give.57357.org Open in urlscan Pro
2606:4700:10::ac43:1863  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

• https://s.adroll.com/j/exp/5YMZHBRV7ZHDXIC5ZNGGRC/index.js HTTP 302
• https://s.adroll.com/j/exp/index.js

Request Chain 48

• https://s.adroll.com/j/pre/5YMZHBRV7ZHDXIC5ZNGGRC/XCCHVQJOQJHPDE4BPIFWWC/fpconsent.js HTTP 302
• https://s.adroll.com/j/pre/index.js

Request Chain 51

• https://d.adroll.com/pixel/5YMZHBRV7ZHDXIC5ZNGGRC/XCCHVQJOQJHPDE4BPIFWWC?adroll_fpc=65dbc8b5b99cd7fa04311c756f1f4ae7-1646136085781&arrfrr=https%3A%2F%2Fgive.57357.org%2F&pv=40721811053.913925&cookie=&adroll_s_ref=&keyw= HTTP 302
• https://s.adroll.com/pixel/5YMZHBRV7ZHDXIC5ZNGGRC/XCCHVQJOQJHPDE4BPIFWWC/7XEKBKPS4BGMXLKUEIYC35.js

Request Chain 53

• https://d.adroll.com/cm/r/out?adroll_fpc=65dbc8b5b99cd7fa04311c756f1f4ae7-1646136085781&arrfrr=https%3A%2F%2Fgive.57357.org%2F&advertisable=5YMZHBRV7ZHDXIC5ZNGGRC HTTP 302
• https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 54

• https://d.adroll.com/cm/b/out?adroll_fpc=65dbc8b5b99cd7fa04311c756f1f4ae7-1646136085781&arrfrr=https%3A%2F%2Fgive.57357.org%2F&advertisable=5YMZHBRV7ZHDXIC5ZNGGRC HTTP 302
• https://x.bidswitch.net/sync?dsp_id=44&user_id=MDY2YjI3MThhODdmYTBkOWM3MmNmNmYzNjUzMGE4Yzg HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MDY2YjI3MThhODdmYTBkOWM3MmNmNmYzNjUzMGE4Yzg

Request Chain 55

• https://d.adroll.com/cm/x/out?adroll_fpc=65dbc8b5b99cd7fa04311c756f1f4ae7-1646136085781&arrfrr=https%3A%2F%2Fgive.57357.org%2F&advertisable=5YMZHBRV7ZHDXIC5ZNGGRC HTTP 302
• https://ib.adnxs.com/setuid?entity=172&code=MDY2YjI3MThhODdmYTBkOWM3MmNmNmYzNjUzMGE4Yzg HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMDY2YjI3MThhODdmYTBkOWM3MmNmNmYzNjUzMGE4Yzg

Request Chain 57

• https://d.adroll.com/cm/o/out?adroll_fpc=65dbc8b5b99cd7fa04311c756f1f4ae7-1646136085781&arrfrr=https%3A%2F%2Fgive.57357.org%2F&advertisable=5YMZHBRV7ZHDXIC5ZNGGRC HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537103138&val=066b2718a87fa0d9c72cf6f36530a8c8

Request Chain 58

• https://d.adroll.com/cm/g/out?adroll_fpc=65dbc8b5b99cd7fa04311c756f1f4ae7-1646136085781&arrfrr=https%3A%2F%2Fgive.57357.org%2F&advertisable=5YMZHBRV7ZHDXIC5ZNGGRC&google_nid=adroll5 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=BmsnGKh_oNnHLPbzZTCoyA HTTP 302
• https://d.adroll.com/cm/g/in

