expires: Wed, 30 Aug 2023 15:37:41 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 95FA 131 B
155 B 110ms
74ms XHR
text/plain 2a00:1450:4001:81c::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 30 Aug 2023 15:37:41 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 30 Aug 2023 15:37:41 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 285ms
285ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:41 GMT
x-stripe-server-envoy-start-time-us: 1693409861161923
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1693409861161643
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 284ms
284ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:41 GMT
x-stripe-server-envoy-start-time-us: 1693409861162145
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1693409861161708
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 282ms
282ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:41 GMT
x-stripe-server-envoy-start-time-us: 1693409861162334
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1693409861161839
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 282ms
282ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:41 GMT
x-stripe-server-envoy-start-time-us: 1693409861162208
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1693409861161889
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 404ms
404ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:41 GMT
x-stripe-server-envoy-start-time-us: 1693409861291232
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1693409861290987
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 412ms
411ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:41 GMT
x-stripe-server-envoy-start-time-us: 1693409861296131
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1693409861295873
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 409ms
409ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:41 GMT
x-stripe-server-envoy-start-time-us: 1693409861296098
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1693409861295895
access-control-allow-credentials: true
content-length: 0

GET
H2 200 GooglePay-logo.svg
givenow.lls.org/static/global/images/digitalWallets/ Frame C642 3 KB
2 KB 53ms
48ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://givenow.lls.org/static/global/images/digitalWallets/GooglePay-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://givenow.lls.org/give/390400/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 15:37:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 24 Apr 2023 22:06:44 GMT
server: cloudflare
age: 10858164
etag: W/"6446fd74-b41"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7fee1dcf4c878fd1-FRA
expires: Thu, 25 Apr 2024 23:28:17 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame CE67 0
274 B 440ms
437ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-acd224022d7259fd6ab5d01674c1a83f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 30 Aug 2023 15:37:41 GMT
x-stripe-server-envoy-start-time-us: 1693409861336570
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1693409861336257
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK 4fd7bf0f13 Show response
bam.nr-data.net/events/1/ 24 B
335 B 245ms
245ms XHR
image/gif 162.247.243.29

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/4fd7bf0f13?a=493303644&v=1.238.0&to=ZF0DMkJXXkpTBkBRWl0XIAVEX19XHSFGTUVSVD0IX1JVZXEKWkxHXFQNA0JqflZWAGJRUER7DghERF9VXgBGFQtFUQQR&rst=6482&ck=0&s=c1f32e64ed914a3e&ref=https://www.lls.org/donate-cryptocurrency
Requested by: Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 30 Aug 2023 15:37:41 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.lls.org
access-control-allow-credentials: true
Connection: close
Content-Length: 24
x-served-by: cache-fra-eddf8230037-FRA

POST
H/1.1 200
OK 4fd7bf0f13 Show response
bam.nr-data.net/events/1/ 24 B
340 B 162ms
161ms XHR
image/gif 162.247.243.29

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/4fd7bf0f13?a=493303644&v=1208.49599aa&to=ZF0DMkJXXkpTBkBRWl0XIAVEX19XHSFGTUVSVD0IX1JVZXEKWkxHXFQNA0JqflZWAGJRUER7DghERF9VXgBGFQtFUQQR&rst=6555&ck=1&ref=https://www.lls.org/donate-cryptocurrency
Requested by: Host: www.lls.org
URL: https://www.lls.org/donate-cryptocurrency?utm_source=sfmc&utm_medium=email&utm_campaign=Summer+Recap_20230829_Event&utm_id=409216&sfmc_id=234197252
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 30 Aug 2023 15:37:41 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.lls.org
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-eddf8230117-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 29ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-63NN87E39V&gtm=45je38s0&_p=2081365268&cid=918100877.1693409857&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1693409856&sct=1&seg=0&dl=https%3A%2F%2Fwww.lls.org%2Fdonate-cryptocurrency%3Futm_source%3Dsfmc%26utm_medium%3Demail%26utm_campaign%3DSummer%2BRecap_20230829_Event%26utm_id%3D409216%26sfmc_id%3D234197252&dt=Donate%20Cryptocurrency%20%7C%20Leukemia%20and%20Lymphoma%20Society&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-63NN87E39V&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.lls.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 30 Aug 2023 15:37:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.lls.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.merklesearch.com
URL: https://cdn.merklesearch.com/merkle_track.js

