urlscan.io logo urlscan.io
SecurityTrails logo

www.marchofdimes.org Open in urlscan Pro
2606:4700:10::ac43:a5a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadO...
Effective URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_...
Submission: On January 02 via manual from MX — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 108 IPs in 9 countries across 88 domains to perform 490 HTTP transactions. The main IP is 2606:4700:10::ac43:a5a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.marchofdimes.org. The Cisco Umbrella rank of the primary domain is 689120.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 15th 2023. Valid for: a year.
This is the only time www.marchofdimes.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.17.72.206 13335 (CLOUDFLAR...)
17 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
10 2606:4700::68... 13335 (CLOUDFLAR...)
66 104.26.5.251 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 108.157.1.118 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 151.101.129.44 54113 (FASTLY)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
12 2620:1ec:c11:... 8068 (MICROSOFT...)
3 6 216.58.206.38 15169 (GOOGLE)
8 2620:116:800d... 16509 (AMAZON-02)
2 23.213.165.149 16625 (AKAMAI-AS)
6 2a03:2880:f08... 32934 (FACEBOOK)
1 104.18.12.242 13335 (CLOUDFLAR...)
2 5 172.217.23.102 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
6 23.38.98.77 20940 (AKAMAI-ASN1)
1 18.154.63.82 16509 (AMAZON-02)
1 37.157.5.72 198622 (ADFORM)
3 2001:4860:480... 15169 (GOOGLE)
8 9 2620:1ec:21::14 8068 (MICROSOFT...)
2 13.107.42.14 8068 (MICROSOFT...)
4 2600:9000:224... 16509 (AMAZON-02)
6 70.42.32.159 13789 (INTERNAP-...)
2 4 185.89.210.153 29990 (ASN-APPNEX)
4 7 185.89.210.141 29990 (ASN-APPNEX)
3 2a00:1450:400... 15169 (GOOGLE)
3 52.71.63.167 14618 (AMAZON-AES)
2 154.59.122.94 174 (COGENT-174)
2 52.203.70.213 14618 (AMAZON-AES)
2 2a02:2638:3::e 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.98 15169 (GOOGLE)
2 3.33.220.150 16509 (AMAZON-02)
8 18.193.153.136 16509 (AMAZON-02)
1 2 185.167.164.49 198622 (ADFORM)
5 188.114.96.3 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:200... 54113 (FASTLY)
3 2a03:2880:f17... 32934 (FACEBOOK)
1 141.226.224.32 200478 (TABOOLA-AS)
6 10 2a02:2638:3::c 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 6 178.250.1.9 44788 (ASN-CRITE...)
2 74.119.119.150 19750 (AS-CRITEO)
62 18.154.63.14 16509 (AMAZON-02)
1 40.160.4.235 16276 (OVH)
6 151.101.193.21 54113 (FASTLY)
2 12 37.157.6.243 198622 (ADFORM)
1 37.157.2.228 198622 (ADFORM)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
57 54.186.23.98 16509 (AMAZON-02)
4 2600:9000:224... 16509 (AMAZON-02)
3 52.208.161.54 16509 (AMAZON-02)
3 23.43.61.193 16625 (AKAMAI-AS)
1 69.173.144.139 26667 (RUBICONPR...)
1 3.127.129.10 16509 (AMAZON-02)
3 81.17.55.106 60781 (LEASEWEB-...)
1 2607:ae80:4::26 26558 (FREEWHEEL)
3 18.158.179.1 16509 (AMAZON-02)
1 4 172.64.151.101 13335 (CLOUDFLAR...)
3 3 77.243.51.121 42697 (NETIC-AS)
3 4 77.243.51.122 42697 (NETIC-AS)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
6 6 142.250.186.34 15169 (GOOGLE)
1 18.184.216.10 16509 (AMAZON-02)
2 2 54.78.254.47 16509 (AMAZON-02)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 35.244.174.68 396982 (GOOGLE-CL...)
1 34.248.85.3 16509 (AMAZON-02)
2 2.23.197.190 16625 (AKAMAI-AS)
1 34.98.64.218 396982 (GOOGLE-CL...)
1 1 99.81.243.254 16509 (AMAZON-02)
1 52.218.112.115 16509 (AMAZON-02)
4 5 217.79.187.54 24961 (MYLOC-AS ...)
1 1 193.135.9.125 48314 (IP-PROJECTS)
1 1 139.162.141.41 63949 (AKAMAI-LI...)
3 18.203.91.219 16509 (AMAZON-02)
3 185.64.191.210 62713 (AS-PUBMATIC)
1 65.9.66.113 16509 (AMAZON-02)
2 3 54.170.164.95 16509 (AMAZON-02)
3 5 54.76.70.173 16509 (AMAZON-02)
1 1 54.154.73.73 16509 (AMAZON-02)
2 2 52.57.164.72 16509 (AMAZON-02)
3 162.19.138.118 16276 (OVH)
2 2 35.190.24.218 15169 (GOOGLE)
3 23.32.185.35 16625 (AKAMAI-AS)
1 2600:9000:25e... 16509 (AMAZON-02)
1 46.19.11.36 51790 (SIEL)
3 13.248.245.213 16509 (AMAZON-02)
2 52.58.128.62 16509 (AMAZON-02)
2 72.246.168.23 16625 (AKAMAI-AS)
2 69.173.144.165 26667 (RUBICONPR...)
4 141.226.228.48 200478 (TABOOLA-AS)
4 3.71.149.231 16509 (AMAZON-02)
2 2.22.242.105 20940 (AKAMAI-ASN1)
2 37.157.6.237 198622 (ADFORM)
2 99.80.37.51 16509 (AMAZON-02)
2 34.117.157.22 396982 (GOOGLE-CL...)
2 18.196.116.41 16509 (AMAZON-02)
2 34.193.251.250 14618 (AMAZON-AES)
2 52.58.3.175 16509 (AMAZON-02)
2 2600:1f18:612... 14618 (AMAZON-AES)
2 85.215.5.31 6786 (CRONON-BE...)
1 18.202.209.33 16509 (AMAZON-02)
4 34.213.170.160 16509 (AMAZON-02)
1 198.137.150.141 16509 (AMAZON-02)
3 192.229.221.25 15133 (EDGECAST)
2 151.101.129.35 54113 (FASTLY)
4 2a00:1450:401... 15169 (GOOGLE)
3 108.157.194.34 16509 (AMAZON-02)
6 104.19.218.90 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
490 108
1    104.17.72.206 (None, )

ASN13335 (CLOUDFLARENET, US)
go.marchofdimes.org
17    2606:4700:10::ac43:a5a (United States)

ASN13335 (CLOUDFLARENET, US)
www.marchofdimes.org
give.marchofdimes.org
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
10    2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
66    104.26.5.251 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.fundraiseup.com
static.fundraiseup.com
api.fundraiseup.com
5    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    108.157.1.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-1-118.dus51.r.cloudfront.net
js.adsrvr.org
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
2    2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
12    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
6    216.58.206.38 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f6.1e100.net
8832015.fls.doubleclick.net
8    2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
2    23.213.165.149 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-149.deploy.static.akamaitechnologies.com
amplify.outbrain.com
wave.outbrain.com
6    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    104.18.12.242 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.resonate.com
5    172.217.23.102 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f6.1e100.net
ad.doubleclick.net
13    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
play.google.com
6    23.38.98.77 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-38-98-77.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    18.154.63.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-82.dus51.r.cloudfront.net
js.ipredictive.com
1    37.157.5.72 (Denmark)

ASN198622 (ADFORM, DK)
s2.adform.net
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
9    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
4    2600:9000:224a:a400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
6    70.42.32.159 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
tr.outbrain.com
sync.outbrain.com
4    185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
7    185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
3    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    52.71.63.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-63-167.compute-1.amazonaws.com
ad.ipredictive.com
2    154.59.122.94 (Schiphol, Netherlands)

ASN174 (COGENT-174, US)
e.acuityplatform.com
2    52.203.70.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-70-213.compute-1.amazonaws.com
px.adentifi.com
2    2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dynamic.criteo.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads4.g.doubleclick.net
2    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
8    18.193.153.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
tags.srv.stackadapt.com
2    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
a2.adform.net
5    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
fndrsp.net
fndrsp-checkout.net
2    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
3    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
10    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
2    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
6    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
dis.criteo.com
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
widget.us.criteo.com
62    18.154.63.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-14.dus51.r.cloudfront.net
js.stripe.com
1    40.160.4.235 (United States)

ASN16276 (OVH, FR)
sentry.fundraiseup.com
6    151.101.193.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
12    37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
1    37.157.2.228 (Denmark)

ASN198622 (ADFORM, DK)
a1.seadform.net
2    2a02:26f0:480:f::213:7ed5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ucarecdn.com
57    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
r.stripe.com
4    2600:9000:224a:5600:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
3    52.208.161.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-161-54.eu-west-1.compute.amazonaws.com
ad.360yield.com
3    23.43.61.193 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-43-61-193.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    3.127.129.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-129-10.eu-central-1.compute.amazonaws.com
ih.adscale.de
3    81.17.55.106 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
rtb-csync.smartadserver.com
1    2607:ae80:4::26 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
3    18.158.179.1 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-179-1.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
r.casalemedia.com
3    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
4    77.243.51.122 (Denmark)

ASN42697 (NETIC-AS, DK)
se.semasio.net
2    85.114.159.118 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
6    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
1    18.184.216.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
ps.eyeota.net
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadm.exelator.com
1    2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
load77.exelator.com
1    35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    34.248.85.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-85-3.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
eu-u.openx.net
1    99.81.243.254 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-243-254.eu-west-1.compute.amazonaws.com
api.adrtx.net
1    52.218.112.115 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com
s3-eu-west-1.amazonaws.com
5    217.79.187.54 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm43.as.net
cm.adsafety.net
1    193.135.9.125 (Germany)

ASN48314 (IP-PROJECTS, DE)
ads.smartstream.tv
1    139.162.141.41 (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: tags1.adsafety.net
tags.adsafety.net
3    18.203.91.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-91-219.eu-west-1.compute.amazonaws.com
beacon.krxd.net
3    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    65.9.66.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-113.fra56.r.cloudfront.net
pdw-adf.userreport.com
3    54.170.164.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-164-95.eu-west-1.compute.amazonaws.com
a.audrte.com
5    54.76.70.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-70-173.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    54.154.73.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-73-73.eu-west-1.compute.amazonaws.com
aa.agkn.com
2    52.57.164.72 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-164-72.eu-central-1.compute.amazonaws.com
pm.w55c.net
3    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
2    35.190.24.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com
redirect.frontend.weborama.fr
3    23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com
sync.teads.tv
criteo-sync.teads.tv
1    2600:9000:25e8:de00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si
match.contentexchange.me
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    52.58.128.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-128-62.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
2    72.246.168.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-168-23.deploy.static.akamaitechnologies.com
contextual.media.net
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
trc-events.taboola.com
4    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    2.22.242.105 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-22-242-105.deploy.static.akamaitechnologies.com
hb.yahoo.net
2    37.157.6.237 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    99.80.37.51 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-37-51.eu-west-1.compute.amazonaws.com
visitor.omnitagjs.com
2    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com
2    18.196.116.41 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-116-41.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
2    34.193.251.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-251-250.compute-1.amazonaws.com
jadserve.postrelease.com
2    52.58.3.175 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-3-175.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    2600:1f18:612b:4280:67cf:789f:f482:a995 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com
2    85.215.5.31 (Germany)

ASN6786 (CRONON-BERLIN-AS, DE)
a.twiago.com
1    18.202.209.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-209-33.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com
4    34.213.170.160 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-170-160.us-west-2.compute.amazonaws.com
m.stripe.com
1    198.137.150.141 (United States)

ASN16509 (AMAZON-02, US)
merchant-ui-api.stripe.com
3    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
2    151.101.129.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
4    2a00:1450:4013:c04::5c (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
pay.google.com
3    108.157.194.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-194-34.mxp53.r.cloudfront.net
b.stripecdn.com
6    104.19.218.90 (None, )