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response give.57357.org/	71 KB 14 KB	152ms 93ms	Document text/html	2606:4700:10::ac43:1863 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://give.57357.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1863 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.0.13 Resource Hash b8b8a8780b8fbfa54b9771e31d85518545551be05d607dbd8f2fb959c96a8bff Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Tue, 01 Mar 2022 12:01:24 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding x-powered-by PHP/8.0.13 x-frame-options SAMEORIGIN nd 1 x-xss-protection 1; mode=block cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6e51bcdf2bb09168-FRA content-encoding gzip
GET H2	200	js Show response www.googletagmanager.com/gtag/	94 KB 37 KB	147ms 62ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-76772116-1 Requested by Host: give.57357.org URL: https://give.57357.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0638379caade655089049dd317fcec0a3aa28b50352605c20ce3476113da275b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 12:01:24 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37506 x-xss-protection 0 expires Tue, 01 Mar 2022 12:01:24 GMT
GET H2	200	styles.css give.57357.org/assets/stylesheets/	208 KB 42 KB	37ms 36ms	Stylesheet text/css	2606:4700:10::ac43:1863 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://give.57357.org/assets/stylesheets/styles.css Requested by Host: give.57357.org URL: https://give.57357.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1863 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 88a210fccf6002263ff58b2fd9cea32de235cb4d0884481874d96b661d6976ae Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 12:01:24 GMT content-encoding gzip vary Accept-Encoding cf-cache-status HIT age 27730 nd 2 x-xss-protection 1; mode=block last-modified Sun, 26 Apr 2020 23:47:43 GMT server cloudflare etag W/"5ea61d9f-33f9b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type text/css cache-control max-age=28800 cf-ray 6e51bcdfed6c9168-FRA expires Tue, 01 Mar 2022 12:03:57 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	146 KB 54 KB	57ms 55ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-990710837 Requested by Host: give.57357.org URL: https://give.57357.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash db95b4f47442d36a58953c79b55d56fe7c7993d21c7f310e198cf20b6dea4de5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 12:01:24 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 55373 x-xss-protection 0 expires Tue, 01 Mar 2022 12:01:24 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	850 B 968 B	132ms 46ms	Script text/javascript	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: give.57357.org URL: https://give.57357.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash d78ee501fd3af17e979356da8b12261e4647ea87c01df316a742de9deb090eda Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 12:01:24 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 555 x-xss-protection 1; mode=block expires Tue, 01 Mar 2022 12:01:24 GMT
GET H2	200	api.js Show response give.57357.org/cdn-cgi/bm/cv/669835187/	35 KB 9 KB	14ms 12ms	Script text/javascript	2606:4700:10::ac43:1863 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://give.57357.org/cdn-cgi/bm/cv/669835187/api.js Requested by Host: give.57357.org URL: https://give.57357.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1863 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 12:01:24 GMT content-encoding gzip x-content-type-options nosniff server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript cache-control max-age=604800, public cf-ray 6e51bce0bff09168-FRA
GET H2	200	logo.png give.57357.org/assets/images/	19 KB 19 KB	20ms 19ms	Image image/webp	2606:4700:10::ac43:1863 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://give.57357.org/assets/images/logo.png Requested by Host: give.57357.org URL: https://give.57357.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1863 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b2075c499acaab85a004bb7c87b785de8594c414a7517ab23829cc5b4fdc0fe Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 12:01:24 GMT cf-cache-status HIT age 27730 cf-polished origFmt=png, origSize=25125 nd 1 content-disposition inline; filename="logo.webp" content-length 19112 x-xss-protection 1; mode=block last-modified Sun, 26 Apr 2020 23:47:43 GMT server cloudflare x-frame-options SAMEORIGIN etag "5ea61d9f-6225" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept content-type image/webp expires Tue, 01 Mar 2022 12:03:57 GMT cache-control max-age=28800 accept-ranges bytes cf-ray 6e51bce0bff19168-FRA cf-bgj imgq:100,h2pri
GET H2	200	heart-57357.png give.57357.org/img/	2 KB 2 KB	22ms 21ms	Image image/webp	2606:4700:10::ac43:1863 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://give.57357.org/img/heart-57357.png Requested by Host: give.57357.org URL: https://give.57357.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1863 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cb4b2d88146c003a7574d5361b801c78132fc50155685108ad0e439bcc70ac4a Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 12:01:24 GMT cf-cache-status HIT age 27730 cf-polished origFmt=png, origSize=3686 nd 1 content-disposition inline; filename="heart-57357.webp" content-length 2170 x-xss-protection 1; mode=block last-modified Wed, 13 May 2020 10:35:03 GMT server cloudflare x-frame-options SAMEORIGIN etag "5ebbcd57-e66" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept content-type image/webp expires Tue, 01 Mar 2022 12:03:57 GMT cache-control max-age=28800 accept-ranges bytes cf-ray 6e51bce0cff39168-FRA cf-bgj imgq:100,h2pri
GET H2	200	alterna-logo.png beta.57357.org/wp-content/themes/57357/img/	14 KB 14 KB	205ms 22ms	Image image/webp	2606:4700:10::ac43:1863 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://beta.57357.org/wp-content/themes/57357/img/alterna-logo.png Requested by Host: give.57357.org URL: https://give.57357.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1863 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 265ecc13cf90b65e285a7c156bea8cc536ee4c958db09d27eca9ed5c203619b8 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 12:01:24 GMT cf-cache-status HIT age 27720 cf-polished origFmt=png, origSize=23197 nd 2 content-disposition inline; filename="alterna-logo.webp" content-length 14456 x-xss-protection 1; mode=block last-modified Sat, 06 Apr 2019 00:48:28 GMT server cloudflare x-frame-options SAMEORIGIN etag "5ca7f75c-5a9d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept content-type image/webp expires Tue, 01 Mar 2022 12:13:51 GMT cache-control max-age=28800 accept-ranges bytes cf-ray 6e51bce1ea939168-FRA cf-bgj imgq:100,h2pri