Domain: capigw.lls.org
URL: https://capigw.lls.org/events

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 18:42:41	Name: _GRECAPTCHA Value: 09AG8ZzstNjeeD6viMxsdHpDP8EbBk71L51EVFK2OK9qUDYSig19VlSKEMPMNIQpxp1C2H2ysG79exDa3xsat3KNY
.lls.org/	1970-01-20 16:33:05	Name: _gcl_au Value: 1.1.1244355439.1693409857
.lls.org/	1970-01-20 14:24:56	Name: _gid Value: GA1.2.1075867999.1693409857
.lls.org/	1970-01-20 14:23:29	Name: _dc_gtm_UA-225158-16 Value: 1
.lls.org/	1970-01-20 23:59:29	Name: _ga Value: GA1.1.918100877.1693409857
.doubleclick.net/	1970-01-20 23:45:05	Name: IDE Value: AHWqTUkJkDvmTqXmRAEIQihZOoyshugr7OwoHtCAWfH80MVsVpGmvXNT6hlkyo_H
.lls.org/	1970-01-20 23:59:29	Name: _ga_VDXXEBMB1M Value: GS1.2.1693409857.1.0.1693409857.60.0.0
widgets.guidestar.org/	1970-01-20 14:33:34	Name: AWSALBCORS Value: x5vApFo41WBmgPrnDtlC7qI5XdOGOApPjQ6cqEXdD2OSkJNjsQpjuydikAROhi8cpz7owq5rgYhaxm1aXqOQxJI4U/TakZd1OZn+/5DxdqOBktdqm3fWRjPC7kOA
.lls.org/	1970-01-20 14:24:56	Name: _uetsid Value: 256d4860474b11eeb0019f2e8a38e28c
.lls.org/	1970-01-20 23:45:05	Name: _uetvid Value: 256eee30474b11ee8019f7d25b144ae2
.quantserve.com/	1970-01-20 16:33:05	Name: d Value: EIcBBgHqKQISAYnQug2e6bRu
.quantserve.com/	1970-01-20 23:53:44	Name: mc Value: 64ef6241-1fccb-48bb3-ed2be
.bing.com/	1970-01-20 23:45:05	Name: MUID Value: 2E779B6C34D768A419FB8811357B6960
.lls.org/	1970-01-20 16:33:05	Name: _fbp Value: fb.1.1693409857189.387978127
.lls.org/	1970-01-20 23:47:58	Name: __qca Value: P0-1897490784-1693409856811
.trkn.us/	1970-01-20 23:09:05	Name: barometric[cuid] Value: cuid_d1f48866-18ab-43a5-be34-e69d70d0f3df
.classy.org/	1970-01-20 14:23:31	Name: __cf_bm Value: q_zUDK21RfagpltXoktLpKZG5oSE5uDp04xcafkd8cY-1693409857-0-AbaweoOyzB+wGDuARXdidUY3RWRzyi8+1H7xYVr27Rzf8jziLgLtYdo0eTILsQLzgv6MKV3He9Zra3x5NYP1Q1s=
.amazon-adsystem.com/	1970-01-20 19:33:05	Name: ad-id Value: A7OqqoN2ska5hsGGjD5yQGc
.amazon-adsystem.com/	1970-01-20 23:59:29	Name: ad-privacy Value: 0
givenow.lls.org/	1970-01-20 23:59:29	Name: connect.sid Value: s%3AEnpQUWb6rgmFglZfxIyKmiBxOZU49gCd.FOWmZXTSKkG0sjCr%2FaHQCqz1fVqUQFm084MEDfMfWqI