ASN13335 (CLOUDFLARENET, US)
hcaptcha.com
newassets.hcaptcha.com
api2.hcaptcha.com
api.hcaptcha.com
4    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
124 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2656
q.stripe.com — Cisco Umbrella Rank: 13887
r.stripe.com — Cisco Umbrella Rank: 6573
m.stripe.com — Cisco Umbrella Rank: 2365
merchant-ui-api.stripe.com — Cisco Umbrella Rank: 12870
2 MB
67 fundraiseup.com
cdn.fundraiseup.com — Cisco Umbrella Rank: 59411
static.fundraiseup.com — Cisco Umbrella Rank: 54477
api.fundraiseup.com — Cisco Umbrella Rank: 179449
sentry.fundraiseup.com — Cisco Umbrella Rank: 202515
1 MB
21 google.com
adservice.google.com — Cisco Umbrella Rank: 189
www.google.com — Cisco Umbrella Rank: 6
pay.google.com — Cisco Umbrella Rank: 3910
play.google.com — Cisco Umbrella Rank: 95
424 KB
20 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 4009
gum.criteo.com — Cisco Umbrella Rank: 597
mug.criteo.com — Cisco Umbrella Rank: 1867
sslwidget.criteo.com — Cisco Umbrella Rank: 2480
widget.us.criteo.com — Cisco Umbrella Rank: 27168
dis.criteo.com — Cisco Umbrella Rank: 943
67 KB
20 doubleclick.net
8832015.fls.doubleclick.net — Cisco Umbrella Rank: 921481
ad.doubleclick.net — Cisco Umbrella Rank: 199
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 677
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
27 KB
18 marchofdimes.org
go.marchofdimes.org — Cisco Umbrella Rank: 581801
www.marchofdimes.org — Cisco Umbrella Rank: 689120
give.marchofdimes.org
390 KB
17 adform.net
s2.adform.net — Cisco Umbrella Rank: 7751
a2.adform.net — Cisco Umbrella Rank: 12667
c1.adform.net — Cisco Umbrella Rank: 1001
dmp.adform.net — Cisco Umbrella Rank: 4001
cm.adform.net — Cisco Umbrella Rank: 1664
42 KB
12 bing.com
bat.bing.com — Cisco Umbrella Rank: 692
54 KB
11 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 793
ib.adnxs.com — Cisco Umbrella Rank: 356
8 KB
11 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 778
www.linkedin.com — Cisco Umbrella Rank: 944
px4.ads.linkedin.com — Cisco Umbrella Rank: 7294
11 KB
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 625
172 KB
9 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1255
trc.taboola.com — Cisco Umbrella Rank: 960
pips.taboola.com — Cisco Umbrella Rank: 1936
cds.taboola.com — Cisco Umbrella Rank: 2300
sync-t1.taboola.com — Cisco Umbrella Rank: 2152
trc-events.taboola.com — Cisco Umbrella Rank: 2320
25 KB
8 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3050
t.paypal.com — Cisco Umbrella Rank: 3583
89 KB
8 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 4796
17 KB
8 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 3674
tr.outbrain.com — Cisco Umbrella Rank: 3336
wave.outbrain.com — Cisco Umbrella Rank: 3465
sync.outbrain.com — Cisco Umbrella Rank: 1287
10 KB
8 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 2137
pixel.quantserve.com — Cisco Umbrella Rank: 1736
39 KB
7 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 2396
se.semasio.net — Cisco Umbrella Rank: 19184
4 KB
6 hcaptcha.com
hcaptcha.com — Cisco Umbrella Rank: 6229
newassets.hcaptcha.com — Cisco Umbrella Rank: 7636
api2.hcaptcha.com — Cisco Umbrella Rank: 18736
api.hcaptcha.com — Cisco Umbrella Rank: 7827
405 KB
6 adsafety.net
cm.adsafety.net — Cisco Umbrella Rank: 17119
tags.adsafety.net — Cisco Umbrella Rank: 65746
10 KB
6 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 818
151 KB
6 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 240
266 KB
5 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 313
3 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
region1.google-analytics.com — Cisco Umbrella Rank: 1695
21 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
410 KB
4 gstatic.com
www.gstatic.com
101 KB
4 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 505
170 B
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194
r.casalemedia.com — Cisco Umbrella Rank: 2571
2 KB
4 stripe.network
m.stripe.network — Cisco Umbrella Rank: 2891
36 KB
4 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1945
7 KB
4 ipredictive.com
js.ipredictive.com — Cisco Umbrella Rank: 29469
ad.ipredictive.com — Cisco Umbrella Rank: 8095
3 KB
3 stripecdn.com
b.stripecdn.com — Cisco Umbrella Rank: 18058
43 KB
3 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2512
33 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 731
418 B
3 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 2019
criteo-sync.teads.tv — Cisco Umbrella Rank: 3178
489 B
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 658
3 KB
3 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3399
2 KB
3 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 1499
373 B
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 1173
1012 B
3 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 3106
load77.exelator.com — Cisco Umbrella Rank: 6128
2 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 590
436 B
3 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1004
489 B
3 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 744
pixel.rubiconproject.com — Cisco Umbrella Rank: 620
692 B
3 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4236
705 B
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 995
595 B
3 fndrsp-checkout.net
fndrsp-checkout.net — Cisco Umbrella Rank: 196518
1 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
234 B
3 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 2259
insight.adsrvr.org — Cisco Umbrella Rank: 1095
match.adsrvr.org — Cisco Umbrella Rank: 594
3 KB
2 twiago.com
a.twiago.com — Cisco Umbrella Rank: 28126
306 B
2 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 3791
687 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 797
69 B
2 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1607
843 B
2 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1753
2 KB
2 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 9290
359 B
2 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1124
770 B
2 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 1385
638 B
2 media.net
contextual.media.net — Cisco Umbrella Rank: 1093
1 KB
2 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 3028
87 B
2 weborama.fr
redirect.frontend.weborama.fr — Cisco Umbrella Rank: 14378
630 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1620
1 KB
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 1261
647 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2052
928 B
2 ucarecdn.com
ucarecdn.com — Cisco Umbrella Rank: 24308
14 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 4002
563 B
2 fndrsp.net
fndrsp.net — Cisco Umbrella Rank: 55640
747 B
2 adentifi.com
px.adentifi.com — Cisco Umbrella Rank: 16453
69 B
2 acuityplatform.com
e.acuityplatform.com — Cisco Umbrella Rank: 33546
374 B
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1877
31 KB
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 3522
38 B
1 contentexchange.me
match.contentexchange.me — Cisco Umbrella Rank: 40489
49 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1035
235 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 973
491 B
1 userreport.com
pdw-adf.userreport.com — Cisco Umbrella Rank: 39122
444 B
1 smartstream.tv
ads.smartstream.tv — Cisco Umbrella Rank: 19705
849 B
1 amazonaws.com
s3-eu-west-1.amazonaws.com
390 B
1 adrtx.net
api.adrtx.net — Cisco Umbrella Rank: 48841
407 B
1 openx.net
eu-u.openx.net — Cisco Umbrella Rank: 3669
264 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1419
266 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 764
98 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1645
344 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 958
640 B
1 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 5432
38 B
1 seadform.net
a1.seadform.net — Cisco Umbrella Rank: 44866
466 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
5 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 3722
50 KB
1 resonate.com
cdn.resonate.com — Cisco Umbrella Rank: 21734
96 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1429
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
1 KB
0 ib-ibi.com Failed
global.ib-ibi.com Failed
490 88
Domain Requested by
62 js.stripe.com static.fundraiseup.com
js.stripe.com
62 static.fundraiseup.com cdn.fundraiseup.com
static.fundraiseup.com
www.marchofdimes.org
34 r.stripe.com js.stripe.com
23 q.stripe.com go.marchofdimes.org
js.stripe.com
16 www.marchofdimes.org go.marchofdimes.org
www.marchofdimes.org
static.cloudflareinsights.com
12 play.google.com www.gstatic.com
12 bat.bing.com www.googletagmanager.com
bat.bing.com
8832015.fls.doubleclick.net
10 cdn.cookielaw.org www.marchofdimes.org
cdn.cookielaw.org
9 c1.adform.net 2 redirects a2.adform.net
c1.adform.net
8 gum.criteo.com 6 redirects dynamic.criteo.com
8 tags.srv.stackadapt.com 8832015.fls.doubleclick.net
tags.srv.stackadapt.com
7 ib.adnxs.com 4 redirects 8832015.fls.doubleclick.net
7 px.ads.linkedin.com 6 redirects static.fundraiseup.com
6 cm.g.doubleclick.net 6 redirects
6 www.paypal.com static.fundraiseup.com
www.paypal.com
www.paypalobjects.com
6 analytics.tiktok.com go.marchofdimes.org
analytics.tiktok.com
6 connect.facebook.net go.marchofdimes.org
connect.facebook.net
8832015.fls.doubleclick.net
6 8832015.fls.doubleclick.net 3 redirects www.googletagmanager.com
5 dpm.demdex.net 3 redirects
5 cm.adsafety.net 4 redirects c1.adform.net
5 ad.doubleclick.net 2 redirects go.marchofdimes.org
5 www.googletagmanager.com www.marchofdimes.org
www.googletagmanager.com
4 www.gstatic.com pay.google.com
www.gstatic.com
4 pay.google.com static.fundraiseup.com
pay.google.com
go.marchofdimes.org
www.gstatic.com
4 m.stripe.com m.stripe.network
4 ups.analytics.yahoo.com
4 dis.criteo.com
4 se.semasio.net 3 redirects c1.adform.net
4 m.stripe.network js.stripe.com
m.stripe.network
4 pixel.quantserve.com 8832015.fls.doubleclick.net
4 secure.adnxs.com 2 redirects 8832015.fls.doubleclick.net
c1.adform.net
4 tr.outbrain.com amplify.outbrain.com
4 rules.quantcount.com secure.quantserve.com
4 secure.quantserve.com www.googletagmanager.com
8832015.fls.doubleclick.net
3 newassets.hcaptcha.com hcaptcha.com
newassets.hcaptcha.com
3 b.stripecdn.com js.stripe.com
b.stripecdn.com
3 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
3 eb2.3lift.com c1.adform.net
3 id5-sync.com c1.adform.net
3 dmp.adform.net c1.adform.net
3 a.audrte.com 2 redirects c1.adform.net
3 simage2.pubmatic.com c1.adform.net
3 beacon.krxd.net c1.adform.net
3 uipglob.semasio.net 3 redirects
3 x.bidswitch.net c1.adform.net
3 rtb-csync.smartadserver.com c1.adform.net
3 ad.yieldlab.net c1.adform.net
3 ad.360yield.com c1.adform.net
3 fndrsp-checkout.net cdn.fundraiseup.com
3 www.facebook.com 8832015.fls.doubleclick.net
3 api.fundraiseup.com cdn.fundraiseup.com
static.fundraiseup.com
3 ad.ipredictive.com 8832015.fls.doubleclick.net
js.ipredictive.com
3 adservice.google.com 8832015.fls.doubleclick.net
3 region1.google-analytics.com www.googletagmanager.com
2 trc-events.taboola.com static.fundraiseup.com
2 t.paypal.com www.marchofdimes.org
2 a.twiago.com
2 criteo-partners.tremorhub.com
2 match.sharethrough.com
2 sync.outbrain.com
2 jadserve.postrelease.com
2 exchange.mediavine.com
2 matching.ivitrack.com
2 r.casalemedia.com
2 visitor.omnitagjs.com
2 cm.adform.net
2 hb.yahoo.net
2 criteo-sync.teads.tv
2 sync-t1.taboola.com
2 pixel.rubiconproject.com
2 contextual.media.net
2 e1.emxdgt.com c1.adform.net
2 redirect.frontend.weborama.fr 2 redirects
2 pm.w55c.net 2 redirects
2 tags.bluekai.com c1.adform.net
2 loadm.exelator.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 dsum-sec.casalemedia.com 1 redirects c1.adform.net
2 ucarecdn.com www.marchofdimes.org
2 widget.us.criteo.com 8832015.fls.doubleclick.net
2 sslwidget.criteo.com 2 redirects
2 mug.criteo.com 8832015.fls.doubleclick.net
2 www.google.de
2 www.google.com
2 googleads.g.doubleclick.net www.googletagmanager.com
2 fndrsp.net cdn.fundraiseup.com
2 a2.adform.net 1 redirects
2 dynamic.criteo.com 8832015.fls.doubleclick.net
2 px.adentifi.com 8832015.fls.doubleclick.net
2 e.acuityplatform.com 8832015.fls.doubleclick.net
2 px4.ads.linkedin.com 8832015.fls.doubleclick.net
2 www.linkedin.com 2 redirects
2 snap.licdn.com www.googletagmanager.com
8832015.fls.doubleclick.net
2 cdn.taboola.com www.googletagmanager.com
cdn.taboola.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 api.hcaptcha.com newassets.hcaptcha.com
1 api2.hcaptcha.com newassets.hcaptcha.com
1 hcaptcha.com b.stripecdn.com
1 merchant-ui-api.stripe.com js.stripe.com
1 sync-criteo.ads.yieldmo.com
1 match.contentexchange.me c1.adform.net
1 s.ad.smaato.net c1.adform.net
1 sync.teads.tv c1.adform.net
1 match.adsrvr.org c1.adform.net
1 aa.agkn.com 1 redirects
1 pdw-adf.userreport.com c1.adform.net
1 tags.adsafety.net 1 redirects
1 ads.smartstream.tv 1 redirects
1 s3-eu-west-1.amazonaws.com c1.adform.net
1 api.adrtx.net 1 redirects
1 eu-u.openx.net c1.adform.net
1 sync.crwdcntrl.net c1.adform.net
1 idsync.rlcdn.com c1.adform.net
1 load77.exelator.com c1.adform.net
1 ps.eyeota.net c1.adform.net
1 ads.stickyadstv.com c1.adform.net
1 ih.adscale.de c1.adform.net
1 token.rubiconproject.com c1.adform.net
1 a1.seadform.net
1 sentry.fundraiseup.com static.fundraiseup.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 insight.adsrvr.org js.adsrvr.org
1 googleads4.g.doubleclick.net ad.doubleclick.net
1 pagead2.googlesyndication.com ad.doubleclick.net
1 wave.outbrain.com amplify.outbrain.com
1 trc.taboola.com cdn.taboola.com
1 s2.adform.net go.marchofdimes.org
1 js.ipredictive.com www.googletagmanager.com
1 www.googleoptimize.com www.googletagmanager.com
1 cdn.resonate.com go.marchofdimes.org
1 amplify.outbrain.com www.googletagmanager.com
1 js.adsrvr.org www.googletagmanager.com
1 cdn.fundraiseup.com go.marchofdimes.org
1 give.marchofdimes.org www.marchofdimes.org
1 static.cloudflareinsights.com www.marchofdimes.org
1 fonts.googleapis.com www.marchofdimes.org
1 go.marchofdimes.org
0 global.ib-ibi.com Failed c1.adform.net
490 139
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-15 -
2024-04-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
fundraiseup.com
Cloudflare Inc ECC CA-3		 2023-05-22 -
2024-05-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-14 -
2024-12-14		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-11 -
2024-01-09		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.ipredictive.com
Amazon RSA 2048 M02		 2023-03-14 -
2024-04-11		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.acuityplatform.com
Go Daddy Secure Certificate Authority - G2		 2023-04-13 -
2024-05-14		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02		 2023-09-09 -
2024-10-07		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-30 -
2024-01-25		 3 months crt.sh
sentry.fundraiseup.com
R3		 2023-12-30 -
2024-03-29		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-13 -
2024-08-20		 10 months crt.sh
*.seadform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-08		 a year crt.sh
cps3.ucarecdn.com
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-12-20 -
2024-03-21		 3 months crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-17 -
2024-09-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.adscale.de
Amazon RSA 2048 M02		 2023-07-18 -
2024-08-15		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
eyeota.net
GoGetSSL RSA DV CA		 2023-03-08 -
2024-04-07		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2023-10-08 -
2024-11-06		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-11 -
2024-12-11		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.userreport.com
Amazon RSA 2048 M02		 2023-11-20 -
2024-12-17		 a year crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03		 2023-09-04 -
2024-10-02		 a year crt.sh
*.contentexchange.me
Sectigo RSA Domain Validation Secure Server CA		 2023-05-29 -
2024-06-04		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.emxdgt.com
Amazon RSA 2048 M01		 2023-05-03 -
2024-05-31		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-12-26 -
2024-06-19		 6 months crt.sh
hb.yahoo.net
R3		 2023-12-18 -
2024-03-17		 3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
itm.ivitrack.com
R3		 2023-12-14 -
2024-03-13		 3 months crt.sh
exchange.mediavine.com
Amazon RSA 2048 M02		 2023-06-06 -
2024-07-04		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
*.twiago.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-07 -
2025-01-06		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-22 -
2024-03-21		 3 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-09-21 -
2024-10-21		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 30 frames:

Primary Page: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
Frame ID: 28750EE13FE6D9795DF22D29293CE0B5
Requests: 175 HTTP requests in this frame

Frame: https://8832015.fls.doubleclick.net/activityi;dc_pre=CKbh95fxvoMDFQHMOwId3gYGLQ;src=8832015;type=rt;cat=rt_bs0;ord=7647416364528;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
Frame ID: 8DCB368A56C69D1F1EB7379A54A6387F
Requests: 12 HTTP requests in this frame

Frame: https://8832015.fls.doubleclick.net/activityi;dc_pre=CK_k95fxvoMDFdTIOwIdDT0P4w;src=8832015;type=rt;cat=donforms;ord=1907874470162;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
Frame ID: 963EB98D7763D750308B057C30146E8F
Requests: 20 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=2n62y3m&ref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&upid=b8lvzxo&upv=1.1.0
Frame ID: 0812241DAF08D19CBBCBC40096951332
Requests: 1 HTTP requests in this frame

Frame: https://ad.ipredictive.com/d/track/event?upid=107549&cache_buster=1704204687&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&val=undefined&tn=undefined&p1=gtm.js
Frame ID: CFF83DD244E7B54BE42A09CEA290661A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.marchofdimes.org&origin=onetag
Frame ID: F2B0C2A8058205671BD655E2745175CC
Requests: 2 HTTP requests in this frame

Frame: https://static.fundraiseup.com/_/packages/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c9e466876957.woff2
Frame ID: CFAC5E319B0EC3A16CEB9D37AA6452C6
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/
Frame ID: 1779CD6095D31ECAE4C4BC1F166A4830
Requests: 13 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: CF41CE3AC8E3AA44BFB90A80B40AD25D
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Frame ID: DF30C4BF8971EE62D8B99EB7693BA161
Requests: 11 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Frame ID: D160149DDF8B81BC9F387591DE746419
Requests: 8 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Frame ID: 2D25C54F5173BD89F1B355B094EAE748
Requests: 41 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 2CD406A9F57A0C0CA2718D7FDBB995A5
Requests: 4 HTTP requests in this frame

Frame: https://8832015.fls.doubleclick.net/activityi;dc_pre=CI-FpZjxvoMDFeXJOwIdFhAAfQ;src=8832015;type=rt;cat=donforms;ord=5308541247179;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
Frame ID: 14263E4F8A82FB790B60D4F4F7DF1CFA
Requests: 20 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: C4BE65EF121A65EB5169A4526D13BDCB
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 7D3352DE500EF1A0E51C004EA8AF5844
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Frame ID: 1C01B9CAD09721FADFDFF7CE0A62E2AC
Requests: 32 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Frame ID: 75A7CDBCA0394619FCC467B2CD20BA34
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Frame ID: 5843388688FE4F11B0A07D3C5198DB2A
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Frame ID: 63154591B980793CBCF65B60C7C208B8
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Frame ID: CAA82A28084C6798AAA337801FE4814D
Requests: 10 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Frame ID: 64F999CCEAC0681BD29BFE48762106D6
Requests: 9 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-CUAZdmsokbpoDhWN1s47nMisNlLpHT0P-A00nw&google_gid=CAESENxuF5P5-I2I1aBOWqI-pms&google_cver=1&google_ula=913071,0
Frame ID: 37C9227EF892AE9ADEF3D74924BC96DE
Requests: 30 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.marchofdimes.org&origin=onetag
Frame ID: 68F7D283465E83890E539962F47CD25D
Requests: 2 HTTP requests in this frame

Frame: https://e1.emxdgt.com/put?d=d53&uid=k-zla0nGsokbpoDhWN1s47nMisNlKFFcsug5SyMw
Frame ID: 666B305DCE615D62C31C59F64EE2AC62
Requests: 30 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 11A4E67A5B12683E8BE09AAE1C722DCE
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
Frame ID: 04B3B3D0F9F9B04F65AA45FF7879C39D
Requests: 5 HTTP requests in this frame

Frame: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=56f27d96-86d7-4d27-aad1-3948b1fb89c3&origin=https%3A%2F%2Fjs.stripe.com
Frame ID: 463750F0E27A303D2F929C332E55138A
Requests: 5 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.marchofdimes.org&mid=
Frame ID: 3A0FCDB4064FC281637997A73FAF977A
Requests: 13 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=1jjqwie2bp9
Frame ID: 010529470F4A6AF33C4856242A40B027
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Donate Now | March of DimesCloseCloseCloseCloseCloseCloseCloseCloseBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8D... Page URL
  2. https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&u... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https://hcaptcha.com/([\d]+?)/api.js