GET H2	200	jquery.min.js Show response give.57357.org/assets/javascripts/	95 KB 39 KB	25ms 25ms	Script application/javascript	2606:4700:10::ac43:1863 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://give.57357.org/assets/javascripts/jquery.min.js Requested by Host: give.57357.org URL: https://give.57357.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1863 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 12:01:24 GMT content-encoding gzip vary Accept-Encoding cf-cache-status HIT age 27730 nd 1 x-xss-protection 1; mode=block last-modified Sun, 26 Apr 2020 23:47:43 GMT server cloudflare etag W/"5ea61d9f-17b8b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=28800 cf-ray 6e51bce0bfde9168-FRA expires Tue, 01 Mar 2022 12:03:57 GMT
GET H2	200	bootstrap.min.js Show response give.57357.org/assets/javascripts/	36 KB 12 KB	22ms 21ms	Script application/javascript	2606:4700:10::ac43:1863 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://give.57357.org/assets/javascripts/bootstrap.min.js Requested by Host: give.57357.org URL: https://give.57357.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1863 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 12:01:24 GMT content-encoding gzip vary Accept-Encoding cf-cache-status HIT age 27730 nd 1 x-xss-protection 1; mode=block last-modified Sun, 26 Apr 2020 23:47:43 GMT server cloudflare etag W/"5ea61d9f-90b5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=28800 cf-ray 6e51bce0bfe99168-FRA expires Tue, 01 Mar 2022 12:03:57 GMT
GET H2	200	scripts.js Show response give.57357.org/assets/javascripts/	152 B 211 B	21ms 20ms	Script application/javascript	2606:4700:10::ac43:1863 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://give.57357.org/assets/javascripts/scripts.js Requested by Host: give.57357.org URL: https://give.57357.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1863 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash efe4cbcd13cf486acfd6ce1e8b200e1423fbb0e90994fdfd9c8635f67ed7d93f Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 12:01:24 GMT content-encoding gzip vary Accept-Encoding cf-cache-status HIT age 27730 nd 1 x-xss-protection 1; mode=block last-modified Sun, 26 Apr 2020 23:47:43 GMT server cloudflare etag W/"5ea61d9f-98" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=28800 cf-ray 6e51bce0bfec9168-FRA expires Tue, 01 Mar 2022 12:03:57 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	99 KB 27 KB	23ms 7ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: give.57357.org URL: https://give.57357.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 26236 x-xss-protection 0 pragma public x-fb-debug QoOP6VIY7z1ZOXOyrHVgsoiJQM2bAjDmvzb7MP54tJ0IBS8SFRuejRGu8MNvTVvvhK4v4DAR8daSdQ+5K6HiYQ== x-fb-trip-id 2050670934 cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Tue, 01 Mar 2022 12:01:24 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/	357 KB 142 KB	123ms 39ms	Script text/javascript	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 13c7ce8eb4433ee82ab08c5b401235d0c97a6dff3af0c288ee9a64d1afe964cb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://give.57357.org/ Origin https://give.57357.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 11:55:59 GMT content-encoding gzip x-content-type-options nosniff age 325 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 144239 x-xss-protection 0 last-modified Tue, 22 Feb 2022 21:22:22 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 01 Mar 2023 11:55:59 GMT
GET H2	404	title-seperator-orang.png www.57357.org/wp-content/themes/57357/img/	0 0	142ms 97ms	Image text/html	2606:4700:10::ac43:1863 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.57357.org/wp-content/themes/57357/img/title-seperator-orang.png Requested by Host: give.57357.org URL: https://give.57357.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1863 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers
GET H2	200	fontawesome-webfont.woff2 give.57357.org/assets/fonts/	75 KB 76 KB	89ms 89ms	Font font/woff2	2606:4700:10::ac43:1863 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://give.57357.org/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: give.57357.org URL: https://give.57357.org/assets/stylesheets/styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1863 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://give.57357.org/assets/stylesheets/styles.css Origin https://give.57357.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 12:01:24 GMT cf-cache-status REVALIDATED last-modified Sun, 26 Apr 2020 23:47:43 GMT server cloudflare x-frame-options SAMEORIGIN etag "5ea61d9f-12d68" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding nd 1 content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 6e51bce0c8149168-FRA content-length 77160 x-xss-protection 1; mode=block
GET H/1.1	200 OK	seal.min.js Show response seal.digicert.com/seals/cascade/	7 KB 4 KB	97ms 28ms	Script application/javascript	63.33.186.64 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://seal.digicert.com/seals/cascade/seal.min.js Requested by Host: give.57357.org URL: https://give.57357.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 63.33.186.64 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-33-186-64.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 277b0281ce8610bb77c2a8332c8544d26fa6ae6c6a29dd9418a3805d92a6ac14 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block, 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Tue, 01 Mar 2022 12:01:24 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Mon, 28 Feb 2022 20:14:28 GMT Server nginx ETag W/"1df4-5d919b20a9100" Transfer-Encoding chunked Content-Type application/javascript Connection keep-alive Strict-Transport-Security max-age=31536000 X-XSS-Protection 1; mode=block, 1; mode=block