.givenow.lls.org/	1970-01-20 14:23:31	Name: __cf_bm Value: EHNOdhYI3SRUklnNIwr6hdDqRjCxGlYiajlbwLF36q4-1693409858-0-ARNzbXVdpb1kzvmGgu16Tf2ex3920Qq7ILxAy2MM/YcC4JRgS4MsSiAmg0+QvtRSGsU6IV66pjxLyoAB5VhjFFQ=
.givenow.lls.org/	1969-12-31 23:59:59	Name: __cfruid Value: aed84c21275d64542279ef4495e538e14e89aa98-1693409858
www.clarity.ms/	1970-01-20 23:09:05	Name: CLID Value: 1c78cedfc3814399a708251ab308cdcf.20230830.20240829
.tgbwidget.com/	1970-01-20 23:09:05	Name: _hjSessionUser_2773626 Value: eyJpZCI6IjQwNjY3N2UyLTZhMjItNTFlNS1iMDViLTU4ZGIzMjcyNWM2NSIsImNyZWF0ZWQiOjE2OTM0MDk4NTg2MjYsImV4aXN0aW5nIjpmYWxzZX0=
.tgbwidget.com/	1970-01-20 14:23:31	Name: _hjFirstSeen Value: 1
.tgbwidget.com/	1970-01-20 14:23:29	Name: _hjIncludedInSessionSample_2773626 Value: 0
.tgbwidget.com/	1970-01-20 14:23:31	Name: _hjSession_2773626 Value: eyJpZCI6IjU2ODAwNGNjLTUxMWMtNDVmZC1hZWI1LWUwYmEzZDBlM2Y5ZiIsImNyZWF0ZWQiOjE2OTM0MDk4NTg2MjgsImluU2FtcGxlIjpmYWxzZX0=
.tgbwidget.com/	1970-01-20 14:23:31	Name: _hjAbsoluteSessionInProgress Value: 0
.twitter.com/	1970-01-20 23:59:29	Name: personalization_id Value: "v1_qUJBXQobcdeY1KGutEoU7A=="
.t.co/	1970-01-20 23:59:29	Name: muc_ads Value: 4e40bf91-aa5b-48f0-b2f1-68e0a50e0ef6
.linkedin.com/	1970-01-20 16:33:05	Name: li_sugr Value: 00199505-6a8b-4476-a72f-da31a5bde42c
.linkedin.com/	1970-01-20 23:09:05	Name: bcookie Value: "v=2&23d23b61-11a1-4b5c-8c8c-6a4841fc5b07"
.linkedin.com/	1970-01-20 14:24:56	Name: lidc Value: "b=OGST00:s=O:r=O:a=O:p=O:g=3067:u=1:x=1:i=1693409858:t=1693496258:v=2:sig=AQF62kgSbzb8lVWv9uJZD-kBDJ9aAMAA"
.linkedin.com/	1970-01-20 15:06:41	Name: UserMatchHistory Value: AQITERjHRQLxBgAAAYpHF9Xzb2G7d415eMo-j-_Y0leSMMEB_TF4TulNP0Umq4gAVJn6Pta_96LgFQ
.linkedin.com/	1970-01-20 15:06:41	Name: AnalyticsSyncHistory Value: AQJfKMD_8L_bygAAAYpHF9Xz5-ba29eAvAUqNjBerPgzQB72iZMdbOilyylAsXDPop7QmTAP6dl5KtAMZNiqSA
.www.linkedin.com/	1970-01-20 23:09:05	Name: bscookie Value: "v=1&202308301537399b0d4e43-a2cb-4083-86dd-f770096427c2AQFkYB1T7V_k9WRNTBu5tI8qbPcA0joJ"
.linkedin.com/	1970-01-20 18:42:41	Name: li_gc Value: MTswOzE2OTM0MDk4NTk7MjswMjEsluCTNe5m769ahawXz90ww6tl67lY601by96z+zRP3Q==