Page Statistics

490
Requests

93 %
HTTPS

26 %
IPv6

88
Domains

139
Subdomains

108
IPs

9
Countries

6516 kB
Transfer

22442 kB
Size

106
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM= Page URL
  2. https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48
  • https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=rt_bs0;ord=7647416364528;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks HTTP 302
  • https://8832015.fls.doubleclick.net/activityi;dc_pre=CKbh95fxvoMDFQHMOwId3gYGLQ;src=8832015;type=rt;cat=rt_bs0;ord=7647416364528;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
Request Chain 49
  • https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=donforms;ord=1907874470162;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks HTTP 302
  • https://8832015.fls.doubleclick.net/activityi;dc_pre=CK_k95fxvoMDFdTIOwIdDT0P4w;src=8832015;type=rt;cat=donforms;ord=1907874470162;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
Request Chain 59
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.237971066;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.237971066;dc_pre=CNvn9JfxvoMDFfjGEQgdvbQFdQ;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Request Chain 60
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_pre=CO7p9JfxvoMDFYqk_QcdjFwGLA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Request Chain 69
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204687031&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204687031&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3446297%26time%3D1704204687031%26url%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fdonate-now%253Fform%253Ddonatenow%2526srcCode%253DGGGEOYEM2312CMR00130001%2526utm_medium%253Demail%2526utm_source%253Dmandr%2526utm_campaign%253D2023eoy%2526utm_content%253Dem-nat-mandr-2023eoy-2023-12-30-email-7%2526mkto%253Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%2526mkt_tok%253DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204687031&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204687031&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&cookiesTest=true&liSync=true&e_ipv6=AQIfA5SN6shjAQAAAYzKg9larOcUS126ERyAi3BFW-nWV8uabpTI7FCC0G859LgRNQ
Request Chain 92
  • https://secure.adnxs.com/px?id=1282070&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1282070%26t%3D2
Request Chain 93
  • https://ib.adnxs.com/seg?add=22494154 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D22494154
Request Chain 112
  • https://a2.adform.net/Serving/TrackPoint/?pm=3179125&ADFdivider=%7C&ord=809998711815&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&CPref=http%3A%2F%2Fgo.marchofdimes.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
  • https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3179125&ADFdivider=%7C&ord=809998711815&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&CPref=http%3A%2F%2Fgo.marchofdimes.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Request Chain 127
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204687216&url=https%3A%2F%2Fwww.marchofdimes.org%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204687216&url=https%3A%2F%2Fwww.marchofdimes.org%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2179642%26time%3D1704204687216%26url%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204687216&url=https%3A%2F%2Fwww.marchofdimes.org%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204687216&url=https%3A%2F%2Fwww.marchofdimes.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQJISrSiC3GG-QAAAYzKg9nG45xBZmlUgC5JQmWH1QNjUKSA53dyqtRaxGEhJLE1tg
Request Chain 149
  • https://gum.criteo.com/sid/json?origin=onetag&domain=8832015.fls.doubleclick.net&sn=ChromeSyncframe&so=0&topUrl=www.marchofdimes.org&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=GjA3AHw2QWFQYXl1eTFFZjRWMnZQWEcycXFLQkMrdUFCU0RBcmhndE80SjE5b3NEN3F5Tzk3YkMyeTVNcEpJdWs2cHhSam9lRkNPRUVOMEFmZTl2anE2WE5YekxqN09GU1cwQkhZazBaeEJDeVBRaXNGMGhGOGZ6QjM1ZGlYVzJJMHRZK1VURW9xbTNUNnY2Wmh0Tnp1dHdOOTNXNFl4eG1DLzljTHVLVHhQOGJJaW91QmVsM1l3OUJpYWxQY3lTVXZ1N3hua3BUWWhneWE3aG9YRmNObFlNZjFkTmpmSFFQK0NQYTdXeGtINTM0T3NjVy9tYnIwckFSODNNTXBBNGlFWEM4M3hZcEZ3QTJZbEw2YzVKRzZ2NGtvWHlHOEoxVEFiUE1QcUxyMGlPUUV4Zlc1dXBDTlR6dkhSQUdYVnJkSnYrdnw&cppv=2
Request Chain 152
  • https://sslwidget.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=ACR6VF82T0JQZ09XY1dOeFYlMkJDWkxYZ3NNYnBCNzAzUm53SldWbzN0NWZmSzFFbnRoamJRNmtBOXdldFpmZ3I4ZXBkS25Xb09lTHFyVEJ2UyUyRmZLbHB1NEVHUWxJMDQwc2hTU1Y1Yzl2UTRlbDZxdTNNNFdVZk1UeXdlZlM2ODhoWHQzTzNoYiUyRnpPcjZNZmtFMGZiSURKakVLam1FaUglMkZBVyUyRmRZSWtTNThWcmgyRzdBJTNE&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=6c5e13f6-6969-4fa3-8439-34bc1bf17806&dtycbr=45700 HTTP 302
  • https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=ACR6VF82T0JQZ09XY1dOeFYlMkJDWkxYZ3NNYnBCNzAzUm53SldWbzN0NWZmSzFFbnRoamJRNmtBOXdldFpmZ3I4ZXBkS25Xb09lTHFyVEJ2UyUyRmZLbHB1NEVHUWxJMDQwc2hTU1Y1Yzl2UTRlbDZxdTNNNFdVZk1UeXdlZlM2ODhoWHQzTzNoYiUyRnpPcjZNZmtFMGZiSURKakVLam1FaUglMkZBVyUyRmRZSWtTNThWcmgyRzdBJTNE&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=6c5e13f6-6969-4fa3-8439-34bc1bf17806&dtycbr=45700
Request Chain 180
  • https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=donforms;ord=5308541247179;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks HTTP 302
  • https://8832015.fls.doubleclick.net/activityi;dc_pre=CI-FpZjxvoMDFeXJOwIdFhAAfQ;src=8832015;type=rt;cat=donforms;ord=5308541247179;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
Request Chain 237
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2724977328310641832&expiration=1705414287 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2724977328310641832&expiration=1705414287&C=1
Request Chain 238
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=2724977328310641832&sInitiator=external HTTP 302
  • https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=2724977328310641832&sInitiator=external HTTP 302
  • https://se.semasio.net/sync/1/16266044?sExtCookieId=2724977328310641832&gdpr=&sInitiator=external HTTP 302
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr= HTTP 302
  • https://se.semasio.net/sync/1/647471?sExtCookieId=7319503400653617298&sInitiator=internal&gdpr= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr= HTTP 302
  • https://se.semasio.net/sync/1/4354957?sExtCookieId=7996175290072234627&sInitiator=internal&gdpr= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=OTBGRDE4MThFQTk1NzExNA&gdpr= HTTP 302
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEPej1jEoy_BGEolk9x7JQy4&sInitiator=internal&google_cver=1&gdpr=&google_cver=1 HTTP 302
  • https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEPej1jEoy_BGEolk9x7JQy4&sInitiator=internal&google_cver=1&gdpr=
Request Chain 240
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2724977328310641832 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2724977328310641832&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 245
  • https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
  • https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Request Chain 246
  • https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=2724977328310641832 HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12024010214394491a1ae6daf765b8&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
  • https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=ba9ef564baa8b3d03846c0ca42f3cdf2&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyNDAxMDIxNDM5NDQ5MWExYWU2ZGFmNzY1Yjg&gdpr_consent=&gdpr=0 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEPz98uZCc0pQBmir9qhHKPI&gdpr_consent=&gdpr=0&google_cver=1 HTTP 302
  • https://tags.adsafety.net/v1/cm?cm_uid=CM12024010214394491a1ae6daf765b8&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=ba9ef564baa8b3d03846c0ca42f3cdf2 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=28&cid=CM12024010214394491a1ae6daf765b8 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=2724977328310641832
Request Chain 248
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MjcyNDk3NzMyODMxMDY0MTgzMg HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDcw1WbgLEXUu7cyqxJ_8hU&google_cver=1&google_ula=1641347,0
Request Chain 250
  • https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=3&id=7996175290072234627&redirect=1 HTTP 302
  • https://secure.adnxs.com/setuid?entity=91&code=2724977328310641832
Request Chain 253
  • https://a.audrte.com/a?adform_uid=2724977328310641832 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YmM1WC1HY0c0REFUVmlYNnhKSVFiVy1pUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/p
Request Chain 254
  • https://dpm.demdex.net/ibs:dpid=1586&dpuuid=2724977328310641832&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=2724977328310641832&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1007&cid=84171717485314219782125166298051699755&noredirect=1
Request Chain 255
  • https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=2724977328310641832 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1014&cid=218943204749002737598
Request Chain 256
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7319503400653617298
Request Chain 258
  • https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1084&cid=qnZ3zQLp1RkFuo5
Request Chain 262
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=252392116 HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1145&cid=.vLxMETxRAJQlKCNf49Fie
Request Chain 285
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-CUAZdmsokbpoDhWN1s47nMisNlLpHT0P-A00nw&google_cm&google_hm=ay1DVUFaZG1zb2ticG9EaFdOMXM0N25NaXNObExwSFQwUC1BMDBudw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-CUAZdmsokbpoDhWN1s47nMisNlLpHT0P-A00nw&google_gid=CAESENxuF5P5-I2I1aBOWqI-pms&google_cver=1&google_ula=913071,0
Request Chain 287
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7996175290072234627
Request Chain 299
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=bY7XZENkpFYyqDd8ewP6GIzpQKgBAh0V HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=bY7XZENkpFYyqDd8ewP6GIzpQKgBAh0V
Request Chain 363
  • https://sslwidget.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=ACR6VF82T0JQZ09XY1dOeFYlMkJDWkxYZ3NNYnBCNzAzUm53SldWbzN0NWZmSzFFbnRoamJRNmtBOXdldFpmZ3I4ZXBkS25Xb09lTHFyVEJ2UyUyRmZLbHB1NEVHUWxJMDQwc2hTU1Y1Yzl2UTRlbDZxdTNNNFdVZk1UeXdlZlM2ODhoWHQzTzNoYiUyRnpPcjZNZmtFMGZiSURKakVLam1FaUglMkZBVyUyRmRZSWtTNThWcmgyRzdBJTNE&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=8fb39542-db7e-4bce-bc14-d2e80b64c8ac&dtycbr=85177 HTTP 302
  • https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=ACR6VF82T0JQZ09XY1dOeFYlMkJDWkxYZ3NNYnBCNzAzUm53SldWbzN0NWZmSzFFbnRoamJRNmtBOXdldFpmZ3I4ZXBkS25Xb09lTHFyVEJ2UyUyRmZLbHB1NEVHUWxJMDQwc2hTU1Y1Yzl2UTRlbDZxdTNNNFdVZk1UeXdlZlM2ODhoWHQzTzNoYiUyRnpPcjZNZmtFMGZiSURKakVLam1FaUglMkZBVyUyRmRZSWtTNThWcmgyRzdBJTNE&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=8fb39542-db7e-4bce-bc14-d2e80b64c8ac&dtycbr=85177
Request Chain 374
  • https://gum.criteo.com/sid/json?origin=onetag&domain=8832015.fls.doubleclick.net&sn=ChromeSyncframe&so=2&topUrl=www.marchofdimes.org&bundle=ACR6VF82T0JQZ09XY1dOeFYlMkJDWkxYZ3NNYnBCNzAzUm53SldWbzN0NWZmSzFFbnRoamJRNmtBOXdldFpmZ3I4ZXBkS25Xb09lTHFyVEJ2UyUyRmZLbHB1NEVHUWxJMDQwc2hTU1Y1Yzl2UTRlbDZxdTNNNFdVZk1UeXdlZlM2ODhoWHQzTzNoYiUyRnpPcjZNZmtFMGZiSURKakVLam1FaUglMkZBVyUyRmRZSWtTNThWcmgyRzdBJTNE&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=LRDcbnxscitGcWdhamNXdklFQzFVTkpyS3VndDBmb1AwMlJtM25GQ2pjSjVVa3FVbnZndVdsY1I0Mit4L0ppWmprb2gyZTIvK01rdFdYMHJDNDFQV1Z2aXFDck9YYng1blZJdkh5MmhFQXJheVAwbHU4dnVLSHRVM0E4eUtyRlhoR29iTDF1NGVLTTcvYVMvdW9HaENmOHRUaU1ndERabjQ5a0grbzlzOEV6UHYvZktmaG1HajB0dzdiMG5OTU9TV2NFRkw3VHZia1o1cDlmZmdnZjBHaE1sd09OcUhLNGlKbDVXbGFEMXRHMUZRVEtNcXhwQnk0UWhKb3N4czVxVFIxUEFoRHFyTU54SGlaYzJUV1h1bko3T01QK2ZoQVRhV3l6VlNmYzNXeDZoOThJNlhoLzd1bVR6SXdURmdQMWdrQ3FKR0I1VXdkbjNhSThjR2xiVEI2V1liUGc9PXw&cppv=2
Request Chain 386
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=LsZ9HDFLCZYwSuelc2MIstQ6fEYXiPmX
Request Chain 407
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-CUAZdmsokbpoDhWN1s47nMisNlLpHT0P-A00nw&google_cm&google_hm=ay1DVUFaZG1zb2ticG9EaFdOMXM0N25NaXNObExwSFQwUC1BMDBudw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-CUAZdmsokbpoDhWN1s47nMisNlLpHT0P-A00nw&google_gid=CAESENxuF5P5-I2I1aBOWqI-pms&google_cver=1&google_ula=913071,0
Request Chain 409
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7996175290072234627
Request Chain 421
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=dji49Ygo67EtAcOjOxMggMiRaV6gX3iD
Request Chain 445
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=aWgxH0djSU9lSFQKAxsIMi0kFz2ovC8f

490 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0F... 		754 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
HTTP/1.1
Server
104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-fLVGG6k8d/y7h3bSNyDZC/HAziMZDIlTIx/ddcAdC7A=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
83f39751febf9bc2-FRA
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Tue, 02 Jan 2024 14:11:25 GMT
Server
cloudflare
Transfer-Encoding
chunked
cache-control
private, no-cache, no-store, max-age=0
content-security-policy
default-src 'self'; img-src 'self';script-src 'self' 'sha256-fLVGG6k8d/y7h3bSNyDZC/HAziMZDIlTIx/ddcAdC7A=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
referrer-policy
strict-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-request-id
f28438606c2f1b7b
Primary Request donate-now
www.marchofdimes.org/ 		39 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef09195c774e2e9eb4422a2f8e3dcfb4af38c6d54b393a48f7f8118b2e519142
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://go.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
must-revalidate, no-cache, private
cf-cache-status
DYNAMIC
cf-ray
83f397539fe86937-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 14:11:26 GMT
expires
Sun, 19 Nov 1978 05:00:00 GMT
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-drupal-cache
MISS
x-drupal-dynamic-cache
UNCACHEABLE
x-frame-options
SAMEORIGIN
x-generator
Drupal 9 (https://www.drupal.org)
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
css_i_IAUTuyaYflulzov9QOquZ0DRt2fYtf1VYDyYjfHo8.css
www.marchofdimes.org/sites/default/files/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/sites/default/files/css/css_i_IAUTuyaYflulzov9QOquZ0DRt2fYtf1VYDyYjfHo8.css
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3c193a2e64fe803deba1f8c52fbec46e6a2089c546d8b18dc1f9a56ec4ca692
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 21 Dec 2023 23:19:52 GMT
server
cloudflare
content-encoding
br
cf-polished
origSize=8629
etag
W/"94f-60d0d56313bb8"
vary
Accept-encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
83f3975a5dc56937-FRA
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/ 		19 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600;1,700&display=swap
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eefe1e7d99ab4810bfb479ff54c275efb459b6ae9abfebfd221c4a518ead27d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 14:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 14:02:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 14:11:26 GMT
css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
www.marchofdimes.org/sites/default/files/css/ 		172 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26dd3e70c1aa731ac4c5a27ac65c200ceb2756eca0ae5862e8fab8b7d4985dd0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 21 Dec 2023 23:19:52 GMT
server
cloudflare
content-encoding
br
cf-polished
origSize=177163
etag
W/"7d61-60d0d563bea18"
vary
Accept-encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
83f3975a5dc76937-FRA
x-xss-protection
1; mode=block
rocket-loader.min.js
www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Dec 2023 14:09:38 GMT
server
cloudflare
etag
W/"6581a422-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
83f3975a7ddc6937-FRA
expires
Thu, 04 Jan 2024 14:11:26 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:26 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
83f3975a8dc137e9-FRA
sprite.artifact.svg
www.marchofdimes.org/themes/gesso/dist/images/ 		6 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/images/sprite.artifact.svg
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a03c785037ad1b5e421dd7d4335f1f697c0ab24f71aa14e49e632679b4112299
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
age
285
etag
W/"19d4-60d0d34b0c580"
vary
Accept-Encoding
content-type
image/svg+xml
content-encoding
br
cache-control
max-age=14400
cf-ray
83f3975a7dde6937-FRA
x-xss-protection
1; mode=block
js_3zKdJjwbnH4zY-ZXfGrKTGbJMU4AUVlFIlJ8EY1UCvA.js
www.marchofdimes.org/sites/default/files/js/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/sites/default/files/js/js_3zKdJjwbnH4zY-ZXfGrKTGbJMU4AUVlFIlJ8EY1UCvA.js
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f55809ae21d5dcfb8a6e01596d12eb88c0630f7e0aeff4c285b981df7864aed5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 30 Nov 2023 23:17:54 GMT
server
cloudflare
content-encoding
br
cf-polished
origSize=24764
etag
W/"19b1-60b66dc85ec70"
vary
Accept-encoding
content-type
text/javascript
cache-control
max-age=14400
cf-ray
83f3975b3e7d6937-FRA
x-xss-protection
1; mode=block
reminder.js
give.marchofdimes.org/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://give.marchofdimes.org/reminder.js
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
183d1f7f458dfc35496d9eb446598b1b96658ab4dc316b23cea4cd7bfcd4c8ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:26 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 02 Oct 2023 16:39:53 GMT
server
cloudflare
cf-polished
origSize=6204
etag
W/"e6ce93114ff5d91:0"
vary
Accept-Encoding
x-powered-by
ASP.NET
content-type
application/javascript
cache-control
max-age=14400
permissions-policy
interest-cohort=()
cf-ray
83f3975b9ed86937-FRA
js_-DDrB9INXKSpUh7RYEGn3k9Ww_ejwreIkMGDLsxqfB4.js
www.marchofdimes.org/sites/default/files/js/ 		160 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/sites/default/files/js/js_-DDrB9INXKSpUh7RYEGn3k9Ww_ejwreIkMGDLsxqfB4.js
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c09f9bc171c32544001b130b5ed1f7f2e2b8c1ac817823452288bc678afc57e6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 21 Dec 2023 23:19:56 GMT
server
cloudflare
content-encoding
br
cf-polished
origSize=165577
etag
W/"f117-60d0d567acfa8"
vary
Accept-encoding
content-type
text/javascript
cache-control
max-age=14400
cf-ray
83f3975b3e7f6937-FRA
x-xss-protection
1; mode=block
google_tag.script.js
www.marchofdimes.org/sites/default/files/google_tag/march_of_dimes/ 		348 B
339 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/sites/default/files/google_tag/march_of_dimes/google_tag.script.js?s6mzfy
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2717d806962fe1e4c9810ca869fb82c8bbd86638ca6787d01ff8c947c20df3c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 02 Jan 2024 10:43:13 GMT
server
cloudflare
age
285
etag
W/"15c-60df42a4fdc10-gzip"
vary
Accept-Encoding
content-type
text/javascript
content-encoding
br
cache-control
max-age=14400
cf-ray
83f3975b3e806937-FRA
x-xss-protection
1; mode=block
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d72fa0f78c80b1874d3ee4aadf43d973edc442a65fef83d37e684ac559893b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
5rel+BW+cbOCNkEJ4C4NBQ==
age
29483
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6841
x-ms-lease-status
unlocked
last-modified
Thu, 21 Dec 2023 21:19:55 GMT
server
cloudflare
etag
0x8DC026A943751A5
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d530a67f-201e-0007-3283-3455e0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f3975b4d9a92ad-FRA
fcdafeaf549fc682810d.svg
www.marchofdimes.org/themes/gesso/dist/images/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.marchofdimes.org/themes/gesso/dist/images/fcdafeaf549fc682810d.svg
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c73ae3eda72c7eef8b13c75031180df1d81626dec2a68a846094d697fec3546
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:07:43 GMT
server
cloudflare
age
285
etag
W/"1fb9-60d0d2abc8dc0"
vary
Accept-Encoding
content-type
image/svg+xml
content-encoding
br
cache-control
max-age=14400
cf-ray
83f3975b3e866937-FRA
x-xss-protection
1; mode=block
truncated
/ 		200 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5fbdec47eb761902c4f7d14ccd5a3b97bbaca6a18d485482157fff7f97684d3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		743 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5cc76e7f5b027b2566d97e2701af7b605a376c4a0487302d2634bbceb67eb349

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		538 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4471ccb98d7627f19e1fd997e5562b4be936baf86b6597eb63330c6843fc59c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
019696b175f8558a9f629b596b30b4715bf1219fbee3e3588dbacfb1582df84c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		328 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e944de09b6e048d89b1dff57baf718b2ac1dc0d273e55560decb4c82cc828c8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		325 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52142e0671ba7294da28434e2a92636b8848c1fe284fe09543c4e8f7e4716d11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
116448ff3191f74560d6d91c76cebc18ec741564aa62d5c6f8bdf8f611e8a2b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
218b91569ad8f0a5cf1aba89f3957966ecffb7b5852ca25b709bd8f887a00c90

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		521 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7176a2935514018f4c12a99dccc108407f9f4bdd7c1be1a097cbec7a90fb7542

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		518 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4aa2fdddfcb25552a1713673a954bc864de1a7b22dc0ebe664fe8ddb6bcb21ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		392 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
420a436e0e9e1c48a2f9ce50b59fdb2b805d0274cc20fa569fd1726c4dbf90e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		389 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b73c2239b5b0ae6e051cb135734dc2101aeaf9032dd6b2c29ce9679330fc0bd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		583 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b81f50d6d819dd6d6aaf0cb6402329f0479c734ad2f0918eb9f8366b66f78c83

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		580 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a79623b8606d1583bada494ecdaac61b10440ba7a0da23185892f9d86f172dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		535 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24049fb41335d87d82a9faea10cf9aa2a0ef868037667b029d2953a940cdf67b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		532 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b410913850321efd333e39ddf1a5d49a433b29721126ec6d785f8f039e98bc32