GET H2	200	1782054988719227 Show response connect.facebook.net/signals/config/	308 KB 88 KB	60ms 59ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1782054988719227?v=2.9.52&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 7b454cc51014212a2a50d4c97287472c37c023e958d9a03003bf9fd8d7ef5df8 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 x-xss-protection 0 pragma public x-fb-debug 5WfYMTnNkH2KmKa89ljLl0HsJGClSR1XEu/1D3cAnp3T6KAxgkrJ9FXZAFOQIQ+/5yqCUZcKVkra35fSU3eKbg== x-fb-trip-id 2050670934 x-frame-options DENY cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Tue, 01 Mar 2022 12:01:24 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	129ms 39ms	Script text/javascript	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-76772116-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 1591 date Tue, 01 Mar 2022 11:34:53 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Tue, 01 Mar 2022 13:34:53 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	146 KB 54 KB	99ms 52ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-990710837&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-76772116-1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0de2ed311c0b93a846b472c102f4f85b9a4df66ed924da1687e5123914dfd264 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 12:01:24 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 55392 x-xss-protection 0 expires Tue, 01 Mar 2022 12:01:24 GMT
POST H2	204	result Show response give.57357.org/cdn-cgi/bm/cv/	0 262 B	9ms 9ms	XHR text/plain	2606:4700:10::ac43:1863 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://give.57357.org/cdn-cgi/bm/cv/result?req_id=6e51bcdf2bb09168 Requested by Host: give.57357.org URL: https://give.57357.org/cdn-cgi/bm/cv/669835187/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1863 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://give.57357.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type application/json Response headers date Tue, 01 Mar 2022 12:01:24 GMT server cloudflare cf-ray 6e51bce1ba219168-FRA expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	39 KB 15 KB	140ms 55ms	Script text/javascript	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-990710837 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash 083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 12:01:24 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14879 x-xss-protection 0 server cafe etag 17635014576153706337 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Tue, 01 Mar 2022 12:01:24 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 295 B	24ms 8ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1782054988719227&ev=PageView&dl=https%3A%2F%2Fgive.57357.org%2F&rl=&if=false&ts=1646136084788&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1646136084786.1479966434&it=1646136084679&coo=false&exp=p1&rqm=GET Requested by Host: give.57357.org URL: https://give.57357.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 12:01:24 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 content-length 44 expires Tue, 01 Mar 2022 12:01:24 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 101 B	24ms 8ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1782054988719227&ev=ViewContent&dl=https%3A%2F%2Fgive.57357.org%2F&rl=&if=false&ts=1646136084789&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1646136084786.1479966434&it=1646136084679&coo=false&exp=p1&rqm=GET Requested by Host: give.57357.org URL: https://give.57357.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 12:01:24 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 content-length 44 expires Tue, 01 Mar 2022 12:01:24 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 101 B	24ms 8ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1782054988719227&ev=ViewContent&dl=https%3A%2F%2Fgive.57357.org%2F&rl=&if=false&ts=1646136084790&sw=1600&sh=1200&v=2.9.52&r=stable&ec=2&o=30&fbp=fb.1.1646136084786.1479966434&it=1646136084679&coo=false&exp=p1&rqm=GET Requested by Host: give.57357.org URL: https://give.57357.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 12:01:24 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 content-length 44 expires Tue, 01 Mar 2022 12:01:24 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	94ms 46ms	XHR text/plain	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2003705536&t=pageview&_s=1&dl=https%3A%2F%2Fgive.57357.org%2F&ul=en-us&de=UTF-8&dt=Hospital%2057357%20Donation%20page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=819628705&gjid=65350537&cid=183296014.1646136085&tid=UA-76772116-1&_gid=489616784.1646136085&_r=1&gtm=2ou2s0&z=79553752 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://give.57357.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 01 Mar 2022 12:01:24 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://give.57357.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	anchor Show response www.google.com/recaptcha/api2/ Frame 13CB	42 KB 22 KB	113ms 64ms	Document text/html	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcMbkwUAAAAAIa-HBwqaHSj57I0X7IZJxQNzb7S&co=aHR0cHM6Ly9naXZlLjU3MzU3Lm9yZzo0NDM.&hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&size=normal&cb=338e9unvakzb Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash cffff7e7ad8e3f50f3f571214ddcfb4dedab664e8e464e2286b7ecc1f383071d Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-gkmtEKuJUOJq8HGineqjjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Tue, 01 Mar 2022 12:01:24 GMT content-security-policy script-src 'report-sample' 'nonce-gkmtEKuJUOJq8HGineqjjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 22594 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/990710837/	2 KB 1 KB	136ms 53ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/990710837/?random=1646136084909&cv=9&fst=1646136084909&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2s0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.57357.org%2F&tiba=Hospital%2057357%20Donation%20page&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 644d44705b8d3504bc218b81f9bb0a7ba6f89c271a8c8683216910b1541922a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Tue, 01 Mar 2022 12:01:25 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1034 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/990710837/	2 KB 2 KB	135ms 52ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/990710837/?random=1646136084912&cv=9&fst=1646136084912&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2s0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.57357.org%2F&tiba=Hospital%2057357%20Donation%20page&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6825ab72d2588bc557db836e09cc4662c16fcba167fe286974208ab801bab952 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Tue, 01 Mar 2022 12:01:25 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1032 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/ Frame 13CB	51 KB 24 KB	82ms 37ms	Stylesheet text/css	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcMbkwUAAAAAIa-HBwqaHSj57I0X7IZJxQNzb7S&co=aHR0cHM6Ly9naXZlLjU3MzU3Lm9yZzo0NDM.&hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&size=normal&cb=338e9unvakzb Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 13:56:18 GMT content-encoding gzip x-content-type-options nosniff age 79507 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24237 x-xss-protection 0 last-modified Tue, 22 Feb 2022 21:22:22 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 28 Feb 2023 13:56:18 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/ Frame 13CB	357 KB 141 KB	81ms 36ms	Script text/javascript	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcMbkwUAAAAAIa-HBwqaHSj57I0X7IZJxQNzb7S&co=aHR0cHM6Ly9naXZlLjU3MzU3Lm9yZzo0NDM.&hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&size=normal&cb=338e9unvakzb Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 13c7ce8eb4433ee82ab08c5b401235d0c97a6dff3af0c288ee9a64d1afe964cb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 11:55:59 GMT content-encoding gzip x-content-type-options nosniff age 326 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 144239 x-xss-protection 0 last-modified Tue, 22 Feb 2022 21:22:22 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 01 Mar 2023 11:55:59 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/990710837/	42 B 64 B	53ms 52ms	Image image/gif	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/990710837/?random=1646136084912&cv=9&fst=1646136000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.57357.org%2F&tiba=Hospital%2057357%20Donation%20page&async=1&fmt=3&is_vtc=1&random=200849362&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: give.57357.org URL: https://give.57357.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Tue, 01 Mar 2022 12:01:25 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/990710837/	42 B 108 B	149ms 51ms	Image image/gif	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/990710837/?random=1646136084912&cv=9&fst=1646136000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.57357.org%2F&tiba=Hospital%2057357%20Donation%20page&async=1&fmt=3&is_vtc=1&random=200849362&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: give.57357.org URL: https://give.57357.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Tue, 01 Mar 2022 12:01:25 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/990710837/	42 B 64 B	50ms 50ms	Image image/gif	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/990710837/?random=1646136084909&cv=9&fst=1646136000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.57357.org%2F&tiba=Hospital%2057357%20Donation%20page&async=1&fmt=3&is_vtc=1&random=2439429954&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: give.57357.org URL: https://give.57357.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Tue, 01 Mar 2022 12:01:25 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/990710837/	42 B 548 B	146ms 49ms	Image image/gif	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/990710837/?random=1646136084909&cv=9&fst=1646136000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.57357.org%2F&tiba=Hospital%2057357%20Donation%20page&async=1&fmt=3&is_vtc=1&random=2439429954&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: give.57357.org URL: https://give.57357.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Tue, 01 Mar 2022 12:01:25 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated / Frame 13CB	14 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 13CB	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Content-Type image/png
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 13CB	2 KB 2 KB	37ms 36ms	Image image/png	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 22 Feb 2022 18:59:48 GMT x-content-type-options nosniff age 579697 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Tue, 01 Mar 2022 18:59:48 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 13CB	15 KB 16 KB	128ms 39ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcMbkwUAAAAAIa-HBwqaHSj57I0X7IZJxQNzb7S&co=aHR0cHM6Ly9naXZlLjU3MzU3Lm9yZzo0NDM.&hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&size=normal&cb=338e9unvakzb Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 11:18:05 GMT x-content-type-options nosniff age 2600 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 01 Mar 2023 11:18:05 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame 13CB	102 B 134 B	48ms 48ms	Other text/javascript	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcMbkwUAAAAAIa-HBwqaHSj57I0X7IZJxQNzb7S&co=aHR0cHM6Ly9naXZlLjU3MzU3Lm9yZzo0NDM.&hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&size=normal&cb=338e9unvakzb Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 89567d8c6d40b4b724c621cd789d46041d7312ca07647afd0f8ce3939e3631cc Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcMbkwUAAAAAIa-HBwqaHSj57I0X7IZJxQNzb7S&co=aHR0cHM6Ly9naXZlLjU3MzU3Lm9yZzo0NDM.&hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&size=normal&cb=338e9unvakzb User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 12:01:25 GMT content-encoding gzip x-content-type-options nosniff server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112 x-xss-protection 1; mode=block expires Tue, 01 Mar 2022 12:01:25 GMT
GET H3	200	bframe Show response www.google.com/recaptcha/api2/ Frame 2358	7 KB 1 KB	58ms 58ms	Document text/html	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&k=6LcMbkwUAAAAAIa-HBwqaHSj57I0X7IZJxQNzb7S Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash c9fccec218056053f331895eb32f1d6ba91f4aff2ca2cb4fc0e95a9233cafd6b Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-0AfNoZU88kCviPqOOhoHjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Tue, 01 Mar 2022 12:01:25 GMT content-security-policy script-src 'report-sample' 'nonce-0AfNoZU88kCviPqOOhoHjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 1114 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3	200	/ Show response www.facebook.com/tr/ Frame 848D	0 18 B	18ms 8ms	Document text/plain	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Requested by Host: give.57357.org URL: https://give.57357.