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: NRz9qdqXZR4
.youtube.com/	1970-01-20 18:42:41	Name: VISITOR_INFO1_LIVE Value: XvXGy8LdXGY
.lls.org/	1970-01-20 23:59:29	Name: _ga_63NN87E39V Value: GS1.1.1693409856.1.0.1693409860.0.0.0
givenow.lls.org/	1969-12-31 23:59:59	Name: CSRF-TOKEN Value: UurVRuAX-XFDVU8rVvqbxost4E4_iFDZX7Ig
.c.bing.com/	1970-01-20 14:33:34	Name: MR Value: 0
.c.bing.com/	1970-01-20 23:45:05	Name: SRM_B Value: 2E779B6C34D768A419FB8811357B6960
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 23:45:05	Name: MUID Value: 2E779B6C34D768A419FB8811357B6960
.c.clarity.ms/	1970-01-20 14:33:34	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 14:23:30	Name: ANONCHK Value: 0
givenow.lls.org/	1970-01-20 14:23:30	Name: XSRF-TOKEN Value: eyJpdiI6Inh6dEkySlpUeGUwNGk4K0RZXC9pbFBRPT0iLCJ2YWx1ZSI6ImdjWVdUK05hWjVIT1p1V0RHN1pwYStsNWY2VndjZ2JoQ2p6NkltbGVVUXpjWW82bitJN0szVzFyYlhrYjJaUnljUERnSzRubUJQUzNLUldJbmN0V0U3c0ZsWjVsaDFLeFp6Zk9oeWdGbjRSR1VVNWV3a2dqeVVSMTFHVFNCamhDIiwibWFjIjoiNzMyYzA4ODFjNWVkY2IxYjNkZTM5ZDUxZTIzMjQ4YTAyNzA2NTNiNTMxZjJmMGRhM2E5NGMwZDBjNDAwMGM4YiJ9
givenow.lls.org/	1969-12-31 23:59:59	Name: sid Value: eyJpdiI6IjZ6TXQwUk0wYnRJQmhVd3RVa1RWMVE9PSIsInZhbHVlIjoiR2ladEppakVlR1Y0M2VnXC9rdE53QkdqcVJnRUozZmNYSnc5ZlhEbldoRHNQR1Y5RWZ2RVVIVndNclE5TXZ6NFdyVGFhaDFlN3FNK21hQXMzbzFha0kzRjRXMXlzZE9lWU9oUjdBTGUwSDI1NGRTU3hwV3pLOXluV2UwUVwvYmxidSIsIm1hYyI6IjMwZWQ1MDQxNjc4NTYxMjAxOGNhNmMwNTdiODQ1ODNkNDQ0ZGYyMWRjZmJmNzllNzRhNjU3MTg0NmNmN2U4NWQifQ%3D%3D
.google.com/	1970-01-20 18:47:01	Name: NID Value: 511=hNHs1ZzHnhkG8lEDoOarAFe4m3jG2lAbUcF-yeYY4n3ZjdGVrjCWDPatarFvwhHAxfgzWt3qhlzX2RQLdYCbOrgfxfyjWADMqimioD-jULhSaOqIUlybN0ZVVdvHAfWkdY-zAlC5xxOHfQUFk1qWOML6dZ9a6J4RIMn8WQAW-Iw
m.stripe.com/	1970-01-20 23:59:29	Name: m Value: 0cd0a9cc-a142-43bc-88c1-3d4c8ea5de9ba33742
.givenow.lls.org/	1970-01-20 23:09:05	Name: __stripe_mid Value: 41bbff82-9392-46d4-8a70-4f9dc1e569c97028f0
.givenow.lls.org/	1970-01-20 14:23:31	Name: __stripe_sid Value: a02b7d32-f132-42be-ae7f-5c6aa9b38a94551d7b
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: e8749c2be2fa93bb