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
329746577f94a4f1785e.otf
www.marchofdimes.org/themes/gesso/dist/fonts/ 		123 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/fonts/329746577f94a4f1785e.otf
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e758310065d56c81731fadefacd48f77fe962456070bcd42b4fab78e044a69d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
content-encoding
br
etag
W/"1eb4c-60d0d34b0c580"
vary
Accept-Encoding
content-type
font/otf
cache-control
max-age=14400
cf-ray
83f3975b4e986937-FRA
x-xss-protection
1; mode=block
7ef1e78abcb43e957eec.otf
www.marchofdimes.org/themes/gesso/dist/fonts/ 		130 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/fonts/7ef1e78abcb43e957eec.otf
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d663da5e7f6fe773fda5fe642d04a71cd988f1132b343edb5be914d44a1f534
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
content-encoding
br
etag
W/"206b0-60d0d34b0c580"
vary
Accept-Encoding
content-type
font/otf
cache-control
max-age=14400
cf-ray
83f3975b4e9a6937-FRA
x-xss-protection
1; mode=block
09a9e3080c1a5236f325.otf
www.marchofdimes.org/themes/gesso/dist/fonts/ 		131 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/fonts/09a9e3080c1a5236f325.otf
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1802297dea21b3e6a860ccb64dac092312598f1743b8b6b9dd6c30adb4bfe45
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
content-encoding
br
etag
W/"20b6c-60d0d34b0c580"
vary
Accept-Encoding
content-type
font/otf
cache-control
max-age=14400
cf-ray
83f3975b4e9c6937-FRA
x-xss-protection
1; mode=block
f58d53eb72d7239d4ca8.otf
www.marchofdimes.org/themes/gesso/dist/fonts/ 		129 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/fonts/f58d53eb72d7239d4ca8.otf
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebd6d32400095fb406e63e748a6a8451eb6cdefc0f57d5f3217de10fdc57b416
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
content-encoding
br
etag
W/"20448-60d0d34b0c580"
vary
Accept-Encoding
content-type
font/otf
cache-control
max-age=14400
cf-ray
83f3975b4e9e6937-FRA
x-xss-protection
1; mode=block
e78d3d4f87bc060c0a1a.otf
www.marchofdimes.org/themes/gesso/dist/fonts/ 		131 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/fonts/e78d3d4f87bc060c0a1a.otf
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75c911d121bdba9548b91e8a057bfae7edbebe988a7423821fc7d4c090c64b92
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marchofdimes.org/sites/default/files/css/css_GTGmnVqXCapxX0qMcQzdZnhCG-yBZEuyd9NKyAL9IpM.css
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
content-encoding
br
etag
W/"20a90-60d0d34b0c580"
vary
Accept-Encoding
content-type
font/otf
cache-control
max-age=14400
cf-ray
83f3975b4ea06937-FRA
x-xss-protection
1; mode=block
ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c.json
cdn.cookielaw.org/consent/ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c/ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31c9ef99aae6896ff764e44f3cc121359d2a42dc49389a16a8b236f6e8aacfca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
9636
content-md5
g/KZi3qFt3L2oPImJ/jgJw==
content-length
1475
x-ms-lease-status
unlocked
last-modified
Tue, 10 Oct 2023 13:15:27 GMT
server
cloudflare
etag
0x8DBC992F85E777F
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
78ebd77a-e01e-006a-24c0-21e1ab000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f3975c4e64914d-FRA
expires
Wed, 03 Jan 2024 14:11:26 GMT
AJPYNTWD
cdn.fundraiseup.com/widget/ 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fundraiseup.com/widget/AJPYNTWD
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98fec5c4653bda889430cc5f033525265ca3018bf9d5463cb9f7040af370ac4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"700361656"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BakLXBEnhK9fyBLVZxzoEFS%2FKxc4eAz2O9uzSM1cLYPybcNYx%2BiHxTjkxbTMJX19v8KJ5%2BGuJUAjp9zWB419QlVNXrQgcsiAmYSFZhZ7nhuf1HHdHQogAb4qv8%2FDrLYoqu%2BK4M4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
83f3975c68f91e5b-FRA
link
<https://static.fundraiseup.com/8404ac38d731.elementsApi.js>; rel=preload; as=script, <https://static.fundraiseup.com/embed-data/elements-global/AJPYNTWD.js>; rel=preload; as=script, <https://static.fundraiseup.com/3.5405c7d5a80b.async-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/2.f1965a53d878.elements-langs-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/0.a67f871726a0.elements-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-vendors.90571ef5681f68c03c51.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-styles.5314794eb173af8226ff.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-sentry-vendor.bbaab79af6ac4ae5c523.js>; rel=preload; as=script, <https://static.fundraiseup.com/sentry.46ead00774987992ad1f.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-modal-fiat-flow-factory.412db339158e6d1dd863.js>; rel=preload; as=script
alt-svc
h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		362 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/google_tag/march_of_dimes/google_tag.script.js?s6mzfy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2671080421a95ca136f6dfaaf0850957bae95fcee4efd7d803619f78bac12b4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109271
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jan 2024 14:11:26 GMT
sprite.artifact.svg
www.marchofdimes.org/themes/gesso/dist/images/ 		6 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/themes/gesso/dist/images/sprite.artifact.svg
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/sites/default/files/js/js_-DDrB9INXKSpUh7RYEGn3k9Ww_ejwreIkMGDLsxqfB4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a03c785037ad1b5e421dd7d4335f1f697c0ab24f71aa14e49e632679b4112299
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2023 23:10:30 GMT
server
cloudflare
age
285
etag
W/"19d4-60d0d34b0c580"
vary
Accept-Encoding
content-type
image/svg+xml
content-encoding
br
cache-control
max-age=14400
cf-ray
83f3975c5f796937-FRA
x-xss-protection
1; mode=block
rum
www.marchofdimes.org/cdn-cgi/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.marchofdimes.org/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Tue, 02 Jan 2024 14:11:26 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.marchofdimes.org
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
83f3975c6f806937-FRA
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202309.1.0/ 		424 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
803f9665533b781ac3abb157ba32b9a1f48d3b7a30bada354656d4b89be22610
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
wp4bduWb8cLN8oREjFODhQ==
age
26531
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
104423
x-ms-lease-status
unlocked
last-modified
Thu, 19 Oct 2023 03:29:28 GMT
server
cloudflare
etag
0x8DBD0539A07337D
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
55c003e6-c01e-001f-4190-138a87000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f3975c8f3592ad-FRA
en.json
cdn.cookielaw.org/consent/ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c/03dae8d3-1490-4973-98ef-e49e49eac3e6/ 		91 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/ce58b1c5-3fe5-4b89-ba5c-ca7c2558eb4c/03dae8d3-1490-4973-98ef-e49e49eac3e6/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db2fe02b994fdded9fe3acc3f595150e738f4a0c34d9a41e76a6627be26b5352
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
9635
content-md5
pmspCWhZwPW8+QqTyR8o7Q==
content-length
18521
x-ms-lease-status
unlocked
last-modified
Tue, 10 Oct 2023 13:14:55 GMT
server
cloudflare
etag
0x8DBC992E56CEEA8
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
196f8fa7-701e-0078-5644-149a7b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f3975cbed9914d-FRA
expires
Wed, 03 Jan 2024 14:11:26 GMT
js
www.googletagmanager.com/gtag/ 		244 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0DRBVSJJB1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ad57366636e32f982af9c249ade2bd2e2fbcfc11abf4062c527e419ebd6d9321
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86207
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:11:26 GMT
up_loader.1.1.0.js
js.adsrvr.org/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.157.1.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-1-118.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 05:33:53 GMT
Content-Encoding
gzip
Via
1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
Last-Modified
Wed, 20 Dec 2023 01:34:49 GMT
Server
AmazonS3
X-Amz-Cf-Pop
DUS51-P2
Age
31054
x-amz-server-side-encryption
AES256
ETag
W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
CeGGDXsw3zk5odcF-PZw1AyeJcxzxmIbAqgpjwgsyr6JyH1Y_km8Gw==
js
www.googletagmanager.com/gtag/ 		180 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-8832015
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
26bbc198911e52e8de1d0b76e595351ed9dc93c0a586bb39f1db47e99df2a29a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67454
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jan 2024 14:11:26 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 13:48:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1389
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 02 Jan 2024 15:48:17 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1335104/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1335104/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ceee682f306a64e8cf1b48d513f71a81dc852709cf2b36b3d9b3719fac0b0fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
CPjc27vK9QkggOQSCDqJ5FsgXBZJ9dxj
content-encoding
gzip
via
1.1 varnish
date
Tue, 02 Jan 2024 14:11:26 GMT
x-amz-request-id
MCBHMDAX4XV4X5K9
age
113
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
19973
x-amz-id-2
Gdh6a7kMxGRYIpWOuCzSFvhR4E3KDxWynrs2sa3oG9bRYceZhiCErA/obJzxc93k7Zusr8xziLA=
x-served-by
cache-fra-etou8220089-FRA
last-modified
Sun, 31 Dec 2023 11:30:35 GMT
server
AmazonS3
x-timer
S1704204687.900235,VS0,VE1
etag
"4c28249a704a2eee05e8cffeb2135111"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
76
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
insight.min.js
snap.licdn.com/li.lms-analytics/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Dec 2023 13:09:33 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=75781
accept-ranges
bytes
content-length
15541
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 02 Jan 2024 14:11:26 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0CBDDF97434F4C34904911CC29D56D21 Ref B: FRA31EDGE0519 Ref C: 2024-01-02T14:11:26Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
activityi;dc_pre=CKbh95fxvoMDFQHMOwId3gYGLQ;src=8832015;type=rt;cat=rt_bs0;ord=7647416364528;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;...
8832015.fls.doubleclick.net/ Frame 8DCB
Redirect Chain
  • https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=rt_bs0;ord=7647416364528;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl...
  • https://8832015.fls.doubleclick.net/activityi;dc_pre=CKbh95fxvoMDFQHMOwId3gYGLQ;src=8832015;type=rt;cat=rt_bs0;ord=7647416364528;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dm...
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8832015.fls.doubleclick.net/activityi;dc_pre=CKbh95fxvoMDFQHMOwId3gYGLQ;src=8832015;type=rt;cat=rt_bs0;ord=7647416364528;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f6.1e100.net
Software
cafe /
Resource Hash
ce34b48d423f106808707cb1a20d435d0932011d1777f6c5b33923514ef72689
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
1241
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:11:27 GMT
expires
Tue, 02 Jan 2024 14:11:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:11:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8832015.fls.doubleclick.net/activityi;dc_pre=CKbh95fxvoMDFQHMOwId3gYGLQ;src=8832015;type=rt;cat=rt_bs0;ord=7647416364528;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;dc_pre=CK_k95fxvoMDFdTIOwIdDT0P4w;src=8832015;type=rt;cat=donforms;ord=1907874470162;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl...
8832015.fls.doubleclick.net/ Frame 963E
Redirect Chain
  • https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=donforms;ord=1907874470162;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uaf...
  • https://8832015.fls.doubleclick.net/activityi;dc_pre=CK_k95fxvoMDFdTIOwIdDT0P4w;src=8832015;type=rt;cat=donforms;ord=1907874470162;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;...
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8832015.fls.doubleclick.net/activityi;dc_pre=CK_k95fxvoMDFdTIOwIdDT0P4w;src=8832015;type=rt;cat=donforms;ord=1907874470162;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f6.1e100.net
Software
cafe /
Resource Hash
6018d98685484b3e379431582aafc6481dc84dfe771e41090ee2e5c20a00361d
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
1764
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:11:27 GMT
expires
Tue, 02 Jan 2024 14:11:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:11:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8832015.fls.doubleclick.net/activityi;dc_pre=CK_k95fxvoMDFdTIOwIdDT0P4w;src=8832015;type=rt;cat=donforms;ord=1907874470162;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:26 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 09 Jan 2024 14:11:26 GMT
obtp.js
amplify.outbrain.com/cp/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c91d4a23e0001862471bd7f67ca563d90b10f95d32b6f0af3874ef27d399388f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:11:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Dec 2023 13:05:28 GMT
Server
AkamaiNetStorage
ETag
"928c0d1860f13b981036d5c18f950ac2:1703078882.762337"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-RG
EU
Cache-Control
max-age=1200
X-CC
DE
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7779
Expires
Tue, 02 Jan 2024 14:31:26 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 14:11:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
hrGU6Len7lMKh9zL+WljXGH/T/zwaFgiKzyXmJ4wH5lCGBvPhs4XnXzyD49dIMG4SiUJ+WSNNn+zg61VzMJ0LA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.min.js
cdn.resonate.com/analytics.js/v1/101125894/ 		0
96 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.resonate.com/analytics.js/v1/101125894/analytics.min.js
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:26 GMT
strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
83f3975d5eb4916b-FRA
vary
Accept-Encoding
B21591273.227039140;sz=1x2;ord=51266557178
ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=51266557178?
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f6.1e100.net
Software
cafe /
Resource Hash
dc4c53719441015688ddfe8cf43aa2bf95d0a4574d533c3e051a16887d4f703a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14774
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
optimize.js
www.googleoptimize.com/ 		128 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=GTM-W2ZD7L3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8166e6a7d3fe9fdc26b2f8a0bff105a647c884e550c57225b9cc660d0be6b278
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50505
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jan 2024 14:11:26 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHD93M3C77U7KUN3M5L0&lib=ttq
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.77 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-77.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
db9719f2d84f3a97df3f4879dec1c926b021125f4429dca8bb0800ca390c84ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id
36a07395.5feda20e
date
Tue, 02 Jan 2024 14:11:27 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240102141126770A17BD408AD69DCC4D-438BE167E53B3F1B-00
x-cache
TCP_MISS from a23-38-99-141.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time
100,23.38.99.141
server-timing
cdn-cache; desc=MISS, edge; dur=90, origin; dur=10, inner; dur=4
content-length
1940
pragma
no-cache
server
nginx
x-tt-logid
20240102141126770A17BD408AD69DCC4D
x-cache-remote
TCP_MISS from a23-220-104-16.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
10,23.220.104.16
x-tt-trace-host
0124359e713df8ca709285b8f2220f169929661c3ff141b21bf5e35b1ed354c61e36a7c319a509dfd6ba8b2723a72a4333aa375d6734e8b3d2b648e46869c3108e195183a016d713f5dafc17ff4c3ead89f4bfdd4e13c66b8cd81c7c673a3c60dacc2d63a3e0311d8673150d66e3aacc3b
expires
Tue, 02 Jan 2024 14:11:27 GMT
adelphic_universal_pixel.js
js.ipredictive.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ipredictive.com/adelphic_universal_pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-82.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa4f6cfbf87befc125843523e2dfe029009376cb8f5d590cffbc1bb267dd69ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:11:27 GMT
via
1.1 c9f5cfb4434d1ba72b6232f7ef6eeb0e.cloudfront.net (CloudFront)
last-modified
Fri, 30 Sep 2022 15:42:59 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P4
age
3600
etag
"83b469155694c51d4c5581028a6788bc"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2108
x-amz-cf-id
mltCYbozn7RbQLG91vdJqTd_aKZBEq9QuqTgepWgiG6IP8hvwmdnYw==
trackpoint-async.js
s2.adform.net/banners/scripts/st/ 		81 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
content-encoding
gzip
last-modified
Tue, 23 May 2023 09:56:34 GMT
server
nginx
x-amz-request-id
tx000002a4302a981bc3024-00646c8ee1-3295d04c-default
etag
W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
B21581475.237971066;dc_pre=CNvn9JfxvoMDFfjGEQgdvbQFdQ;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.237971066;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.237971066;dc_pre=CNvn9JfxvoMDFfjGEQgdvbQFdQ;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;ta...
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.237971066;dc_pre=CNvn9JfxvoMDFfjGEQgdvbQFdQ;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f6.1e100.net
Software
cafe /
Resource Hash
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:26 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.237971066;dc_pre=CNvn9JfxvoMDFfjGEQgdvbQFdQ;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B21581475.265419780;dc_pre=CO7p9JfxvoMDFYqk_QcdjFwGLA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
  • https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_pre=CO7p9JfxvoMDFYqk_QcdjFwGLA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;ta...
43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_pre=CO7p9JfxvoMDFYqk_QcdjFwGLA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
H2
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f6.1e100.net
Software
cafe /
Resource Hash
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:26 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N9539.3391082MARCHOFDIMES/B21581475.265419780;dc_pre=CO7p9JfxvoMDFYqk_QcdjFwGLA;dc_trk_aid=424965911;dc_trk_cid=104722561;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/202309.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Ku3O1VFWoltPW4n5m1lGVQ==
age
830
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3017
x-ms-lease-status
unlocked
last-modified
Thu, 19 Oct 2023 03:29:22 GMT
server
cloudflare
etag
0x8DBD053964DC527
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
6e914481-501e-007f-5f93-0cf618000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f3975d3f70914d-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202309.1.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Xznrm5/jaKmHSjGeIIkHOA==
age
6555
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12708
x-ms-lease-status
unlocked
last-modified
Thu, 19 Oct 2023 03:29:24 GMT
server
cloudflare
etag
0x8DBD05397A0A023
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
3b583b4f-e01e-0055-63e6-1d2908000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f3975d3f71914d-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202309.1.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202309.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:11:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
age
830
x-ms-lease-status
unlocked
last-modified
Thu, 19 Oct 2023 03:29:33 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
9428b29f-101e-001c-7a80-226be3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
83f3975d3f73914d-FRA
collect
www.google-analytics.com/j/ 		3 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=31720821&t=pageview&_s=1&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&dr=http%3A%2F%2Fgo.marchofdimes.org%2F&ul=en-us&de=UTF-8&dt=Donate%20Now%20%7C%20March%20of%20Dimes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=157378853&gjid=1344272561&cid=790461794.1704204687&tid=UA-219864-60&_gid=340942534.1704204687&_r=1&_slc=1&gtm=45He3bt0n81WNJ3K3Pv894218235&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=795788034
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.marchofdimes.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/1335104/trc/3/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1335104/trc/3/json?tim=1704204686934&data=%7B%22id%22%3A776%2C%22ii%22%3A%22%2Fdonate-now%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1704204686916%2C%22cv%22%3A%2220231231-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%22%2C%22e%22%3A%22http%3A%2F%2Fgo.marchofdimes.org%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtruenorth-marchofdimes-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22cbp%22%3A%22OneTrust%22%2C%22cbpv%22%3A%221%22%2C%22cbcd%22%3A%22%2CC0003%2CC0001%2CC0002%2CC0004%2C%22%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1704204686930%2C%22ref%22%3A%22http%3A%2F%2Fgo.marchofdimes.org%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks%22%2C%22tos%22%3A11%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1335104/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c279df85c68b609b44e53997eecbbc03a3aaf8c56a72fb31fab29968147b71d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms
24
date
Tue, 02 Jan 2024 14:11:26 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.26925
x-fastly-to-nlb-rtt
7561
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220089-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1704204687.944318,VS0,VE24
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
collect
region1.google-analytics.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0DRBVSJJB1&gtm=45je3bt0v894839724z8894218235&_p=1704204686776&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=790461794.1704204687&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704204686&sct=1&seg=0&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&dr=http%3A%2F%2Fgo.marchofdimes.org%2F&dt=Donate%20Now%20%7C%20March%20of%20Dimes&en=page_view&_fv=1&_ss=1&tfd=1612
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DRBVSJJB1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.marchofdimes.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		207 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-794610601&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
01016a6fe7e537a6cef5639f1c0c4fce24349aa12858b2172a8153a9f3ba7de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75640
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jan 2024 14:11:27 GMT
js
www.googletagmanager.com/gtag/ 		228 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1071894384&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
af5c5a92b8718e2ab140fe43a865d77720962b4b534391dfb474716eb7bc1ccc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80955
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jan 2024 14:11:27 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204687031&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204687031&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3446297%26time%3D1704204687031%26url%3Dhttps%253A%252F%252Fwww.marchofdimes.org%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204687031&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204687031&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_mediu...
0
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204687031&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&cookiesTest=true&liSync=true&e_ipv6=AQIfA5SN6shjAQAAAYzKg9larOcUS126ERyAi3BFW-nWV8uabpTI7FCC0G859LgRNQ
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 82B7EC097251424CBA31D3A30A5DEB39 Ref B: FRAEDGE1520 Ref C: 2024-01-02T14:11:27Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN9xMMp+7ia17fBMocxA==