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Upgrade-Insecure-Requests 1 Origin https://give.57357.org Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ Response headers content-type text/plain access-control-allow-origin https://give.57357.org access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin content-length 0 server proxygen-bolt alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 priority u=0 date Tue, 01 Mar 2022 12:01:25 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/ Frame 2358	51 KB 24 KB	37ms 36ms	Stylesheet text/css	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&k=6LcMbkwUAAAAAIa-HBwqaHSj57I0X7IZJxQNzb7S Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 13:56:18 GMT content-encoding gzip x-content-type-options nosniff age 79507 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24237 x-xss-protection 0 last-modified Tue, 22 Feb 2022 21:22:22 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 28 Feb 2023 13:56:18 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/ Frame 2358	357 KB 141 KB	39ms 39ms	Script text/javascript	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/PdoyIVkd8v16xl_NMp3H0N1Y/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=PdoyIVkd8v16xl_NMp3H0N1Y&k=6LcMbkwUAAAAAIa-HBwqaHSj57I0X7IZJxQNzb7S Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 13c7ce8eb4433ee82ab08c5b401235d0c97a6dff3af0c288ee9a64d1afe964cb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 11:55:59 GMT content-encoding gzip x-content-type-options nosniff age 326 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 144239 x-xss-protection 0 last-modified Tue, 22 Feb 2022 21:22:22 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 01 Mar 2023 11:55:59 GMT
GET H2	200	nr-1215.min.js Show response js-agent.newrelic.com/	36 KB 14 KB	22ms 6ms	Script application/javascript	151.101.66.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-1215.min.js Requested by Host: give.57357.org URL: https://give.57357.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-amz-version-id mrZZlI3m.d3cabi4HqLBBkr4pQ2c77UF content-encoding gzip etag "615035bb6557b191e767e19087efabaf" x-amz-request-id 7VT9MY8Q3PHGAEB0 x-cache HIT cross-origin-resource-policy cross-origin content-length 13666 x-amz-id-2 76gX7GB8fbv7miyAu1rYKN5gFEHCAbQhR1cq/nY/9bq4zaHpB1fUOt9RjOlvJCI/SMBspiSv9dw= x-served-by cache-hhn4080-HHN last-modified Mon, 24 Jan 2022 22:13:53 GMT server AmazonS3 x-timer S1646136085.490601,VS0,VE0 date Tue, 01 Mar 2022 12:01:25 GMT vary Accept-Encoding content-type application/javascript via 1.1 varnish cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 5751
GET H/1.1	200 OK	/ seal.digicert.com/seals/cascade/	6 KB 7 KB	28ms 28ms	Image image/png	63.33.186.64 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://seal.digicert.com/seals/cascade/?tag=-gPxMZf5&referer=give.57357.org&format=png&lang=en&seal_number=10&seal_size=m&an=min Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 63.33.186.64 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-33-186-64.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash c252c0f53934b233448874868cf10a66deacbd3c61d9171fa386ca6006311489 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block, 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Tue, 01 Mar 2022 12:01:25 GMT X-Content-Type-Options nosniff Last-Modified Tue, 01 Mar 2022 00:00:00 +0000 Server nginx Strict-Transport-Security max-age=31536000 Content-Type image/png Cache-control max-age=86400 Connection keep-alive Content-Length 6472 X-XSS-Protection 1; mode=block, 1; mode=block Expires Wed, 02 Mar 2022 10:08:57 +0000
GET H/1.1	200 OK	4dfed0ed58 Show response bam-cell.nr-data.net/1/	49 B 715 B	892ms 874ms	Script text/javascript	162.247.243.147 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bam-cell.nr-data.net/1/4dfed0ed58?a=409672231&v=1215.1253ab8&to=MQRQMhYHCkcAARALXwhOZxQNSQ1aBQccTEAOEQ%3D%3D&rst=1216&ck=1&ref=https://give.57357.org/&ap=1&be=176&fe=1186&dc=382&perf=%7B%22timing%22:%7B%22of%22:1646136084286,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:38,%22c%22:38,%22s%22:44,%22ce%22:59,%22rq%22:60,%22rp%22:152,%22rpe%22:153,%22dl%22:155,%22di%22:382,%22ds%22:382,%22de%22:383,%22dc%22:1186,%22l%22:1186,%22le%22:1188%7D,%22navigation%22:%7B%7D%7D&fp=377&fcp=377&at=HUNTRF4dGUk%3D&jsonp=NREUM.setToken Requested by Host: js-agent.newrelic.com URL: https://js-agent.newrelic.com/nr-1215.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82 Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Tue, 01 Mar 2022 12:01:26 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC Server cloudflare Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Vary Accept-Encoding access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS Content-Type text/javascript Access-Control-Allow-Origin * Transfer-Encoding chunked Cross-Origin-Resource-Policy cross-origin Connection keep-alive access-control-allow-credentials true CF-Ray 6e51bce68ba65c4a-FRA
GET H/1.1	200 OK	roundtrip.js Show response s.adroll.com/j/	46 KB 15 KB	28ms 9ms	Script text/javascript	2600:9000:2156:7600:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/roundtrip.js Requested by Host: give.57357.org URL: https://give.57357.org/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:7600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d62a3b924d49cc3909d8c7e7d66c6fda8780c357fae0f927993f424928401b20 Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers X-Amz-Version-Id mLgRV7jYHDvB6wDphJKX5Q2F5vg5l49f Content-Encoding gzip Etag W/"b8caabe626e64605e61edd5174246bf4" Age 941 X-Amz-Server-Side-Encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Vary Accept-Encoding Via 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront) Last-Modified Mon, 07 Feb 2022 16:47:41 GMT Server AmazonS3 Date Tue, 01 Mar 2022 11:45:45 GMT Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false X-Amz-Cf-Pop FRA50-C1 Access-Control-Allow-Headers * X-Amz-Cf-Id iMMnozat-NEEh8YOypRVBopprYx84ci2fhMqzxJ71F1RLsLgR3henA==
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/exp/ Redirect Chain https://s.adroll.com/j/exp/5YMZHBRV7ZHDXIC5ZNGGRC/index.js https://s.adroll.com/j/exp/index.js	28 B 762 B	12ms 9ms	Script application/javascript	2600:9000:2156:7600:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/exp/index.js Protocol HTTP/1.1 Server 2600:9000:2156:7600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52 Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers X-Amz-Version-Id VxC0v7SN4NsT_sJxZYoy27yA4ALlRfhC Via 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront) Etag "5816cced8568d223aa09d889f300692b" Age 47623 X-Amz-Server-Side-Encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Content-Length 28 Last-Modified Mon, 18 Oct 2021 21:07:54 GMT Server AmazonS3 Date Tue, 01 Mar 2022 04:39:09 GMT Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Allow-Credentials false X-Amz-Cf-Pop FRA50-C1 Accept-Ranges bytes Access-Control-Allow-Headers * X-Amz-Cf-Id 4lT_cfIhl82vrnLUGkjZ-FtB3fwZgclPSA7GETGBg9PmP4ieWUBuqg== Redirect headers Date Tue, 01 Mar 2022 10:30:49 GMT Via 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront) Age 5436 X-Cache Hit from cloudfront Connection keep-alive Content-Length 0 Server AmazonS3 Location https://s.adroll.com/j/exp/index.js Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type application/xml Access-Control-Allow-Origin * Access-Control-Allow-Credentials false X-Amz-Cf-Pop FRA50-C1 Access-Control-Allow-Headers * X-Amz-Cf-Id d75zm8dMnGjGW_MqDcyOo_tejoF_eMbT3GCbSDl3AqaKOUEI1T67Sw==