23 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.merklesearch.com/merkle_track.js Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: https://media2.legacy.com/bind?ckey1=LeukemiaLymphSoc;cvalue1=1;expiresDays=60;adct=image/gif;misc=123;&gtmcb=1517797668 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://capigw.lls.org/events Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://www.lls.org').
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://www.lls.org').
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://www.lls.org').
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://www.lls.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://www.lls.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://www.lls.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://www.lls.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://www.lls.org').
security	error	Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://thegivingblock.com') does not match the recipient window's origin ('https://www.lls.org').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8977078.fls.doubleclick.net
aa.trkn.us
action.dstillery.com
action.media6degrees.com
adservice.google.com
alb.reddit.com
analytics.twitter.com
api.braintreegateway.com
api.duckduckgo.com
assets.classy.org
bam.nr-data.net
bat.bing.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
capigw.lls.org
cdn.linkedin.oribi.io
cdn.merklesearch.com
cdn.plaid.com
cdn.transcend.io
click.e.lls.org
code.jquery.com
connect.facebook.net
files.doublethedonation.com
fonts.googleapis.com
fonts.gstatic.com
givenow.lls.org
googleads.g.doubleclick.net
htp.tokenex.com
insight.adsrvr.org
js-agent.newrelic.com
js.adsrvr.org
js.braintreegateway.com
js.dev.shift4.com
js.stripe.com
m.stripe.com
m.stripe.network
media2.legacy.com
merchant-ui-api.stripe.com
pay.classy.org
pay.google.com
pixel.quantserve.com
play.google.com
prod-frs.content.classy.org
px.ads.linkedin.com
px4.ads.linkedin.com
q.clarity.ms
q.stripe.com
r.stripe.com
region1.analytics.google.com
region1.google-analytics.com
rules.quantcount.com
s.amazon-adsystem.com
script.hotjar.com
sdk.classy.org
secure.quantserve.com
snap.licdn.com
static.ads-twitter.com
static.cloudflareinsights.com
static.hotjar.com
static.tgbwidget.com
stats.g.doubleclick.net
t.co
tgbwidget.com
trkn.us
unpkg.com
widget-backend.tgbwidget.com
widgets.guidestar.org
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.lls.org
www.redditstatic.com
www.youtube.com
capigw.lls.org
cdn.merklesearch.com
104.22.55.118
104.244.42.131
104.244.42.197
13.107.42.14
13.111.180.223
13.248.139.42
13.32.121.78
142.250.186.66
146.75.120.157
15.197.193.217
151.101.192.176
151.101.193.140
151.101.2.137
162.247.243.29
172.217.16.198
18.218.75.13
192.229.221.25
20.231.53.73
2001:4860:4802:32::36
2001:4de0:ac18::1:a:3b
23.38.98.112
2600:9000:20eb:fc00:2:53b2:240:93a1
2600:9000:2204:3c00:a:84d7:f480:93a1
2600:9000:223c:ac00:6:44e3:f8c0:93a1
2600:9000:2250:c00:2:8531:afc0:93a1
2600:9000:25e8:3800:19:7d10:bd80:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:4400::6812:2412
2606:4700::6810:3965
2606:4700::6810:7baf
2606:4700::6812:7c49
2606:4700::6812:c55f
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:801::200e
2a00:1450:4001:806::2003
2a00:1450:4001:806::2008
2a00:1450:4001:808::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::200e
2a00:1450:4001:812::2003
2a00:1450:4001:81c::200e
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:400c:c04::5c
2a00:1450:400c:c0c::9c
2a02:26f0:480:f::213:7edd
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:200::396
3.20.118.146
40.114.177.156
44.208.176.114
44.238.101.88
52.143.247.24