Redirect headers

date
Tue, 02 Jan 2024 14:11:27 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 05E9BD89844C491D8507B57205831CCA Ref B: FRAEDGE1211 Ref C: 2024-01-02T14:11:27Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3446297&time=1704204687031&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&cookiesTest=true&liSync=true&e_ipv6=AQIfA5SN6shjAQAAAYzKg9larOcUS126ERyAi3BFW-nWV8uabpTI7FCC0G859LgRNQ
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN9xMI6ucpXv6sUIrKgw==
rules-p-4LjrHyeV3QUW4.js
rules.quantcount.com/ 		160 B
641 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-4LjrHyeV3QUW4.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:a400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2aa9b0ccf31fe34e187c3b09bec7e9d8fccdeb48a5b2223d9f80df2a8790a6af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:02:30 GMT
via
1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
537
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 23:45:31 GMT
server
AmazonS3
etag
"52b67ed0d6de08757c0affd0509ae576"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
HSMgI_o3ShQiRkuaSoWXZru1qqV9niIy9hC15bUOKUfM6fGM6tw7fw==
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
517 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202309.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
71958
x-ms-lease-status
unlocked
last-modified
Thu, 21 Dec 2023 21:20:04 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
a9d61206-701e-0078-3ca2-349a7b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
83f3975e089e914d-FRA
MOD_Logo_Donation.png
cdn.cookielaw.org/logos/619fa1da-f983-4882-ba6d-40627ba6ce87/a03b80d6-3bea-4390-97a7-fc8fcf47da90/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/619fa1da-f983-4882-ba6d-40627ba6ce87/a03b80d6-3bea-4390-97a7-fc8fcf47da90/MOD_Logo_Donation.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b57a6d97fc4340e01339086713fe15bc8c6bace25a8fa8b8682558c953c444a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
OUtpBJgltqUBYxR5JoTCtQ==
age
36045
content-length
20107
x-ms-lease-status
unlocked
last-modified
Mon, 03 Feb 2020 15:42:50 GMT
server
cloudflare
etag
0x8D7A8BFB9C0ADEB
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
6e9418ab-501e-007f-6a94-0cf618000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
83f3975e18fc92ad-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
27362
x-ms-lease-status
unlocked
last-modified
Thu, 21 Dec 2023 21:20:05 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
a220a8b7-a01e-006b-498a-34be77000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
83f3975e18fd92ad-FRA
unifiedPixel
tr.outbrain.com/ 		53 B
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=07937233079512758&referrer=http%3A%2F%2Fgo.marchofdimes.org%2F&cht=ot&marketerId=00cffee659fe578dc2dfc7fa0fb839455e&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:11:27 GMT
Cache-Control
no-cache
content-encoding
br
X-TraceId
a3b99d4e54615cdf88604d9007c0d696
Content-Length
54
Content-Type
image/gif;
unifiedPixel
tr.outbrain.com/ 		53 B
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=024527974395859453&referrer=http%3A%2F%2Fgo.marchofdimes.org%2F&marketerId=00cffee659fe578dc2dfc7fa0fb839455e&name=Add%20to%20cart&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:11:27 GMT
Cache-Control
no-cache
content-encoding
br
X-TraceId
77c837df706fdf783c73e38d5b45068f
Content-Length
54
Content-Type
image/gif;
cachedClickId
tr.outbrain.com/ 		35 B
220 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00cffee659fe578dc2dfc7fa0fb839455e,00cffee659fe578dc2dfc7fa0fb839455e
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:11:27 GMT
content-encoding
br
X-TraceId
64276c08ee6cbd7ea4459fdf911cebe6
Content-Length
39
Content-Type
application/javascript
00cffee659fe578dc2dfc7fa0fb839455e
wave.outbrain.com/mtWavesBundler/handler/ 		2 B
443 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wave.outbrain.com/mtWavesBundler/handler/00cffee659fe578dc2dfc7fa0fb839455e
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.149 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-149.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:11:27 GMT
Content-Encoding
gzip
ob-sent-time
1704158459218
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
X-RG
EU
Cache-Control
max-age=60
X-CC
DE
Connection
keep-alive
X-TraceId
57b83294c6ee72d141c3c6b514b67f82
Content-Length
22
Expires
Tue, 02 Jan 2024 14:12:27 GMT
1621384747882069
connect.facebook.net/signals/config/ 		135 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1621384747882069?v=2.9.138&r=stable&domain=www.marchofdimes.org
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4bc9b49ae6ec81de78cb07234ba748e5f186b819079eca3e7e82db4690641275
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 14:11:27 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
36114
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
poejkQKNJDz8uY1CocR00MHljKx1d6oDx78CXMJQ/9A6IISA5W1vVqhHWd6TsXXFdS3zhL63LxdV6hqiqO7hZA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
25017097.js
bat.bing.com/p/action/ 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/25017097.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 02 Jan 2024 14:11:26 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1C43F909C314463BA81B6CA1725E400B Ref B: FRA31EDGE0519 Ref C: 2024-01-02T14:11:27Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=25017097&tm=gtm002&Ver=2&mid=c8643913-c9d5-447d-8062-9529c2f3370d&sid=d17b6e40a97811eeb199278edd27f0c3&vid=d17b98e0a97811ee8f46b92db87573ec&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20Now%20%7C%20March%20of%20Dimes&p=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&r=http%3A%2F%2Fgo.marchofdimes.org%2F&lt=1407&evt=pageLoad&sv=1&rn=492592
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 02 Jan 2024 14:11:26 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 85B6E75CBA6E4F1584FDEB7908C00D66 Ref B: FRA31EDGE0519 Ref C: 2024-01-02T14:11:27Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
8404ac38d731.elementsApi.js
static.fundraiseup.com/ 		122 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/8404ac38d731.elementsApi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3de7a0f6d4d192cc931ffc60dcd9c41cf823614d8fe3264c7553611853a2dc52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VA2FN8C5607QYKWS
age
18510
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
hq8/zlDkrBEn2/AGY65t4RE5RXDVyr2+gTd70YK15YAZpy1LxZGD8KffmX50kA9A0ikw5T/6Qf8=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"a1890ed56981ecf46c638b122d04247d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gWPCzwHT1pteymd27zYCoXDvU0FcLrukoBNLUAJV6A4YTm3CmBMdgW5%2BXcdroc8aSnD%2BKUy5qs%2Bme2mffTmgtgZidYt0jgkrVobsMY96RqahW%2FO%2BYWpW6H%2Bzys1aa8rYxvpM%2BWuN7BY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f3975e5c291e5b-FRA
AJPYNTWD.js
static.fundraiseup.com/embed-data/elements-global/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements-global/AJPYNTWD.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c50703a9859028e070c5ba54517ac39c873fcfc5015907f5dac21c78648ccbdf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
PCTQFG6JD9MCG443
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
W50rBrNwSj8sxKsBNAkgsVM2kN9/sUSaMRhAdiq/1D0A217qNpEys+gBwhfTkuOyhtCL2D9qrxY=
last-modified
Tue, 02 Jan 2024 14:10:16 GMT
server
cloudflare
etag
W/"63cb5dadcb23c4e25551f1e7511c5365"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TyV%2B9SqjttcEVVu9OtS05EvAWIze6p%2FfTm6ombCa1VfqUABV0LCDWo6mtRrvjBHgkyDEp3%2B8sNkHWbT8PKOE7lVrYgOY9MdOSPIt98m7Y5uqiIIkDwRU2P%2B5Et6Kr46tB879%2FHjeE0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
83f3975e5c201e5b-FRA
3.5405c7d5a80b.async-vendors.js
static.fundraiseup.com/ 		102 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3.5405c7d5a80b.async-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fda46ad6de82ed65908428f090ab3cb24da2b2ab22e3f19e2713e94eecdc907
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9BZ05BEKVY7ZFGVV
age
622893
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
X8BeAcvPynj5a4Ace2fztyCj14JHNu1Dc6dPp4UQo60x44nfvdJV2Sa2bYBnENnw2TMAZpouFiQ=
last-modified
Tue, 26 Dec 2023 08:53:44 GMT
server
cloudflare
etag
W/"b78f8a914b2aac0785a820267d8712d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FA9LL123pyUER0VSZFe8hqdqnRE3ltHCM2q3d%2BoFoieuJGZIxo%2FiQdKW%2FEPuTBRZwGZyPK%2FlhfL2MbZFO%2FfHPC0u8haEqvKaOoqCznZfMWpChdc5JC85Itg3DSb8R5khhfUId%2FXCVg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f3975e5c211e5b-FRA
2.f1965a53d878.elements-langs-vendors.js
static.fundraiseup.com/ 		295 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/2.f1965a53d878.elements-langs-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c963fd1212d60ca1c683bccb3c3ace830cdedc1dccf7256c112a9708f9e7cf88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
32V0EJZW0XMZ9X8A
age
361906
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
UIQ1dlw0+6bcy3dETPWY5ykd0xB2XT43XD8bVWY46z6ohl4vhIeNwAPPntHiP156+IRu1qfrPco=
last-modified
Fri, 29 Dec 2023 09:23:28 GMT
server
cloudflare
etag
W/"86230c72ced6be65504232d51156f84a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icmN7fJH0u9ZhXTK1XqZU5X%2Bw589NGLwC7v%2FEaYngPujVPd2ufprdApTKHZGvujiPPPXQduuf6SjYsMmnhkkWSBWSeMvJpCJD39ozl6yCLhObl7c5womTu7RyDyaZ9p2eK0nefCL7r4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f3975e5c1e1e5b-FRA
0.a67f871726a0.elements-vendors.js
static.fundraiseup.com/ 		62 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/0.a67f871726a0.elements-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
642d50bf95258a7181203326b05c08982dc5298ff21982594594a2ece141bed8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
32V6N0QFAKX4BFFV
age
361906
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Q7L0pxTNr0psgszyHQDcw4o8Fwzu4ZDbfLth3q69gRTh1sO2yp3ynzKMhgktQWL1UP09aNXP65M=
last-modified
Fri, 29 Dec 2023 09:23:27 GMT
server
cloudflare
etag
W/"dc6cd5ef97018916a1e5cc76f51b6029"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8BqrxqkBhcYmVDi57D4yqtJCqTTWGviXoH5jgBA%2FoKZ7I9bLa5StnesM%2BjufDw5XimxNGghTkzbnlb2c5bnvihyReG2UkqFyVoZyEqiLPZpSYYb2G1dZSRcokw447xQW5Hvw1I%2B%2FnQw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f3975e5c271e5b-FRA
checkout.677091bbeb21f0afc5db.js
static.fundraiseup.com/ 		311 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16b59918ab6733c57a8a7a9d6a1968d29e79df70c67909ddf241e029d0c15230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VA23S49AJXJ280CG
age
18510
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
XpjwJN+7GWpCQJur1wSOIRn7CtPAhGzAgKKrMZwBBY+MJTgmtajqQNaLFmDaPCyAlmyRhUUrNjU=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"52c4020f627c9a2863287f67e826bf65"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=11LfZmrVOv5LFywjYoxkqBEKqzp6Hw43y9eQK0RAryBU5%2FrvVx30UhN47uT9G%2BzCPdlWdUH6sOn2PfhvDXboaifYDlEZQYhuSHXZZdSrbRmIWpiPu%2FJnzfC8YYXC1fI9BX2OFPdHYZI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f3975e5c251e5b-FRA
checkout-vendors.90571ef5681f68c03c51.js
static.fundraiseup.com/ 		325 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout-vendors.90571ef5681f68c03c51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0ee34fcf7db9c8bc2412f47c264d8de575c2d477198cabc635ba538ddcd77f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CQYYB1WB1XF6X4CC
age
970741
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
pMOUC2kkzbzntFTzFntk176AwgIGXNLJsC4wJyUxNRGSgjypMm/TGoSDQ8Q7VcfdC0tBPgFdTUQ=
last-modified
Fri, 22 Dec 2023 08:14:34 GMT
server
cloudflare
etag
W/"aed625f3509871737d1044d3a87ee8b4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWKsqdPaaNcKSzGMZGj%2B%2F3OwefS%2B3H6jK%2B76wmfI44WXNarS3J%2FSWJiBbHn%2BfD%2FT3tccOnoozzjJP7v0%2BIlT4vHzyvavyu7JjmgbcouSlXxuleeBU9%2BOLV2%2BIFzSu037K2V68XogKhA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f3975e5c261e5b-FRA
checkout-styles.5314794eb173af8226ff.js
static.fundraiseup.com/ 		118 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout-styles.5314794eb173af8226ff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2a900b2a6524b9f6a640eddeda6e045bea4aff194c9203ea660e6db5743b69b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VA2115S2FHS2FJ8E
age
18510
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
jmiAF5s7SHbBbJjC3AxF7BidRCyl3wgkKMOC7Y0SE387oAPkA3+hX4YjKLR19E8L0FSE4bWCoUk=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"7d4d7c4dcf370f6ba0a1600c8277782b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uux87PhWwfKY6aqXnWQdkPbzeFlwtmLQxb1zFiiE4wQCPqcMNHOJlnudhAvWMfT91J9cBCc7rDkkHeitAQJBSqootjQ5ONzvMpkFmB4utwRRE89NtxxK1FghXvGkytZfSbAFtgNGY4Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f3975e5c311e5b-FRA
checkout-sentry-vendor.bbaab79af6ac4ae5c523.js
static.fundraiseup.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout-sentry-vendor.bbaab79af6ac4ae5c523.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46ffa27a716a55780501f5d6711c054bdb1772174f1076dc0e49dee9b00648e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HGGKTGCE1YZJMSDZ
age
388885
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
M+w43jSCHQSas6McrOwuQwgzIUYcou3C9DSnhph0wEyr9HpWTu4JBe3lPiX6TEs4ht/esiZjbeY=
last-modified
Fri, 01 Dec 2023 08:27:18 GMT
server
cloudflare
etag
W/"e8cb215ba1bf6e188dcd93c7faa7d814"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2FtRRvZIsjbuNJWrh1x%2B%2FsvrYckXzVQKCDnDXs4P7AirV5sYiCuTtAxAZzwBkAyQezTHuJZaOcruF4clQ5zAtboNg7RAQySr79eHPtk5INZzIt8KgSOTdxZpWZYFPrspK7OCuok8bh8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f3975e5c231e5b-FRA
sentry.46ead00774987992ad1f.js
static.fundraiseup.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/sentry.46ead00774987992ad1f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f300f66c1304e23bfc15a23908129f0b10ff24c89f5a2727bc52735acda82d57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CQYKHFR43Z09DA45
age
970741
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
JA8OmN2l6WBWtENfumEOJLCyYpu0u7D79btpTmOT6BnrRDpqWY2ZhNnIbnl2erxo8EGRzSVB11g=
last-modified
Fri, 22 Dec 2023 08:14:35 GMT
server
cloudflare
etag
W/"d325c5401c790cdad1125c429c0a3570"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzDAMY3aB%2FLFO%2BeD28XPiEKieNTZx67KWiQ5Ad%2FlWJ%2BZFhQJ8d6hUm558Sdm8mGyrvYpckjrKiqtPsct66ANvddQ%2BDWUV1%2FocbueSn4k3Jaxhbif4IhTYt3FWzTTVOVQavYAgjNHgMw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f3975e5c241e5b-FRA
checkout-modal-fiat-flow-factory.412db339158e6d1dd863.js
static.fundraiseup.com/ 		193 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout-modal-fiat-flow-factory.412db339158e6d1dd863.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae885067159b6a4c7f153446d01bd1e0405d0acd180089840397091758a42695
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
32V1ZK6TEKGC2F71
age
361906
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
HsfujrA+k1UKvFlvFqNT9p5WwVToMwIMs8iwMccJuFCcSOnuyYW2F74ee6t5X1VIfj75hQb/aIs=
last-modified
Fri, 29 Dec 2023 09:23:32 GMT
server
cloudflare
etag
W/"a841186be43e9817bb06608166c38a47"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UDeOrdEO%2BwCoMLVArjbTO6Y0OcW4tHhrafe%2FTy26WxN3bDkrMwELhJc%2Bx0nMaoZCmn%2Fwr1giVAJhr1rp7fz8%2FBLOWptuo5QZQywYycMxLEP5bl8bKD4tdprPGosmed2w6Fb%2BNd%2FhkoA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f3975e5c281e5b-FRA
bounce
secure.adnxs.com/ Frame 8DCB
Redirect Chain
  • https://secure.adnxs.com/px?id=1282070&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1282070%26t%3D2
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1282070%26t%3D2
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CKbh95fxvoMDFQHMOwId3gYGLQ;src=8832015;type=rt;cat=rt_bs0;ord=7647416364528;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H2
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
an-x-request-uuid
0fd3cdaf-4b3b-4a23-9382-437c986ab71e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.10.205; 80.255.10.205; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
an-x-request-uuid
d9034173-c887-43cf-8019-485eb4052c3d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1282070%26t%3D2
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.10.205; 80.255.10.205; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
ib.adnxs.com/ Frame 8DCB
Redirect Chain
  • https://ib.adnxs.com/seg?add=22494154
  • https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D22494154
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D22494154
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CKbh95fxvoMDFQHMOwId3gYGLQ;src=8832015;type=rt;cat=rt_bs0;ord=7647416364528;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H2
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
an-x-request-uuid
eb811244-fd13-43ed-bdc0-3c601a7a5f12
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.10.205; 80.255.10.205; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
an-x-request-uuid
c45c2354-89ba-4027-9358-2dc5a797b08a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D22494154
x-proxy-origin
80.255.10.205; 80.255.10.205; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
dc_pre=CKbh95fxvoMDFQHMOwId3gYGLQ;src=8832015;type=rt;cat=rt_bs0;ord=7647416364528;auiddc=*;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;...
adservice.google.com/ddm/fls/z/ Frame 8DCB 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CKbh95fxvoMDFQHMOwId3gYGLQ;src=8832015;type=rt;cat=rt_bs0;ord=7647416364528;auiddc=*;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CKbh95fxvoMDFQHMOwId3gYGLQ;src=8832015;type=rt;cat=rt_bs0;ord=7647416364528;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
ad.ipredictive.com/d/track/ Frame 963E 		0
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.ipredictive.com/d/track/event?upid=107549&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&val=&tn=1907874470162&cache_buster=[timestamp]&ps=2
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CK_k95fxvoMDFdTIOwIdDT0P4w;src=8832015;type=rt;cat=donforms;ord=1907874470162;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.63.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-63-167.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:11:27 GMT
Connection
keep-alive
X-CI-RTID
748787a8-fe9b-4add-aad0-093869cb82fa
Content-Length
0
p
e.acuityplatform.com/ Frame 963E 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.acuityplatform.com/p?pk=9020304230610356278&pg=26254
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CK_k95fxvoMDFdTIOwIdDT0P4w;src=8832015;type=rt;cat=donforms;ord=1907874470162;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
154.59.122.94 Schiphol, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
Pixels
px.adentifi.com/ Frame 963E 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adentifi.com/Pixels?a_id=3405;uq=2035212916;
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CK_k95fxvoMDFdTIOwIdDT0P4w;src=8832015;type=rt;cat=donforms;ord=1907874470162;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.70.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-70-213.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
ld.js
dynamic.criteo.com/js/ld/ Frame 963E 		46 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=81237
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CK_k95fxvoMDFdTIOwIdDT0P4w;src=8832015;type=rt;cat=donforms;ord=1907874470162;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
abca992fa4e621e1b432acbd7111a6c3561a508229e1ae32873531feb1d24a17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
dc_pre=CK_k95fxvoMDFdTIOwIdDT0P4w;src=8832015;type=rt;cat=donforms;ord=1907874470162;auiddc=*;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=...
adservice.google.com/ddm/fls/z/ Frame 963E 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CK_k95fxvoMDFdTIOwIdDT0P4w;src=8832015;type=rt;cat=donforms;ord=1907874470162;auiddc=*;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CK_k95fxvoMDFdTIOwIdDT0P4w;src=8832015;type=rt;cat=donforms;ord=1907874470162;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1335104/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Tue, 02 Jan 2024 14:11:27 GMT
x-amz-request-id
9T8G4R1J257WC6ZV
age
55
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
EtXJZix6twxSRBOalXcDTYlF3ZXZJ0GOcu33LsL8+Qu9Bt435W8ywVX2VgQgr71/qWQ468QSryk=
x-served-by
cache-fra-etou8220089-FRA
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1704204687.095951,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
41
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
573
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=51266557178?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:44:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
59239
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 21:44:08 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssAfhgQKveqMkIu7Xm0Jtc78QakhctH7wlUKEd7VG4IdsaFQtZzzuvO_QN77ZysTP8fZuc8f-2Puiys8YD31S9MYo3TLTaiss169JG2VCBE5ZkQs-3L9g3HCnIzqE34aYybjT2AO4vOJe1gGRCj20O7lZDbJQ&sai=AMfl-YT37holCJ-8azMuNMVrZlOouOXotf5Hsv4AddD9hYulT83tbakLOqKhVtWl3-3Anyz6qf5BRV_kGVTLXAU&sig=Cg0ArKJSzDkU41Nt_JaoEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cisv=r20231207.52641&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=51266557178?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
up
insight.adsrvr.org/track/ Frame 0812 		0
60 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=2n62y3m&ref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&upid=b8lvzxo&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html
date
Tue, 02 Jan 2024 14:11:27 GMT
server
Kestrel
insight.min.js
snap.licdn.com/li.lms-analytics/ Frame 8DCB 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CKbh95fxvoMDFQHMOwId3gYGLQ;src=8832015;type=rt;cat=rt_bs0;ord=7647416364528;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Dec 2023 13:09:33 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=75780
accept-ranges
bytes
content-length
15541
bat.js
bat.bing.com/ Frame 8DCB 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CKbh95fxvoMDFQHMOwId3gYGLQ;src=8832015;type=rt;cat=rt_bs0;ord=7647416364528;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 02 Jan 2024 14:11:26 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 06E8859555224AC89B3EC522D5454603 Ref B: FRA31EDGE0519 Ref C: 2024-01-02T14:11:27Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
quant.js
secure.quantserve.com/ Frame 8DCB 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CKbh95fxvoMDFQHMOwId3gYGLQ;src=8832015;type=rt;cat=rt_bs0;ord=7647416364528;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 09 Jan 2024 14:11:27 GMT
events.js
tags.srv.stackadapt.com/ Frame 963E 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CK_k95fxvoMDFdTIOwIdDT0P4w;src=8832015;type=rt;cat=donforms;ord=1907874470162;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
5503d11c2a92f6ab58616eff9cb33cd627db8639f41c3ef78f6880015a4e7d64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:11:27 GMT
cache-control
max-age=5
content-encoding
gzip
content-type
text/javascript
bat.js
bat.bing.com/ Frame 963E 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CK_k95fxvoMDFdTIOwIdDT0P4w;src=8832015;type=rt;cat=donforms;ord=1907874470162;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 02 Jan 2024 14:11:26 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1A08CBBC336A4760864E546A4FD6A199 Ref B: FRA31EDGE0519 Ref C: 2024-01-02T14:11:27Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13187
quant.js
secure.quantserve.com/ Frame 963E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CK_k95fxvoMDFdTIOwIdDT0P4w;src=8832015;type=rt;cat=donforms;ord=1907874470162;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 09 Jan 2024 14:11:27 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 963E 		202 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CK_k95fxvoMDFdTIOwIdDT0P4w;src=8832015;type=rt;cat=donforms;ord=1907874470162;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 14:11:27 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
hrGU6Len7lMKh9zL+WljXGH/T/zwaFgiKzyXmJ4wH5lCGBvPhs4XnXzyD49dIMG4SiUJ+WSNNn+zg61VzMJ0LA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
event
ad.ipredictive.com/d/track/ Frame CFF8 		0
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.ipredictive.com/d/track/event?upid=107549&cache_buster=1704204687&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&val=undefined&tn=undefined&p1=gtm.js
Requested by
Host: js.ipredictive.com
URL: https://js.ipredictive.com/adelphic_universal_pixel.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.63.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-63-167.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
0
Date
Tue, 02 Jan 2024 14:11:27 GMT
X-CI-RTID
63fc532d-2515-4675-a776-630c7768da7d
/
a2.adform.net/Serving/TrackPoint/
Redirect Chain
  • https://a2.adform.net/Serving/TrackPoint/?pm=3179125&ADFdivider=%7C&ord=809998711815&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00...
  • https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3179125&ADFdivider=%7C&ord=809998711815&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312...
850 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3179125&ADFdivider=%7C&ord=809998711815&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&CPref=http%3A%2F%2Fgo.marchofdimes.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Protocol
H2
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d6b464961085b9382df1de7463fceca80ae0d387d2118392e6e9fcf2b3f0efaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
690
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
text/html; charset=utf-8
location
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=3179125&ADFdivider=%7C&ord=809998711815&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&CPref=http%3A%2F%2Fgo.marchofdimes.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
tb
fndrsp.net/ 		2 B
488 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fndrsp.net/tb
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDQ95oxIvCVAIzKys2nJkeGr8Tb%2BxZZiZeEX62eJcz0ImA6qiDf1C8z5L1TV3hzfuql2g1gpXQXgzVV2cBDAlBy942CS82q5zDAsMTuycwIB0bHR%2FgMZP5W4dLEX"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.marchofdimes.org
access-control-allow-credentials
true
cf-ray
83f3975f091404d9-CDG
alt-svc
h3=":443"; ma=86400
resolve
api.fundraiseup.com/checkout/ 		9 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.fundraiseup.com/checkout/resolve?key=AJPYNTWD&livemode=true&livemode=true
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61585b7029e203625c34db47091e75f023b36c6d34e3a71e63f494f8952a0b23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain; charset=utf-8