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/pre/ Redirect Chain https://s.adroll.com/j/pre/5YMZHBRV7ZHDXIC5ZNGGRC/XCCHVQJOQJHPDE4BPIFWWC/fpconsent.js https://s.adroll.com/j/pre/index.js	0 733 B	9ms 9ms	Script application/javascript	2600:9000:2156:7600:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/pre/index.js Protocol HTTP/1.1 Server 2600:9000:2156:7600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers X-Amz-Version-Id nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy Via 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront) Etag "d41d8cd98f00b204e9800998ecf8427e" Age 36375 X-Amz-Server-Side-Encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Content-Length 0 Last-Modified Wed, 15 Jan 2020 23:54:18 GMT Server AmazonS3 Date Tue, 01 Mar 2022 01:55:18 GMT Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Allow-Credentials false X-Amz-Cf-Pop FRA50-C1 Accept-Ranges bytes Access-Control-Allow-Headers * X-Amz-Cf-Id F4lstLdSCZUZsM3IEjrVh_vHBBS56DSEzR2YaH9gD7iMK6JJnTlW-A== Redirect headers Date Tue, 01 Mar 2022 10:32:38 GMT Via 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront) Age 5327 X-Cache Hit from cloudfront Connection keep-alive Content-Length 0 Server AmazonS3 Location https://s.adroll.com/j/pre/index.js Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type application/xml Access-Control-Allow-Origin * Access-Control-Allow-Credentials false X-Amz-Cf-Pop FRA50-C1 Access-Control-Allow-Headers * X-Amz-Cf-Id qZ-l_fsw6XYQzPTxlq7XN-uOXaDkd1m1PKHC4n_xVD9LicYeKqb7QA==
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/pre/5YMZHBRV7ZHDXIC5ZNGGRC/XCCHVQJOQJHPDE4BPIFWWC/	0 785 B	28ms 12ms	Script text/javascript	2600:9000:2156:7600:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/pre/5YMZHBRV7ZHDXIC5ZNGGRC/XCCHVQJOQJHPDE4BPIFWWC/index.js Requested by Host: s.adroll.com URL: https://s.adroll.com/j/roundtrip.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:7600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers X-Amz-Version-Id .Zw7CrtcG8Pm0jVqvw85xMpGBfBpvTPY Via 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront) Etag "d41d8cd98f00b204e9800998ecf8427e" Age 769 X-Amz-Server-Side-Encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Content-Length 0 Last-Modified Sat, 26 Feb 2022 22:19:21 GMT Server AmazonS3 Date Tue, 01 Mar 2022 12:01:25 GMT Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false X-Amz-Cf-Pop FRA50-C1 Accept-Ranges bytes Access-Control-Allow-Headers * X-Amz-Cf-Id lTISdTUVpNqix2bPEYw-HagqrKcJxs9-e4RNvJ0VQvUbgqvf-IwbdA==
GET H2	200	5YMZHBRV7ZHDXIC5ZNGGRC Show response d.adroll.com/consent/check/	446 B 915 B	117ms 28ms	Script application/javascript	54.228.17.128 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d.adroll.com/consent/check/5YMZHBRV7ZHDXIC5ZNGGRC?arrfrr=https%3A%2F%2Fgive.57357.org%2F&_s=f5a87e9b148189c365da8a7949170e30&_b=2 Requested by Host: s.adroll.com URL: https://s.adroll.com/j/roundtrip.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.228.17.128 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-228-17-128.eu-west-1.compute.amazonaws.com Software nginx/1.20.0 / Resource Hash 0295258e7dc1b171d2885fc72a75c034ccd9c777effdc1a1de82a994a2bd4991 Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Tue, 01 Mar 2022 12:01:25 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.20.0 content-type application/javascript content-length 446 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H/1.1	200 OK	7XEKBKPS4BGMXLKUEIYC35.js Show response s.adroll.com/pixel/5YMZHBRV7ZHDXIC5ZNGGRC/XCCHVQJOQJHPDE4BPIFWWC/ Redirect Chain https://d.adroll.com/pixel/5YMZHBRV7ZHDXIC5ZNGGRC/XCCHVQJOQJHPDE4BPIFWWC?adroll_fpc=65dbc8b5b99cd7fa04311c756f1f4ae7-1646136085781&arrfrr=https%3A%2F%2Fgive.57357.org%2F&pv=40721811053.913925&cooki... https://s.adroll.com/pixel/5YMZHBRV7ZHDXIC5ZNGGRC/XCCHVQJOQJHPDE4BPIFWWC/7XEKBKPS4BGMXLKUEIYC35.js	3 KB 2 KB	12ms 11ms	Script text/javascript	2600:9000:2156:7600:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/pixel/5YMZHBRV7ZHDXIC5ZNGGRC/XCCHVQJOQJHPDE4BPIFWWC/7XEKBKPS4BGMXLKUEIYC35.js Protocol HTTP/1.1 Server 2600:9000:2156:7600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash be0d480097740eb51d57b252ec4a2b134a40d9469f0b2d686364d78695357a76 Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers X-Amz-Version-Id uDSAK6FbABvZEGE98XjWoRwt1aGHzR1s Content-Encoding gzip Etag W/"e4b7dc1ea08d1d00283e75f2e6b3f9b6" Age 769 X-Amz-Server-Side-Encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Vary Accept-Encoding Via 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront) Last-Modified Wed, 02 Feb 2022 18:44:55 GMT Server AmazonS3 Date Tue, 01 Mar 2022 11:48:37 GMT Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false X-Amz-Cf-Pop FRA50-C1 Access-Control-Allow-Headers * X-Amz-Cf-Id BRwdVWRS21yyMn7xIOUADh1qek606sxJ69TtBaBAhTMtOi8kEpVOuQ== Redirect headers date Tue, 01 Mar 2022 12:01:25 GMT x-segment-display-name Visitors to Unsegmented Pages p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" x-rule-type p content-length 0 pragma no-cache x-conversion-value 0.00 server nginx/1.20.0 x-rule * x-segment-eid 7XEKBKPS4BGMXLKUEIYC35 location https://s.adroll.com/pixel/5YMZHBRV7ZHDXIC5ZNGGRC/XCCHVQJOQJHPDE4BPIFWWC/7XEKBKPS4BGMXLKUEIYC35.js cache-control no-store, no-cache, must-revalidate x-pixel-eid XCCHVQJOQJHPDE4BPIFWWC x-segment-name * x-advertisable-eid 5YMZHBRV7ZHDXIC5ZNGGRC x-conversion-currency
GET H3	200	135727236973623 Show response connect.facebook.net/signals/config/	307 KB 88 KB	63ms 62ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/135727236973623?v=2.9.52&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash c81b83077f725053f5d7025a8d8cb9a9ac45cde904af5f78d04444e520cae659 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 x-xss-protection 0 pragma public x-fb-debug QoC2s3RySP0uP/4UTsw7VxnFyh6I+tb+ZvoTPpS4VVsH/Ift3CWjSAXJfxBpS7tHox5D16tII36lvVETSNO34w== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Tue, 01 Mar 2022 12:01:25 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	204	v1 ads.yahoo.com/cms/ Redirect Chain https://d.adroll.com/cm/r/out?adroll_fpc=65dbc8b5b99cd7fa04311c756f1f4ae7-1646136085781&arrfrr=https%3A%2F%2Fgive.57357.org%2F&advertisable=5YMZHBRV7ZHDXIC5ZNGGRC https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA	0 194 B	86ms 20ms	Image text/plain	2a00:1288:80:807::2 YAHOO-DEB