52.222.139.101
52.222.139.19
52.222.208.154
52.222.236.63
52.30.58.64
52.46.143.56
54.144.30.117
54.187.159.182
54.83.53.190
65.9.78.118
68.219.88.97
0013fa19576bc229ac65c62f63811cecdf81e8fa52ccb1d2ff6910f98ac9640c
0364f06b1f86c5783648c8a418d1762f4478eda2ee2bf3f771eb78566bafae36
04d497dc0809bb860f4dddffb25fb91c69c0e6d3c9632fc9eedcffe6b8210c0d
0554d35c1bd2cf97476fb414cd0ec781e4702a8c6de954c6330f4c27d59fbd61
07255c0494bba363e6eb4d0aa16df13ca0bf7f9a4cd754a7723c93cf64441fcf
079da7f98f652e556762fdad47d9532144559e6fe39fded68ceae90f6510be18
08e70504edea96699795ab6db427f28b2a4e81355ae907f46dafc4bc891d919e
09175e4bf29bcada94ab400b8c3fc66a032341f16d2ab497c8503c0f729b63a4
0a8eae662e01a138b9efa50f109ae2a9205fc53a3262916727551470ac441e1d
0c4dd509c18fc1d84f3cfe2862748eadbf3470baebabae235b9a4fa3b4a592d9
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0f748a69e3312e02de9d9a62751a3c86ccc072b6b4dd407b470faadc52fe83ab
1070488cb31ca9a2cf7182c240f7da0f377308dfdf248af3679caab48bdc08d1
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
122555c03065b07b4d64d57ca9f3b6f242d0c0912b38b118a9aa9906b53e0b56
12ac4a17806ae1f6bcdd3547dcf8a1bc681908fd976c61b9f4a40b29ceda3607
13d4d39305baf3cd4bfcca7e22939cb0d4c40b883357885c0f787a5556e3b118
13e8b4f6220702a10a7566fb389055fedd388a364975146c8d2780c1d2fdc0d0
146949f3e984c96337d5482435d623b959b76f82ceb389c2827daa2be0024cbf
1492e3f222d0cc7fb2c657a22d234f698827f483fa5b3a8dff7e208d3caf92ee
151625dc258ed1d27b73caa4db6134ea495dbaceff12e6cef69fa1a0772e3cbd
184ec0ea51ee2025234c8a4fdecd4fc8ec282bb57540110bc4294e29173e6273
19d5fd5c306d7e083e4417377add9e1e1ff94a16aa3ed7d7c6bdceedf756dee1
1a4eebde263d5394185d71e1d50596e341c1408f04e673346df1d0641f3b57fe
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bd5520bc078d37cabf8b53bb157a0393544a998a8d06afde52356b361ec93b5
248c0244b350ec68880996aa6be6d7796274b49992d5fcbbefe251906aa4ea36
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2be7bbcb64fdda134b55d9a2d69f975b0418c57b02f792048dbcb8f8be7e6cc8
2d42bd85c29e779b03bb049753a596cb03e0dc3161babcf1175151231647a268
2e845b78d08276cc75ccfd4677a46b35d3f9c6c5f0cbca24aca703e93e9acead
2e8a6785bb0504bcf11d6a3c0a1eb017dcf01ee7c9a6db27e2ce380c78f69192
2f1f13c056eade7f7dc72195f4c4a2a94ee3baf4afa841a1f2e0d33b54c12e7e
2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e
2f57fab97c15bf3519176fcd494f12d36d24ca3d761a787a1e66a1058bc6b30f
31a12839c1ac6d6fbb1a69a420c523097bfd91ed4061779056cb86cd10a2a0c4
31d60aa93510814063d487e3450e139d51650d791ba2c1060f38f1c93b2cdea4
34819351ef0008bcd5bc124c85bf05742e23696e0fed2e51b386f20503e4326b
376c7e2828d3c32f1ca9b72a711714e76c4cc272f5fa4f2b4d1cf86c1aaddac5
38bc775802a9e96e44997f4e9374726a41d5c781752e590a76ad5a4f06673458
39af441e3b316fc87987118057609de58494b98dd16f1f8e9b98bd2fcef104b3
3a97639f32ac5f603e8d12fcc742ac9fe917917ce294b42015fe7c58510a5f0b
3dda1bc1dc1466b3dd828774a2a6132d169fe952be52107dacb0cd9f6d7c4d3b
3e084341e6f15ca33f624cb37af7489b084d2563d1dabc4f7bbc80338d3e59a4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f6a79e880a8c6410628950d9b6ea2dae5f661b5fad6c1430f39271729b32349
3f9da6e7045ce48b13bab551c010dfd61808e1234ace9dc8147058d5e843653d
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
465f71e36d9f0c8ed6ac2458e558790f11b0ffcc318e1141adbf7cbb03eaf1eb
4b30da9caad65ee78eaa78e84571694935dbdcc393b1d7302eeb8c1ac9b2735a
4df7f23c081fca6271cff172ada7f57cfb82045381624689e0c179c1e5a0fb83
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5133e669e5e97888b4e1194cb78b9a027968a68961a2ccec1ba3032235bd9683
53269878d5aafc41b44e729d4c787220da4cf746689526d56605f75ec697b167
53c07facf7000599b115bc9f4b8a44796ea8a6bc43021f3ca49c5755914e2704
557e6bcf50e0942ee29df4705f7c7d7020b951f4b70ca7fc8e1be2b32f51bd54