Response headers

fun_c_status
HIT
date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
fun_cp_status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
fun_c_ms
10
alt-svc
h3=":443"; ma=86400
fun_cp_ms
135
fun_t_status
HIT
server
cloudflare
fun_t_ms
105
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0NmpxzHysaJ08gDxQh1pB0iyhqaH6CjJO7GSPeXsGZYbbk3%2Fd%2Burzz5qdUueDmHX%2BpA%2BNFm2yvjOqiSkjhtbqqvUjFkLC%2BuV%2B65cMGYWI9jTp5PA7lx3n7seW0RxIsySDLtyhbk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.marchofdimes.org
access-control-allow-credentials
true
cf-ray
83f3975eccc61e5b-FRA
XTDESWHR.js
static.fundraiseup.com/embed-data/elements/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements/XTDESWHR.js
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
517aa5c6549c92ef5244d8e9df5d662310d50ca9419b12b9157e67ff640be3b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
A3819GG2J2PWCW2Y
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
LR8+SICLFbXG8a9ksYxtbR/BN6DcGzBW7kv38/Nsh2j3tymBsOzJrkTzU/mAnM+cvqB7YOYJJ48=
last-modified
Tue, 02 Jan 2024 14:10:14 GMT
server
cloudflare
etag
W/"88a40ec077d8e3a73aff5ba0a8ae0127"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qfj4Qy0JfmoX1KzTpDg%2BrR0Mru%2BP2ZGbd43l7oo%2FLFwmFHyQ7au9fwcCh%2F6xiBKJeZN2XliLXIoi%2FZdRC%2FUfxBXIswlS6oZMhUl5%2FpegVm0tX4KyX1iBEr9LJV4gvx2KjmZ0iCAqRzg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
83f3975ebcac1e5b-FRA
XKPELUWA.js
static.fundraiseup.com/embed-data/elements/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements/XKPELUWA.js
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bff4e5a01e8dd93a69abd5a5531d53cd891f65134c552718134e0adeda2be295
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
XV1Z4Q9YS85TKQ9R
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
pFWI6Yc0+u6PEi9re3OepZrYA+h2OYwkgOv4mXYkSgJ3zdRZ+j/odNI/F3OKI3A1Rn88ReYjijI=
last-modified
Tue, 02 Jan 2024 14:10:19 GMT
server
cloudflare
etag
W/"d9ccba06a738c5e01e9a85a29f1da6f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZllGoPFAWUKZTdgmKiKiQpCGo0Uzkka3tJPAzluTAcLHrubjl%2FluoVKM%2FqJLmWoKaEzc0lSYoOPY%2FtoGGCSMUyIEMpHJqzZkk8vb36aQK12BJuD2639bohPN7yr0%2FAmJD14AWr62AU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
83f3975ebcaf1e5b-FRA
XXTZBBEE.js
static.fundraiseup.com/embed-data/elements/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements/XXTZBBEE.js
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6109a9264c6bb75eaf69d45fd3fc6f193794adac940245584a014c10d334dda5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
68WCFG22F4P8T3JQ
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
/JEcokEK8Os4CkOsyIfxU+UsMIcH8/e+dthsGZnhXD2Q0caICYG+O68wcyiRYnV91GZofg9spDM=
last-modified
Tue, 02 Jan 2024 14:10:23 GMT
server
cloudflare
etag
W/"e6e67bdaa2cd00905d537372a5883457"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0guPrGMBnYX5PTrDNW8qZapls%2BvXG45L3pWYeYN0DYVRIJY494jPINgcwYfd8FEPBTpAub3q%2BhOU2n1%2BDy%2FnIntcxuiw7bn%2Foc9JprCL3lsBOtTqZZu%2BhXkuXF36aYq4NgFxsJHJxpM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
83f3975ebcb21e5b-FRA
XPKFWDNY.js
static.fundraiseup.com/embed-data/elements/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements/XPKFWDNY.js
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fb218a2b6a039eaf89cbd37cd1555bc0f0398efdffde33a410990feda30a3c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
0MSSVD1JWYPW7WQ1
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
EN6Atf9kflqgVGsduvi57BQaMICl4Ksp/4a9VGQasDljM+aRx9ykOEyoAilvO3Q7awkTCzmBRRs=
last-modified
Tue, 02 Jan 2024 14:09:11 GMT
server
cloudflare
etag
W/"b6f45d082613bd164faa1972ab35be8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2FDReL%2FUIMMSs%2BFeABhAbnknE6hI9xwi0U5Wh6uv5hp0rzgjrdToYG44e3r6MvFmGEJi4%2FlxSev%2B0tLn2kaH4USkeVewPo3ZubI1mtoxuZPikSMEnT3epoULcKtDIN5Gp46wucaREk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
83f3975ebcb61e5b-FRA
XJLGKPSJ.js
static.fundraiseup.com/embed-data/elements/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/embed-data/elements/XJLGKPSJ.js
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac93c14f7863cc7b7df8e279a534c4940cae9a66ae48192761c6b7c5986eee2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
A380KNE1HV1BH0HH
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
p0bTidss16ITu8X9ujZEoohGu1fWnAKTwT4yYIjK576VvRLKeYSVgsL67Y4HorhNzTCZgzFsk5M=
last-modified
Tue, 02 Jan 2024 14:10:16 GMT
server
cloudflare
etag
W/"d0e28a7707e3fe1515e6d50b834b1cdd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vMuoR4mxYzVfpYIhkN%2B2L%2Fc1WZV0Kj38HNp1IOxijeegfZlFWaN%2FdFug5mQFVS1MGzg5dDuDmTnwRN0wx%2FxTPVK6Knt58MjmfxrHWnk9ReVFj%2BlqUn6ndpI8VDRuLXDg1NsJ3pN6FrI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-cache, no-store
cf-ray
83f3975ebcb71e5b-FRA
main.MWNkZmM2YTcxMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		420 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHD93M3C77U7KUN3M5L0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.77 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-77.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8eeb23a1dcd42802d5d861556c6ae4848a05fd28cd22bb8ed884015b62eefd9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id
5feda2cf
date
Tue, 02 Jan 2024 14:11:27 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20231221122557B986ABE76B8CD56663E6
x-tt-trace-id
00-231221122557B986ABE76B8CD56663E6-2096D3EEC17520E3-00
vary
Accept-Encoding
x-cache
TCP_HIT from a23-38-99-141.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01088d68cae24d2352694993e646246cc586bbf96a053765581d29b7a0d5b91391388317a90f68bc45548eec3bb3ff36317836d730f583a3cb480aae1305256b06458d0cba6e61234a69cf94da485a71b101c5063bca7f6ad54a705d8e30fc89cb
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=17
content-length
112353
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/794610601/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/794610601/?random=1704204687165&cv=11&fst=1704204687165&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v869204397&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&hn=www.googleadservices.com&frm=0&tiba=Donate%20Now%20%7C%20March%20of%20Dimes&auid=114022055.1704204687&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-794610601&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
450bbdeb6f906a15f2941fc467d5d32c59fd29578a36b8aef1d1590d3986c558
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1545
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=391616635;source=gtm;rf=0;a=p-4LjrHyeV3QUW4;url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dma...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=391616635;source=gtm;rf=0;a=p-4LjrHyeV3QUW4;url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks;ref=http%3A%2F%2Fgo.marchofdimes.org%2F;uht=2;fpan=1;fpa=P0-894884628-1704204687032;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;d=marchofdimes.org;dst=1;et=1704204687182;tzo=-60;ogl=type.Page%2Ctitle.Donate%20Now%2Cdescription.March%20of%20Dimes%20donations%20go%20towards%20lifesaving%20research%20and%20advocating%20policies%20%2Cimage.https%3A%2F%2Fwww%252Emarchofdimes%252Eorg%2Fsites%2Fdefault%2Ffiles%2F2022-11%2FJAJEES_v2%252Ejpg;ses=04386de6-5528-41f5-ac6a-67092bddfa61;mdl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
pips.taboola.com/ 		64 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
9117a44e3398445da87c5ef674bc99a8e0e2d0cf42c60d7ba4a24d71bdb7e443

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
cache-fra-etou8220108-FRA
date
Tue, 02 Jan 2024 14:11:27 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.marchofdimes.org
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1621384747882069&ev=PageView&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&rl=http%3A%2F%2Fgo.marchofdimes.org%2F&if=false&ts=1704204687190&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1704204687188.33031171&ler=other&it=1704204687070&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 02 Jan 2024 14:11:27 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071894384/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071894384/?random=1704204687201&cv=11&fst=1704204687201&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v883981125&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&hn=www.googleadservices.com&frm=0&tiba=Donate%20Now%20%7C%20March%20of%20Dimes&auid=114022055.1704204687&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1071894384&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c16547857a50f0c9028a43638449177346ab0fce1ff973e5259995978d1fe31c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1543
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=d74b794b-8d69-45e9-932f-9e3f2508d7af-tuctc8d9f0e&uad=9a6ba811fc90def5a72f7aa42390c4cab40a1e1cabb90a1ade79c900d7e0a41f&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:11:27 GMT
cache-control
no-store
server
nginx
collect
px4.ads.linkedin.com/ Frame 8DCB
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204687216&url=https%3A%2F%2Fwww.marchofdimes.org%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204687216&url=https%3A%2F%2Fwww.marchofdimes.org%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2179642%26time%3D1704204687216%26url%3Dhttps%253A%252F%252Fwww.marchofdimes.org%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204687216&url=https%3A%2F%2Fwww.marchofdimes.org%2F&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204687216&url=https%3A%2F%2Fwww.marchofdimes.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQJISrSiC3GG-QAAAYzKg9nG45xBZmlUgC5JQmWH...
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204687216&url=https%3A%2F%2Fwww.marchofdimes.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQJISrSiC3GG-QAAAYzKg9nG45xBZmlUgC5JQmWH1QNjUKSA53dyqtRaxGEhJLE1tg
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CKbh95fxvoMDFQHMOwId3gYGLQ;src=8832015;type=rt;cat=rt_bs0;ord=7647416364528;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: D7AD4D78984746438394EA674EB5C58B Ref B: FRAEDGE1520 Ref C: 2024-01-02T14:11:27Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN9xMM3LstEvxzLoHkGQ==