General Check archive.org Show headers Download Go to Show image Full URL https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA Protocol H2 Server 2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 12:01:25 GMT cache-control no-store x-content-type-options nosniff server ATS strict-transport-security max-age=15552000 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-xss-protection 1; mode=block Redirect headers location https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA pragma no-cache date Tue, 01 Mar 2022 12:01:25 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.20.0 content-length 165 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H/1.1	200 OK	sync x.bidswitch.net/ul_cb/ Redirect Chain https://d.adroll.com/cm/b/out?adroll_fpc=65dbc8b5b99cd7fa04311c756f1f4ae7-1646136085781&arrfrr=https%3A%2F%2Fgive.57357.org%2F&advertisable=5YMZHBRV7ZHDXIC5ZNGGRC https://x.bidswitch.net/sync?dsp_id=44&user_id=MDY2YjI3MThhODdmYTBkOWM3MmNmNmYzNjUzMGE4Yzg https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MDY2YjI3MThhODdmYTBkOWM3MmNmNmYzNjUzMGE4Yzg	43 B 495 B	10ms 10ms	Image image/gif	3.122.93.90 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MDY2YjI3MThhODdmYTBkOWM3MmNmNmYzNjUzMGE4Yzg Protocol HTTP/1.1 Server 3.122.93.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-122-93-90.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Tue, 01 Mar 2022 12:01:25 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 43 Content-Type image/gif Redirect headers Location https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MDY2YjI3MThhODdmYTBkOWM3MmNmNmYzNjUzMGE4Yzg Date Tue, 01 Mar 2022 12:01:25 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0
GET H/1.1	200 OK	bounce ib.adnxs.com/ Redirect Chain https://d.adroll.com/cm/x/out?adroll_fpc=65dbc8b5b99cd7fa04311c756f1f4ae7-1646136085781&arrfrr=https%3A%2F%2Fgive.57357.org%2F&advertisable=5YMZHBRV7ZHDXIC5ZNGGRC https://ib.adnxs.com/setuid?entity=172&code=MDY2YjI3MThhODdmYTBkOWM3MmNmNmYzNjUzMGE4Yzg https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMDY2YjI3MThhODdmYTBkOWM3MmNmNmYzNjUzMGE4Yzg	43 B 1 KB	7ms 6ms	Image image/gif	37.252.173.62 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMDY2YjI3MThhODdmYTBkOWM3MmNmNmYzNjUzMGE4Yzg Protocol HTTP/1.1 Server 37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Pragma no-cache Date Tue, 01 Mar 2022 12:01:25 GMT X-Proxy-Origin 185.213.155.165; 185.213.155.165; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid 3dd1a4a8-2d95-4edd-8be2-b513dd9a0abf Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Tue, 01 Mar 2022 12:01:25 GMT X-Proxy-Origin 185.213.155.165; 185.213.155.165; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid fe7d7183-8611-4a03-bae8-94a2c712e182 Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMDY2YjI3MThhODdmYTBkOWM3MmNmNmYzNjUzMGE4Yzg Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	out d.adroll.com/cm/l/	42 B 180 B	28ms 28ms	Image image/gif	54.228.17.128 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d.adroll.com/cm/l/out?adroll_fpc=65dbc8b5b99cd7fa04311c756f1f4ae7-1646136085781&arrfrr=https%3A%2F%2Fgive.57357.org%2F&advertisable=5YMZHBRV7ZHDXIC5ZNGGRC Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.228.17.128 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-228-17-128.eu-west-1.compute.amazonaws.com Software nginx/1.20.0 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 12:01:25 GMT cache-control no-transform,public,max-age=300,s-maxage=900 server nginx/1.20.0 content-length 42 vary Cookie content-type image/gif
GET H2	200	sd us-u.openx.net/w/1.0/ Redirect Chain https://d.adroll.com/cm/o/out?adroll_fpc=65dbc8b5b99cd7fa04311c756f1f4ae7-1646136085781&arrfrr=https%3A%2F%2Fgive.57357.org%2F&advertisable=5YMZHBRV7ZHDXIC5ZNGGRC https://us-u.openx.net/w/1.0/sd?id=537103138&val=066b2718a87fa0d9c72cf6f36530a8c8	43 B 274 B	76ms 21ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537103138&val=066b2718a87fa0d9c72cf6f36530a8c8 Protocol H2 Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/17.1.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Tue, 01 Mar 2022 12:01:25 GMT via 1.1 google server OXGW/17.1.0 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers location https://us-u.openx.net/w/1.0/sd?id=537103138&val=066b2718a87fa0d9c72cf6f36530a8c8 pragma no-cache date Tue, 01 Mar 2022 12:01:25 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.20.0 content-length 87 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	200	in d.adroll.com/cm/g/ Redirect Chain https://d.adroll.com/cm/g/out?adroll_fpc=65dbc8b5b99cd7fa04311c756f1f4ae7-1646136085781&arrfrr=https%3A%2F%2Fgive.57357.org%2F&advertisable=5YMZHBRV7ZHDXIC5ZNGGRC&google_nid=adroll5 https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=BmsnGKh_oNnHLPbzZTCoyA https://d.adroll.com/cm/g/in	42 B 536 B	28ms 27ms	Image image/gif	54.228.17.128 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d.adroll.com/cm/g/in Protocol H2 Server 54.228.17.128 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-228-17-128.eu-west-1.compute.amazonaws.com Software nginx/1.20.0 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Tue, 01 Mar 2022 12:01:26 GMT server nginx/1.20.0 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" cache-control no-store, no-cache, must-revalidate content-type image/gif content-length 42 x-result g.-1.-1.-1 Redirect headers pragma no-cache date Tue, 01 Mar 2022 12:01:25 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://d.adroll.com/cm/g/in cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 225 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	7ms 7ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=135727236973623&ev=PageView&dl=https%3A%2F%2Fgive.57357.org%2F&rl=&if=false&ts=1646136085917&cd[segment_eid]=7XEKBKPS4BGMXLKUEIYC35&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=29&fbp=fb.1.1646136084786.1479966434&it=1646136084679&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=p1&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://give.57357.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 01 Mar 2022 12:01:25 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 priority u=3,i expires Tue, 01 Mar 2022 12:01:25 GMT