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
57cf76380c788e84a3ac2555875f9437ad95163bf4fb1c1097579cf327cd3f5c
582f83b00f967c6a8c2c10fd9791f7befec6c945e92cb74fe2c2c3455fea4301
587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0
5a025270d34177399149ca2afc963f8ec726986caaffbefbb7c91b5afa9f20ef
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b01f04ad1cd7cc927b6cd89a3c4b21bffa11180e140cb37bf1fb01ea83fdd7d
5bda6e956de7118dbd1c83fdb2c4836dd4eedaf1517c5b31202a37e2fdf55dbd
5c303c87ed727ae26835c51ee27d5729d304e19c93a647319441ecdb393ca81b
5ee4dbeb415263a1bd1ff3f3903cac7f086f10d596e250c6fb68194e284f11fb
5f424f4fe2cbe0855b75bc772aa6c7b3fa96ea72591b63d1faa98fa9f94e0304
5fb5dfe83179cd20586ec32be992d469f085c4ee3b28bf2f74608696a6633a23
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
647f014d36822ef7e0413ffbb65598ae0cb57fb798e635c63912c93d94eb356a
655fc56e3d81e573cdddfd666426b797ac6031526d792ab9f4622894f7fa9031
65ade054b003fb12ff528ad2640f69f49bca65d9f9d25b53dea8aee0d5d238cf
6659d15d61adb57bfa2c9c5aa99052fb2a3d8bc997de5b5f04088ef37e3e1093
6b7d5ccd463bc2218a1a0342153acd45be78745a8029ced1387c6a4c5165090c
6d07f4cdb1140747b14c4d7710328d71b9516017e7938f4a545874d0d4c311df
6ed607c6ab61cc879b8930c811deef44c87dbf7c45c69f7b404dd641a0fc14a0
707fdc5c8bab57a90061c6a8ed7b70d5ffb82fc810e994e79f90bace890c255a
72051eea2680cb85200568da3f230eb824e7c40e206c010376021de4a96021b5
727ce6de7bb39bd58273c318c761b0abc145d838ada3d7e4d3339f13861b6c52
76d77de6d13d886adeb5c992461890d2a44a168aeae0935353a1299373129c91
7852694db11f08ee046e3b8324b94364bbcae38f18ca61bf8dec43000068d9fa
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b4c405f4f010abcbf95b6e31081f8f0f5386bc1ef429d9a68f1af64391d447e
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f872f37d93f6ad26cfde22f5fd7ae4e99f18c4dc7d3386384f92f845056750b
8028a80160247b9a0c01d7986bf837f839a67521874b58b436d82a5e09353a95
80ab810deb9206ac862cc4d906331153e0190c42580c0a9b93f7de5dc9fd9b8e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8615b97de7d915ac3c19fc793cf19c12aed0df7aba16a5673a2c0ffc68d385c8
86c6832c9dce5b5fc9b98d2e15f03e4c2ce11b660ab95aa71f68b58c51ed6ca3
86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27
8823c996823d4b9b66e2e763594f74b2660ad26a3749dc30f7aa7fd7ddcab2eb
899634df29a5b6a5097ff3fb06cccfcd398d2885ae0326749c8bbdfcec5538c1
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8af454a790f87315cf02b1452f2ec2d83d88cfced7f02ff4e1627b4b4c166e9f
8b57d1b5e3f9d7947fc7940c1f4144335ed2ae95e9da59f0905bf92295684e42
8cef0a548a05f945992ad9afec739b15ac45f5b483f603a42b87594cd663bad9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d909883de81344e0fbcfef30e931872e92d9aeecdf85b6dcf6e0b28c078e98e
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b88f620688228fe83d5cfd2c327325267f5130868b6d8fd6768d86fedf3a7fc
9ca9d31f3f621954176f2af3955d7b2f691fde115dee35b03fdec5eb889209e6
9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745
9e223cb233ceee5080513e3ba10438d0e6ac5fe7b5c5f5bfd8efdd5f6d06092e
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
9e8330e730a8470ae3744996d3aab35ea7f26c5d75a2789f53b89ecf7924cf1a
9ea891739593e813f40ef9b5472dfd5074590b42e1867c70c496dcaddfe59201
9f88c56c75499f8886bcdbd43330029b3108f9aefb7e496788f448ed36311b90
a01b7f5d331b098ecdcba202679473422b6785ed5fead92d773804bc56ecab77
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a16e31fd6dc32c3e6f299457e494ace4b3c0d2bec04d838f9e334886659f8551
a24feed9b06092229d6574c0fa3b4c5620c2e9ec90a4d7912d9e204434ee12b3
a31ea64b19549b23d3d91dbbe4b8ee8457cfb47870adcc7e9adf51d6fb42887c
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
aab74c07a6d93c123fd56a38fdbaa9e974296385ec42eb877b529a6247d40fd3