Redirect headers

date
Tue, 02 Jan 2024 14:11:27 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 9C2CD4BBE6E24D91B6DF96C09CE60D7D Ref B: FRAEDGE1211 Ref C: 2024-01-02T14:11:27Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2179642&time=1704204687216&url=https%3A%2F%2Fwww.marchofdimes.org%2F&cookiesTest=true&liSync=true&e_ipv6=AQJISrSiC3GG-QAAAYzKg9nG45xBZmlUgC5JQmWH1QNjUKSA53dyqtRaxGEhJLE1tg
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN9xMKjY99T8Spwkiclg==
rules-p-uyn8UnTsRXguL.js
rules.quantcount.com/ Frame 8DCB 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-uyn8UnTsRXguL.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:a400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d375fb8f67575a449606683fc8be339674f03ff2fee1c42e632564d0b207c3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:33:09 GMT
content-encoding
gzip
via
1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
2299
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 15:08:42 GMT
server
AmazonS3
etag
W/"b4a376a3ece8af98e7567e60db986dc9"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
-byh0pRcUHhkE9uz2UMwyIOijcUZ8siTXJ6crZIetTfSfL9duj1b9w==
25042596.js
bat.bing.com/p/action/ Frame 8DCB 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/25042596.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 02 Jan 2024 14:11:26 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 094C2155F9DD4AD5864B2B9D68FF17F4 Ref B: FRA31EDGE0519 Ref C: 2024-01-02T14:11:27Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ Frame 8DCB 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=25042596&Ver=2&mid=1c300d4e-31d8-417c-824c-3a6731b161ef&sid=d1914600a97811eea0dfcf53c51d02ae&vid=d1914910a97811eea7381f491711b1c0&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.marchofdimes.org%2F&r=&lt=273&evt=pageLoad&ifm=1&sv=1&rn=261003
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CKbh95fxvoMDFQHMOwId3gYGLQ;src=8832015;type=rt;cat=rt_bs0;ord=7647416364528;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 02 Jan 2024 14:11:26 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 029665C0157340C698389B5E27FE4BAD Ref B: FRA31EDGE0519 Ref C: 2024-01-02T14:11:27Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
25042596.js
bat.bing.com/p/action/ Frame 963E 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/25042596.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 02 Jan 2024 14:11:26 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C2C727B578274DB79BE23F32B2C96D1F Ref B: FRA31EDGE0519 Ref C: 2024-01-02T14:11:27Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ Frame 963E 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=25042596&Ver=2&mid=80798193-2bb3-4adb-a77f-1baba195ab06&sid=d1914600a97811eea0dfcf53c51d02ae&vid=d1914910a97811eea7381f491711b1c0&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.marchofdimes.org%2F&r=&lt=285&evt=pageLoad&ifm=1&sv=1&rn=897230
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CK_k95fxvoMDFdTIOwIdDT0P4w;src=8832015;type=rt;cat=donforms;ord=1907874470162;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 02 Jan 2024 14:11:26 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 730ABC3121764708B1C72A08FFE8FE68 Ref B: FRA31EDGE0519 Ref C: 2024-01-02T14:11:27Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-uyn8UnTsRXguL.js
rules.quantcount.com/ Frame 963E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-uyn8UnTsRXguL.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:a400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d375fb8f67575a449606683fc8be339674f03ff2fee1c42e632564d0b207c3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:33:09 GMT
content-encoding
gzip
via
1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
2299
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 15:08:42 GMT
server
AmazonS3
etag
W/"b4a376a3ece8af98e7567e60db986dc9"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
XGi6-buUEz4_AJEBj5qf9EEWtzX8NqsfLUO--t8QW5kE7CjKeviljw==
812396462484872
connect.facebook.net/signals/config/ Frame 963E 		134 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/812396462484872?v=2.9.138&r=stable&domain=www.marchofdimes.org
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d30717f2e8dc64c231e7f24843ca4ba6c9076d5e838b08e4d6efc0ee66b9f9c6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 14:11:27 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
6VhvV+6MOjR9SfD8hq09bKVy53aGg0D29v0hXnsZkIixNTCvYjUfGcGGJc7Uqojkz3/23ZIQ7AxyWdBbFKapMw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
syncframe
gum.criteo.com/ Frame F2B0 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.marchofdimes.org&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=81237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://8832015.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:11:26 GMT
server
Kestrel
server-processing-duration-in-ticks
289475
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
identify_ce767.js
analytics.tiktok.com/i18n/pixel/static/ 		135 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_ce767.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.77 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-77.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id
5feda32a
date
Tue, 02 Jan 2024 14:11:27 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20231221122557C4626FD1568A47FE4CAA
x-tt-trace-id
00-231221122557C4626FD1568A47FE4CAA-7254BAA4F04347A4-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-38-99-141.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0109a1c48951fc8e959e6020b6a854d3b16f93ce2e2cc328d0ebb4fae8e34bb4e58b2b37f8396fecbf1ccc8fd3157a68ea0705e9c5163ba3e2119f796cf810f9e640ed166e52d7aaeb1e091ef15467fd9ed0fd5ace5f8afd7cd9a2c54e7c50fe90
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length
36128
pixel
analytics.tiktok.com/api/v2/ 		0
840 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.77 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-77.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
4bf6fa62.5feda33e
date
Tue, 02 Jan 2024 14:11:27 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2401021411278482E58FCF15689F20FB-2A953C07E1999E3F-00
x-cache
TCP_MISS from a23-38-99-141.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time
131,23.38.99.141
server-timing
cdn-cache; desc=MISS, edge; dur=98, origin; dur=38, inner; dur=35
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202401021411278482E58FCF15689F20FB
x-cache-remote
TCP_MISS from a23-220-104-21.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
38,23.220.104.21
x-tt-trace-host
0124359e713df8ca709285b8f2220f169929661c3ff141b21bf5e35b1ed354c61e5e06b2255f00ca4a4a582622179a45710b50e4ee52ea275dd4e9f066a223228ee306d1a10af87e6e0cbf6637ec74d99159ea111b302cf299ff06221bffa0dcade28f7dc48325da03280698968262b15e
access-control-allow-headers
Authorization,*
expires
Tue, 02 Jan 2024 14:11:27 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
700 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.77 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-77.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
5feda33f
date
Tue, 02 Jan 2024 14:11:27 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240102141127E9F1F1C89A33417CDF80-651FAB3809D09B0A-00
x-cache
TCP_MISS from a23-38-99-141.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing
inner; dur=50, cdn-cache; desc=MISS, edge; dur=7, origin; dur=145
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240102141127E9F1F1C89A33417CDF80
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
145,23.38.99.141
x-tt-trace-host
0124359e713df8ca709285b8f2220f16996f926795dc8a94923fa9c821a05645360ae9cdae81bb233d7e6e9e9346b72173eca95a8e9fa45b65c23a064c8c69953f984492c54f2a203b2f45c6cec8a64f85a4dce59c4f4855d53c31e2ad88960da8
access-control-allow-headers
Authorization,*
expires
Tue, 02 Jan 2024 14:11:27 GMT
pixel;r=862332803;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKbh95fxvoMDFQHMOwId3gYGLQ%3Bsrc%3D8832015%3Btype%3Drt%...
pixel.quantserve.com/ Frame 8DCB 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=862332803;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKbh95fxvoMDFQHMOwId3gYGLQ%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Drt_bs0%3Bord%3D7647416364528%3Bauiddc%3D114022055.1704204687%3Bgtm%3D45He3bt0v894218235%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fdonate-now%253Fform%253Ddonatenow%2526srcCode%253DGGGEOYEM2312CMR00130001%2526utm_medium%253Demail%2526utm_source%253Dmandr%2526utm_campaign%253D2023eoy%2526utm_content%253Dem-nat-mandr-2023eoy-2023-12-30-email-7%2526mkto%253Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%2526mkt_tok%253DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks%3F;ref=https%3A%2F%2Fwww.marchofdimes.org%2F;uht=2;fpan=1;fpa=P0-1047621333-1704204687218;pbc=;ns=1;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;d=8832015.fls.doubleclick.net;dst=1;et=1704204687299;tzo=-60;ogl=;ses=8df094f9-97a3-48ff-a3db-88273119516c;mdl=
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CKbh95fxvoMDFQHMOwId3gYGLQ;src=8832015;type=rt;cat=rt_bs0;ord=7647416364528;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
www.google.com/pagead/1p-user-list/794610601/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/794610601/?random=1704204687165&cv=11&fst=1704204000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v869204397&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&frm=0&tiba=Donate%20Now%20%7C%20March%20of%20Dimes&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_bALD3lTmUNOdBzwlv47VW6zOCBhYc3WBGZ6JoLJE-VMZZ1vl&random=3058338364&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/794610601/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/794610601/?random=1704204687165&cv=11&fst=1704204000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v869204397&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&frm=0&tiba=Donate%20Now%20%7C%20March%20of%20Dimes&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_bALD3lTmUNOdBzwlv47VW6zOCBhYc3WBGZ6JoLJE-VMZZ1vl&random=3058338364&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sa.css
tags.srv.stackadapt.com/ Frame 963E 		65 B
203 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d3b64adf949a01915c03bae247c1cbdd6f188e488e4fd7fdc349942b2a691fd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:11:27 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
65
content-type
text/css
sa.jpeg
tags.srv.stackadapt.com/ Frame 963E 		0
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:11:27 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
content-type
image/jpeg
pixel;r=2079548246;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCK_k95fxvoMDFdTIOwIdDT0P4w%3Bsrc%3D8832015%3Btype%3Drt...
pixel.quantserve.com/ Frame 963E 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=2079548246;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCK_k95fxvoMDFdTIOwIdDT0P4w%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Ddonforms%3Bord%3D1907874470162%3Bauiddc%3D114022055.1704204687%3Bgtm%3D45He3bt0v894218235%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fdonate-now%253Fform%253Ddonatenow%2526srcCode%253DGGGEOYEM2312CMR00130001%2526utm_medium%253Demail%2526utm_source%253Dmandr%2526utm_campaign%253D2023eoy%2526utm_content%253Dem-nat-mandr-2023eoy-2023-12-30-email-7%2526mkto%253Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%2526mkt_tok%253DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks%3F;ref=https%3A%2F%2Fwww.marchofdimes.org%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1332374161-1704204687221;pbc=;ns=1;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;d=8832015.fls.doubleclick.net;dst=1;et=1704204687303;tzo=-60;ogl=;ses=8df094f9-97a3-48ff-a3db-88273119516c;mdl=
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CK_k95fxvoMDFdTIOwIdDT0P4w;src=8832015;type=rt;cat=donforms;ord=1907874470162;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
www.google.com/pagead/1p-user-list/1071894384/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1071894384/?random=1704204687201&cv=11&fst=1704204000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v883981125&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&frm=0&tiba=Donate%20Now%20%7C%20March%20of%20Dimes&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_6HgYsFgLFHB1zLuQsUE6_zLCTXOu3I3N77F69KniG8Rxzdqg&random=1951992895&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1071894384/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1071894384/?random=1704204687201&cv=11&fst=1704204000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v883981125&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&frm=0&tiba=Donate%20Now%20%7C%20March%20of%20Dimes&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_6HgYsFgLFHB1zLuQsUE6_zLCTXOu3I3N77F69KniG8Rxzdqg&random=1951992895&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1.5872cb4a8c7e.vendors~button-group-v2~debug-panel~donate-button-v2~donation-form-v2~donation-levels-v2~donor-map~f~e65c2349.js
static.fundraiseup.com/ 		30 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/1.5872cb4a8c7e.vendors~button-group-v2~debug-panel~donate-button-v2~donation-form-v2~donation-levels-v2~donor-map~f~e65c2349.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/8404ac38d731.elementsApi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9719b638317091bed0ab518c0ef99c5dbf1a3083d8b481673d376c47b3da124
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
0AAF602NEP314STH
age
2179657
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
GAZAeaRCADQ/DIW6gK/+G4gRxi1A1IXrSs0pb1x8wcBf067A6ugNWnRKymJK2KC69xznj1m8JUE=
last-modified
Fri, 08 Dec 2023 08:26:00 GMT
server
cloudflare
etag
W/"f57799c72cbd1c6941978c660aaa9f6a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2GJ2rWvxDVbD62KANewPbfB3vWYeCegpIqK48iKk07Zhwnfkpc0UurJZAHZQ%2BFp3EMLVioNZOIZkc%2BXxjrxDnpgBoxCDsAe4u65mXea5Rgo%2BJ8Tc7ZUNrHtuD5hA7BCf8o7mfMqapI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f3975fefd3382e-FRA
389.813e7f9b9882.text-link-v2.js
static.fundraiseup.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/389.813e7f9b9882.text-link-v2.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/8404ac38d731.elementsApi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ed0a4e695771f9903b95ac84166dbb8b89a5f6ead020bdba7fccce3d082e2f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
32V80D42BV5C29VN
age
361798
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
2xDHP48ufjvN6vA7Q/Wley56ZX9C7uhe3zRp5csA1noGm+RbHqzDCj4GafmzkbfAj0xVpWq5xpQ=
last-modified
Fri, 29 Dec 2023 09:23:30 GMT
server
cloudflare
etag
W/"ccadfbcf047d907051c579f0f7f797dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JnEBcMCNm1zjV%2FDnTvNAnO5WOoGt4XXopop4RW6iH%2Fa2Gz4W1ANgFJ3mDC2cBctFnVWYD6h5TcHV8DT6nVX9v8K6dF7FeF%2BQZW%2BDXAmcbJzJpikZJuqXX4KW3XL0J6cbex0D%2BwIkZP8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f3975fefd5382e-FRA
sid
mug.criteo.com/ Frame F2B0
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=8832015.fls.doubleclick.net&sn=ChromeSyncframe&so=0&topUrl=www.marchofdimes.org&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=GjA3AHw2QWFQYXl1eTFFZjRWMnZQWEcycXFLQkMrdUFCU0RBcmhndE80SjE5b3NEN3F5Tzk3YkMyeTVNcEpJdWs2cHhSam9lRkNPRUVOMEFmZTl2anE2WE5YekxqN09GU1cwQkhZazBaeEJDeVBRaXNGMGhGOGZ6QjM1ZG...
451 B
668 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=GjA3AHw2QWFQYXl1eTFFZjRWMnZQWEcycXFLQkMrdUFCU0RBcmhndE80SjE5b3NEN3F5Tzk3YkMyeTVNcEpJdWs2cHhSam9lRkNPRUVOMEFmZTl2anE2WE5YekxqN09GU1cwQkhZazBaeEJDeVBRaXNGMGhGOGZ6QjM1ZGlYVzJJMHRZK1VURW9xbTNUNnY2Wmh0Tnp1dHdOOTNXNFl4eG1DLzljTHVLVHhQOGJJaW91QmVsM1l3OUJpYWxQY3lTVXZ1N3hua3BUWWhneWE3aG9YRmNObFlNZjFkTmpmSFFQK0NQYTdXeGtINTM0T3NjVy9tYnIwckFSODNNTXBBNGlFWEM4M3hZcEZ3QTJZbEw2YzVKRzZ2NGtvWHlHOEoxVEFiUE1QcUxyMGlPUUV4Zlc1dXBDTlR6dkhSQUdYVnJkSnYrdnw&cppv=2
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CK_k95fxvoMDFdTIOwIdDT0P4w;src=8832015;type=rt;cat=donforms;ord=1907874470162;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
95b5364598cbd72a2321515750dc9ce4137ac7ee8ca5a8b4350cf823998c4045
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:26 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1318637
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:26 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=GjA3AHw2QWFQYXl1eTFFZjRWMnZQWEcycXFLQkMrdUFCU0RBcmhndE80SjE5b3NEN3F5Tzk3YkMyeTVNcEpJdWs2cHhSam9lRkNPRUVOMEFmZTl2anE2WE5YekxqN09GU1cwQkhZazBaeEJDeVBRaXNGMGhGOGZ6QjM1ZGlYVzJJMHRZK1VURW9xbTNUNnY2Wmh0Tnp1dHdOOTNXNFl4eG1DLzljTHVLVHhQOGJJaW91QmVsM1l3OUJpYWxQY3lTVXZ1N3hua3BUWWhneWE3aG9YRmNObFlNZjFkTmpmSFFQK0NQYTdXeGtINTM0T3NjVy9tYnIwckFSODNNTXBBNGlFWEM4M3hZcEZ3QTJZbEw2YzVKRzZ2NGtvWHlHOEoxVEFiUE1QcUxyMGlPUUV4Zlc1dXBDTlR6dkhSQUdYVnJkSnYrdnw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
320902
content-length
0
expires
0
307.3df928c14096.donation-form-v2-styles.js
static.fundraiseup.com/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/307.3df928c14096.donation-form-v2-styles.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/8404ac38d731.elementsApi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81cde3f01b38120a310a1511896c42f68a46f83b6a5ea874ca447de65563cdc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
QZVAAGWTYKY9X6VK
age
361798
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
LyAV2W81zX44RRkOddCEhtcvGdPCJXEB+xF1BjCIw4CRyRmy5y/XsUT3sKpgq6PzhhjC657t2BE=
last-modified
Fri, 29 Dec 2023 09:23:29 GMT
server
cloudflare
etag
W/"7b20bde1eae8635ea029b426c8f07f8a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tcCaTLltIXumkVzTXEZJ1dxWjr6PrM%2BgyX%2Fso7Wj4YjWCpB1hpqbmqwrUYCJw%2Bnz8gOHDbrFwoGeUVWjrCOJeOXM%2FuTesh2kt5P3HPMo0NjjG6dNunK3Bp7QKb8o9sRky7ag9Gd9ufc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f397600ffe382e-FRA
305.1b1d79659d99.donation-form-v2.js
static.fundraiseup.com/ 		84 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/305.1b1d79659d99.donation-form-v2.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/8404ac38d731.elementsApi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98b2231b86974817ee296cd79e82374ecaae68b096638100e4bdd0b0386a2997
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Q3RY0FJSFG5GQTAE
age
361798
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
wjAxgR7p9IDsIyNiUCbQkJi693x+tf674r+bgKfhw1TdL61QpoamZ1k+J0ULFeSsslJxhv8zfGw=
last-modified
Fri, 29 Dec 2023 09:23:29 GMT
server
cloudflare
etag
W/"6e5927e25767d3d52a94d444fade75b5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4MwtRmSglKj%2FutK%2Be9II3Fdh06g6l%2FRPJiB81b1jEDcZ8S8or8QCiXMFRF0wQPKT7ZtrrzOY6BOeiCfbrNj%2FE9%2FLWyzgHzZOH3FvNfy1%2B9BNtNz5kejzk4v7oP0zSrVi49zk2AOZcgc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f397600fff382e-FRA
event
widget.us.criteo.com/ Frame 963E
Redirect Chain
  • https://sslwidget.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252...
  • https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252...
10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=ACR6VF82T0JQZ09XY1dOeFYlMkJDWkxYZ3NNYnBCNzAzUm53SldWbzN0NWZmSzFFbnRoamJRNmtBOXdldFpmZ3I4ZXBkS25Xb09lTHFyVEJ2UyUyRmZLbHB1NEVHUWxJMDQwc2hTU1Y1Yzl2UTRlbDZxdTNNNFdVZk1UeXdlZlM2ODhoWHQzTzNoYiUyRnpPcjZNZmtFMGZiSURKakVLam1FaUglMkZBVyUyRmRZSWtTNThWcmgyRzdBJTNE&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=6c5e13f6-6969-4fa3-8439-34bc1bf17806&dtycbr=45700
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CK_k95fxvoMDFdTIOwIdDT0P4w;src=8832015;type=rt;cat=donforms;ord=1907874470162;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
917c4576da1400425368a4e9d2e434dd7558ced44112a03e24349a8b40ee848b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
26140046
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-origin
*
location
https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=ACR6VF82T0JQZ09XY1dOeFYlMkJDWkxYZ3NNYnBCNzAzUm53SldWbzN0NWZmSzFFbnRoamJRNmtBOXdldFpmZ3I4ZXBkS25Xb09lTHFyVEJ2UyUyRmZLbHB1NEVHUWxJMDQwc2hTU1Y1Yzl2UTRlbDZxdTNNNFdVZk1UeXdlZlM2ODhoWHQzTzNoYiUyRnpPcjZNZmtFMGZiSURKakVLam1FaUglMkZBVyUyRmRZSWtTNThWcmgyRzdBJTNE&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=6c5e13f6-6969-4fa3-8439-34bc1bf17806&dtycbr=45700
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
6113092
timing-allow-origin
*
content-length
0
expires
0
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c9e466876957.woff2
static.fundraiseup.com/_/packages/common-fonts/ibm-plex-sans/ Frame CFAC 		52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/_/packages/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c9e466876957.woff2
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
AR2AXRS8DTR59APK
age
2344889
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
53064
x-amz-id-2
dHgD6bq88io6Eo+rNLsYn5iQoAP+Mr6OUPe/k08nfTwOz6Ago7Wv23k0kDBVuggy1SUcs7rZguA=
last-modified
Wed, 06 Dec 2023 09:28:26 GMT
server
cloudflare
etag
"c9e466876957e9d2128f63b225a81ae3"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZlzy%2FqqE9WFblH3fY2DaWLCHm9%2FeorlHSMDALPD7frjsg7s%2B8%2FVB7LVqAfPPIsDj2FgcFGR2OJm5uhbY%2B1QU5MNKvanvVD4h6kIJgQqOibWnqS1ukQPNqHVS%2FglSC0p65129Avk30c%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83f397608bdf1901-FRA
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2
static.fundraiseup.com/_/packages/common-fonts/ibm-plex-sans/ Frame CFAC 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/_/packages/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
84KHK3DVRCQNMP28
age
2348192
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
56996
x-amz-id-2
5M6rlAJmAHa7aXcdxLThzK8qxRv7t6eIIFLQAAAFkD245N77bXA5uj5pZnhgdpbZpJ80oG7ss/U=
last-modified
Wed, 06 Dec 2023 09:28:25 GMT
server
cloudflare
etag
"643ad5d92cd7c31076790077c3003abc"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=neD%2FFRH%2Bab6%2BVTQDP%2B9b8d8RGWBpIxE5A63VgRc85rOt0vqy2uWOmkQTK1hA29DeTdb3amn70g4qcGsuXLu%2Be3SAhv5iz%2FgI7zjQSmKb%2B67qC9%2Bjv1OyCd4WYEF%2BdL%2FcgLEQtY2PFWk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83f397608bde1901-FRA
/
www.facebook.com/tr/ Frame 963E 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=812396462484872&ev=PageView&dl=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCK_k95fxvoMDFdTIOwIdDT0P4w%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Ddonforms%3Bord%3D1907874470162%3Bauiddc%3D114022055.1704204687%3Bgtm%3D45He3bt0v894218235%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fdonate-now%253Fform%253Ddonatenow%2526srcCode%253DGGGEOYEM2312CMR00130001%2526utm_medium%253Demail%2526utm_source%253Dmandr%2526utm_campaign%253D2023eoy%2526utm_content%253Dem-nat-mandr-2023eoy-2023-12-30-email-7%2526mkto%253Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%2526mkt_tok%253DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks%3F&rl=https%3A%2F%2Fwww.marchofdimes.org%2F&if=true&ts=1704204687444&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&ler=other&it=1704204687226&coo=false&rqm=GET
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CK_k95fxvoMDFdTIOwIdDT0P4w;src=8832015;type=rt;cat=donforms;ord=1907874470162;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 02 Jan 2024 14:11:27 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
4537.6416dff170ad2bc44ace.js
static.fundraiseup.com/ 		255 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
225cd565a241fd2329d7fbdc32be0c9d94ac4692b5f9b507454604980a418c70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
S21078K2M5CGP2V1
age
1829619
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
v1kEekxeIzjHkCx5RmMfQ6uoxu6GZnANGlUiQXWxLWjfeG1ESexmcpLa0nvFm32+NN2KZBj8do8=
last-modified
Tue, 12 Dec 2023 09:38:59 GMT
server
cloudflare
etag
W/"6631e21e1b1afb4c947a250e1103a883"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W5J7Qj00q81LqLmvNQ2ASvDXQeN2vKRE%2FqzNHcreElmBRpPP83eF%2Fg1Z40eTEzgjkpMIl2Q%2BZuU%2B1YJ9uXEa7nzHaMNt0YfqG4Mpry17twYCcfApnQV4O5vkLXAUWKgGj325UT5JXFU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f3976098e7382e-FRA
checkout-locale5.7e0a358918592a77200a.js
static.fundraiseup.com/ 		58 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/checkout-locale5.7e0a358918592a77200a.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0759fd6bed5370e4bc3c573dedceaeef9d7b64efc7343a10d0b147ac0b04ad53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
0W0G9HRV5XPMY4SR
age
17776
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
K5my0TPKLumpagYXNrTKDAIOMs1fGVkN5n0sDb7/X6PMdw2ODpJyZkXgHvNKhu/rf7nyXzrmXt8=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"56b3b76377ff34bb2c3f1fee29151d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXajU5nIYhn9o7%2BYxTWMrWFTv8xJSDnTH2Boc8zDUdsIR%2BC%2FsB6glH%2Fwkv6QTYxIHkEoqK3avQNxQX7HeDN4U%2B7H4n9J0%2Fd53tvLDfKYzWLA3%2FDDCPCHnzdLVt9yIucK2b6%2FsadLzJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39760b90f382e-FRA
/
js.stripe.com/v3/ Frame 1779 		579 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a1571d86b8170f5143bc5696c881e5314244228cc2451696f383bb1080af84b2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:10:58 GMT
content-encoding
br
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
30
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:43:17 GMT
server
Cloudfront
etag
W/"4ec63ff996d5aa25b29f0a90d2021ae0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
45USe6WhMLhsh1IGDWVnbWNVoJpwZmUCOUfaK8d0Qdg_BGPPQ6aTpQ==
/
js.stripe.com/v3/ 		579 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a1571d86b8170f5143bc5696c881e5314244228cc2451696f383bb1080af84b2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:10:58 GMT
content-encoding
br
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
30
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:43:17 GMT
server
Cloudfront
etag
W/"4ec63ff996d5aa25b29f0a90d2021ae0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
kDEHu3GJbY259w1w0B1VfwuxWn1fT4f_LqxZNtIRCBt2oHHnE9z9Pw==
saq_pxl
tags.srv.stackadapt.com/ Frame 963E 		116 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=zFWBFWbS14YYtkU1aQYdUw&is_js=true&landing_url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks%3F&t=&tip=1FPm0i4FP1NmqEclepqWy_IeHBul1Ghq3mENJTmMr68&host=https%3A%2F%2F8832015.fls.doubleclick.net&sa_conv_data_css_value=%270-0f71840c-5471-5da1-5f3a-09412cad5991%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd90f71840c54715da15f3a09412cad599150ff0acd&sa-user-id-v3=s%253AAQAKIE5XVrVva16qb5ECRMugLQu3wpQWh_1U3ub5MZSOorisEHwYBCCPs9CsBjABOgT90vuTQgQYcqyB.yyzJHwH8KZTtqLT6Tc05jn80OrufDTXT9X4d%252FLoRYJM&sa-user-id-v2=s%253AD3GEDFRxXaFfOglBLK1ZkVD_Cs0.iPSNVofU1q21OJQoU7GlH%252FZ7h0qTQcGXsBsAiW66ukw&sa-user-id=s%253A0-0f71840c-5471-5da1-5f3a-09412cad5991.KoRVNwZj4f75qyycvc%252Fc8UCM2HsiAjTlAaX5VDW%252Bn58
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ae4ad442fdfac1ade543efd816459a6dfba4aeb6583e6e8cc17aee1dfacb65d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://8832015.fls.doubleclick.net
date
Tue, 02 Jan 2024 14:11:27 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
116
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
/
sentry.fundraiseup.com/api/9/envelope/ 		2 B
165 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.fundraiseup.com/api/9/envelope/?sentry_key=e4f08d23cf4e4dd080d8b4853ea3f102&sentry_version=7&sentry_client=sentry.javascript.react%2F7.48.0
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
40.160.4.235 , United States, ASN16276 (OVH, FR),
Reverse DNS
Software
Caddy, nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.marchofdimes.org
access-control-expose-headers
x-sentry-error, retry-after, x-sentry-rate-limits
date
Tue, 02 Jan 2024 14:11:27 GMT
server
Caddy, nginx
content-length
2
vary
Origin
content-type
application/json
act
analytics.tiktok.com/api/v2/pixel/ 		0
842 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkZmM2YTcxMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.77 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-77.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
e9890ff.5feda3dc
date
Tue, 02 Jan 2024 14:11:27 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2401021411270BCAB5FB802B8A261E2A-3EF8C84B0D7AA327-00
x-cache
TCP_MISS from a23-38-99-141.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time
117,23.38.99.141
server-timing
cdn-cache; desc=MISS, edge; dur=91, origin; dur=32, inner; dur=28
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202401021411270BCAB5FB802B8A261E2A
x-cache-remote
TCP_MISS from a23-220-104-219.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
32,23.220.104.219
x-tt-trace-host
0124359e713df8ca709285b8f2220f169929661c3ff141b21bf5e35b1ed354c61ec03a61bb2534fbfced3aacb21d554c62a57f444b2d7515e326d2885078c099b03e5974e915630f95454f6a4ecc1157105731106ce745833bfe4428509d236354ba909773fa97fae97ad52fd8652229ce
access-control-allow-headers
Authorization,*
expires
Tue, 02 Jan 2024 14:11:27 GMT
unifiedPixel
tr.outbrain.com/ 		53 B
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=024640205857725395&referrer=http%3A%2F%2Fgo.marchofdimes.org%2F&marketerId=00cffee659fe578dc2dfc7fa0fb839455e&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:11:27 GMT
Cache-Control
no-cache
content-encoding
br
X-TraceId
64897b82c9f3b28eb6571c91e31e690f
Content-Length
54
Content-Type
image/gif;
4149.32a922016f7e5178a83a.js
static.fundraiseup.com/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4149.32a922016f7e5178a83a.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
564997debc20f446a4f38720248e1dbaaaa15ee5e40de23c946a0af7aadc6b47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
MSA5T76S7735Y9CW
age
1057024
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
xI4gvLUTKUg6XsTNZtpYeXWH1fJBYP78UURlqaTZkJvxKMbyFgwzH6ZU5LIF1g5S0lfvPVOvYdBb5sRRWBO0nA==
last-modified
Thu, 21 Dec 2023 08:15:26 GMT
server
cloudflare
etag
W/"445f9c6560ac0fc0117d54656e7319fb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGmVNapRJWYI3qVP8G5dXoIyztihQMvFtrSVwRHmOofgzSBvd03JOQITj%2FOAjWlFUvyux9KNDhTOjl9K3Fn6SgxJfevo6zmb6btUHFeKfPf6pW002xvUF4pN%2BaGbDXTEq%2FvJK1FkqSE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39760e950382e-FRA
109.85cdd6cd186cb7f30f03.js
static.fundraiseup.com/ 		28 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/109.85cdd6cd186cb7f30f03.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f9e60e6bf41a5af731690552807e6e4ca7be8994fd8804b9cf15592d3ef5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
N4WETSTFADH4NHY3
age
970676
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
iBNClBHeoILhh1uDQpwGtjamsJKoOL6kwX6+tO5FDX90uGPuGi+tS1QOKlmd+oZI69/OJpytVGM=
last-modified
Fri, 22 Dec 2023 08:14:13 GMT
server
cloudflare
etag
W/"85e49c2822c4eaabf5554ff2a96c10c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HH7MZ3RIJ%2BZndxAgayX2XfRa9n2QFAcS4QtLuxDEf9TVa9cPt%2FEBugECuSBqJX3uM7hIfMoSht37FK9sEHyUNg4CLlkAesfA4NA4E2Cmt%2Bo0DoUbPr0ulzOOO%2FoxU3QEK%2BfiEAq3JOY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39760e955382e-FRA
4022.1aa6f4635e0102fe80c7.js
static.fundraiseup.com/ 		170 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4022.1aa6f4635e0102fe80c7.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1f92dcc7494187b5787cabe4834de25f4502ff2aa4228956b919785118df04d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8Y82KRF9R74Z5H
age
18422
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
qjgpbhrcnHJ3fvAG9MjTWiLBCCELH+p/TynhYTBwvcgm9wIsAQYK1oZmD7+44pKuAP5E5nSSyVw=
last-modified
Tue, 02 Jan 2024 08:46:53 GMT
server
cloudflare
etag
W/"3ff165845b9f2369bd1e145b654836f7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lciST9suofV3xBGb9sCeSXe8w%2FzkWyEudsSwBmbqfA4aRVF3bU8YBL49IFkRrbLWZa8New5GzyuJQZMn%2F5UzFMcz6uRHQIyrk%2FXa4gEWpwj9qVhM8sTA1Qer%2BzBXjCjpjvcQVMD8EK4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f39760e959382e-FRA
2739638084348341472
api.fundraiseup.com/paymentSession/ 		578 B
926 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.fundraiseup.com/paymentSession/2739638084348341472
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4b502c11c0543e983db580fb0a451c152c6eb3f3be3e1fd84059900420cacc8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' fundraiseup.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain; charset=utf-8