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acf248fe0795120ec1119705b4fde86c6d8a52a71988bfbd34e40194b11df933
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4
b0fb4e1235c0c4815d6bd272ce4c9c65579c04f9c6e52a080a66393d01f84293
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b2cffb3d4620ddeb697ba04e787b68c7749efaa66614d9c6d16bc6082444f3bb
b3b81efb04d151989cae325d2c8dffb13090039372478be8a3b07f1fc79fac06
b70b5fb689d8ec7cb7a9f5058853aa9498f6e16151e137595885bc3619163873
bcd922ca6210dbacf1d6b4debc16fc8b91faeed3fed5d48e9f87f4bfa61b4b75
bee9d20d5ab7c8dc6c2462e3c668c6e00166c148ff55c8a643d86ce099e4da27
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c24c023cdd14f3bbda5f5674d9a6a82a9a0dee9652c6a6a119aff6da2cb59e02
c548ab92911cb0c3db4cbbe04248ddbfd4f50759d33b73ba54f6086cb7716b68
c5c4f8fa13e70da553be9cf33e51916f6b26561e75f39363247c6c21b4032a04
c685ccd0295a1765484cfb19d7ef545269703d94d6ea25b39b9da72474402697
c6f0903f51a521e2370ee4e3473e0a93c13d749be9442c9d56b6ca2760227fad
c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
c839c2208fbbc806ee7626ed839c22205212254797d7d7b9fe17c3ac7d36ba6f
c90b93aefe3e302d14ecadafe3f8aa45b5f90db60d0d763d05650d205f518200
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c98b1b46a1b380669aaa4a84c3eb49ebddd7b0227e707a3d9715e6ba42012457
c9b09598483b7091f36e95542d9c40ecb7018101c537d55948a4a36e3e555208
cab31fc0a6902621b57ffe6afec60a97aa570de05fafda357daaeece9c29485d
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cd71c3d76b43b13f4baf71d417cc2305eaf7cc314cd4a6454691776c22b8434e
cf1b7c7ecc75bbc92846715b31759293a11f4e24dbf879d8ed3a79ba22d0b55c
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0c90c32d816767b01f895dee8d70ccb4c975840a890f4bdbec05589405997f5
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d753ba5858b763254777232595736e27632ba3439f807d29cf31c86c4238dafe
ddd67054c303ec881ac73d874b557e2d4b70d97f64a09f67278f3e8ae3e6d48e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de46fb8e26ef2e02cc96f22b8986c1457c92616aeca80a0ce32b16a0faee024d
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3423c793635ff63c663656940acb65f80939ab0985130d906d6e0a1ebfd8022
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d0a5f56b697152ffe5ce1c12355a49bcb55e6902be553e6c6d2ebf2de18530
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
ebeeb6852c8d5689249269cfa59febdad1141a9810331c31d4331f53f47750f7
ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f4127266ea61b68b1f9f631db260002079b883aa8162bd5649dcbff187310a20
f5a317a64defc5638075d882495f7033f07246f9c7276d24d143f2466229b930
f5aec2cba1c384868e2a5dab344bc7ff062eb291e2508cbfaad496c553b0fc2f
f5d5aeb431c1b58b5833010916188860ad90869f8c7d1ac3942b061279ccaaad
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d
f9c236101e3d93235bb9399cb76917a31f284f25e51ef5257af0878b3c893fc7
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fb92a1ef1cf264bb8eea72c2931c0792c88263258e00e86de118bdd5f1aae997
fd3eec8037d2a554fa5cea4e654e265e908623e3ede0621cfb89f3aea6611386
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.lls.org Open in urlscan Pro 54.83.53.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

314 Requests

97 %HTTPS

49 %IPv6

49 Domains

80 Subdomains

67 IPs

6 Countries

8345 kBTransfer

26518 kBSize

54 Cookies

26 Outgoing links

Page URL History

Redirected requests

314 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.lls.org Open in urlscan Pro
54.83.53.190 Public Scan

Screenshot
Live screenshot

Full Image

314
Requests

97 %
HTTPS

49 %
IPv6

49
Domains

80
Subdomains

67
IPs

6
Countries

8345 kB
Transfer

26518 kB
Size

54
Cookies

314 HTTP transactions
1 data transactions