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
content-security-policy
frame-ancestors 'self' fundraiseup.com
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400
x-response-time
228ms
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.marchofdimes.org
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TaLXuJ%2FY9SO8KpiA1%2FvhjivWpMM5Ea%2B8QZWsY6n6oXxVDs1f%2Fb4j2j1DRaEOqSvMfy9okx8JUAU%2FWXMHW1zJ0NjM3FTVN05qjTlHDoAuaT%2FCP25XjjhStN%2FZTr4oMxIirfD9lSs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
83f3976149bd382e-FRA
expires
0
5021.69a8a47ee2972d7403b1.js
static.fundraiseup.com/ 		253 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/5021.69a8a47ee2972d7403b1.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6432a66c7d8240059ca76b571620dd0f54b4d3a5dc05fccf8cff7c8304bc9493
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KHN27Z1109N5TZ0X
age
196213
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
yoDNNROVaeK+KyQahsxI40Riep/BjDLQzjz7WDpSbAXM4VmbvVP9a/xQAmys51+y6Gle++dqJUs=
last-modified
Wed, 29 Nov 2023 14:59:27 GMT
server
cloudflare
etag
W/"d4f127ab7620fb2bfb2e93a462d59163"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PLpkTvg3rDag%2FyXYQeSVVEkG%2BXI2yKDUYa2bkbR6pP%2B%2FHfWlCJMaOm9albLiV68h20qYXUnfcOjHFBGDdF1JfqUiQ6mArrjPp14iENNjKBFHJbrgtwz4wZWyRwEX9toaJ8JYvvbpt6k%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f3976149c0382e-FRA
4365.3c47b14cec912f3f2597.js
static.fundraiseup.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4365.3c47b14cec912f3f2597.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69c942423058ca7c0d54a661d67cded9d06b9f030dd45e434bcc72cd150e7e92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
P4DEQY4WVMCNK2CE
age
1315357
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
IUqlUZqbPFPRu0uCKnkJx5/I34lb4UlkNRyYmJN9eqY31bzuHf/G/r8IkT3CRmw+ot2lwUkkdkA=
last-modified
Mon, 18 Dec 2023 08:17:57 GMT
server
cloudflare
etag
W/"e235a91c7b1026c12729b0ccc59690b7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4asaTbn87X6NQvrowiEf0EvdqdeV497yZQ5EwKi%2Bv6upvHyCENiEc4WGIfX%2Fx5UbZa4sAH%2FdCAl7tO%2BLGY0BwLbkNmtnTLQwDEM2WiAe43g43DLkEwro22t%2BKPh2myOmdcLlJrek%2Ff8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f3976149c3382e-FRA
9722.efb7c58e3e474cbf152b.js
static.fundraiseup.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/9722.efb7c58e3e474cbf152b.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55934d27fdb4a14ddc59cac40e940a9c8100acc76c156e9be5f3b9c0dff6569f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Q3RMZ5S1Y2VMDHPM
age
361886
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
UGf0FeYHr6RCLHS2+PeNIoXGd86kqYTOChj6p9sX5cMmeqMgE77S4bNUNDya1uHCXpeKQpl6SJg=
last-modified
Fri, 29 Dec 2023 09:23:31 GMT
server
cloudflare
etag
W/"ee5cbbfe6c1f87870f508d95c1085e92"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YxHUED3oEl7nlt2roEj6jk0s213%2FHQIoPnWjv9HTfyMouMo3d48d41ugNRZC41ZiGoVNZFC8WDnFswvk3gzsKbcogl2SuDOQC%2FnYwmELcdMkqPcTpvUaSEIHXLPj0n%2BMrLREC8TWcgo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f3976159ce382e-FRA
6267.5aa879fe84868b48faf9.js
static.fundraiseup.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/6267.5aa879fe84868b48faf9.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c2e62deea90ad8ea208037abde538d6100d5a3efce136c89e64a80c1b1c6b07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
80SZ2P6TQN6NJF0K
age
970675
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
qS8ha1Mu4PcaISDtcHqFEoj6kqfqMQrO5Uwy8TXtCuiYLyJGMoqS8WtmOtCaBEAceVkc38gWsk8=
last-modified
Fri, 22 Dec 2023 08:14:28 GMT
server
cloudflare
etag
W/"fd37e6df21da71bc4f7e20d1d5c66776"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gTjLNERQRwYcQbndqjN06EeL9liaNuJj0Xm78G6Yzhgc7EZ2aPCQfN7R4ztOueHNiCmjYErpjJavTRhsXpQ0o7JRg8YJKhfaHiBOs7CFZrkQzpEYzfGR61spdYTt7RQZcSKdDsQoA6Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f3976159cf382e-FRA
1546.acd6010561bea827780c.js
static.fundraiseup.com/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/1546.acd6010561bea827780c.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4660c763169716a38ee1153d2cc4eca87ca421195d67bd89ea964b10bfbacac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8XNVRAA2SMRTMS
age
18422
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Xc9UUfweCEaMetafTEEygyYctWJYYCg3nGU/14S+ywpwH3rZnxdp+t93Ysc/k7qQCM5b/jCU0bo=
last-modified
Tue, 02 Jan 2024 08:46:51 GMT
server
cloudflare
etag
W/"61b4f037d3e70607ce2de6911ed45e37"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IRE%2FuX%2F9KR24ilifYAC5phWD3AYcjFLin%2BgYmxs9SRtYVl63TCaN9vf%2BTa4BmWaiiOSA0Q3HRAJI6boIkgQScCj1LcnDk6wGutal5nsS1okhO3%2FF1Q1i4oaqwVGyiaBpCzY3L0V2t%2Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f3976159d0382e-FRA
js
www.paypal.com/sdk/ Frame 1779 		293 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&merchant-id=QC6F4C27ZTBFE&currency=USD&disable-funding=venmo&locale=en_US&intent=tokenize&vault=true
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2972ea87cd5c4adceba0baf8d735c0dae6512fd7bb276586f5ef9b707b2cde92
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-TbiNbbxNlBRx4YgjhZT0vpIhCh5qGVSH5ScQHsRyFoxZrQJJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-TbiNbbxNlBRx4YgjhZT0vpIhCh5qGVSH5ScQHsRyFoxZrQJJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-TbiNbbxNlBRx4YgjhZT0vpIhCh5qGVSH5ScQHsRyFoxZrQJJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-TbiNbbxNlBRx4YgjhZT0vpIhCh5qGVSH5ScQHsRyFoxZrQJJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish
date
Tue, 02 Jan 2024 14:11:28 GMT
age
0
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
true
paypal-debug-id
f3766499c2a02
server-timing
"traceparent;desc="00-0000000000000000000f3766499c2a02-44d7377aebae13af-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
79959
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220069-FRA, cache-fra-etou8220069-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f3766499c2a02-e9ceeb38f897edc7-01
x-timer
S1704204688.685239,VS0,VE603
etag
W/"13857-AG4O1rLG9TW0jCSwL9/a1psyNB4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame CF41 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2417
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 13:31:12 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
x-amz-cf-id
T4jICqCEjztMy2sbCM9tshd_wX6MN9WaowKznArNxJBDNII_3I8fkQ==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
controller-a8db3be7204dff5e963b6f0fd5121b28.html
js.stripe.com/v3/ Frame DF30 		325 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6304ca07d33fa966939847acddaf96bb7f3b5d0a926e2122882bfc30a902c266
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
50
cache-control
max-age=60
content-length
325
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:10:39 GMT
etag
"a8db3be7204dff5e963b6f0fd5121b28"
last-modified
Fri, 22 Dec 2023 21:08:02 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
x-amz-cf-id
1j0brfBFWg-p3tOWEizAitmSevksJTy4yjBCEtX-VUXCo-HdCBivYg==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
controller-a8db3be7204dff5e963b6f0fd5121b28.html
js.stripe.com/v3/ Frame D160 		325 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6304ca07d33fa966939847acddaf96bb7f3b5d0a926e2122882bfc30a902c266
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
50
cache-control
max-age=60
content-length
325
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:10:39 GMT
etag
"a8db3be7204dff5e963b6f0fd5121b28"
last-modified
Fri, 22 Dec 2023 21:08:02 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
x-amz-cf-id
upTW3My1ZhA9i6O4oSKSHnclrzkENvSfSIHJGZZwIF82nlZP79aEGQ==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
pixels
c1.adform.net/imatch/ Frame 2D25 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Requested by
Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=3179125&ADFdivider=%7C&ord=809998711815&ADFtpmode=2&loc=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&CPref=http%3A%2F%2Fgo.marchofdimes.org%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
40970414ca5ea4a2d6a32b5eaeeba2f74e144159f7cadbe9f9f582f0df5dbee8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 14:11:27 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
/
a1.seadform.net/serving/cookie/sync/ 		35 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a1.seadform.net/serving/cookie/sync/?uid=2724977328310641832&stamp=kiatYBE7vpcDvP-67D9Y4w2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 2CD4 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2417
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 13:31:12 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
x-amz-cf-id
TSXurgC3LyaEAPXZL2OibbCDDXw2mZi8VU4tbEAw0mw7_MYHq-Wawg==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
activityi;dc_pre=CI-FpZjxvoMDFeXJOwIdFhAAfQ;src=8832015;type=rt;cat=donforms;ord=5308541247179;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl...
8832015.fls.doubleclick.net/ Frame 1426
Redirect Chain
  • https://8832015.fls.doubleclick.net/activityi;src=8832015;type=rt;cat=donforms;ord=5308541247179;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uaf...
  • https://8832015.fls.doubleclick.net/activityi;dc_pre=CI-FpZjxvoMDFeXJOwIdFhAAfQ;src=8832015;type=rt;cat=donforms;ord=5308541247179;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;...
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8832015.fls.doubleclick.net/activityi;dc_pre=CI-FpZjxvoMDFeXJOwIdFhAAfQ;src=8832015;type=rt;cat=donforms;ord=5308541247179;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNJ3K3P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f6.1e100.net
Software
cafe /
Resource Hash
68992b4d42e44dfe22ff246aeefebef14a07727e00ba33466eaf352c3f7dd6fc
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
1763
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:11:27 GMT
expires
Tue, 02 Jan 2024 14:11:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:11:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8832015.fls.doubleclick.net/activityi;dc_pre=CI-FpZjxvoMDFeXJOwIdFhAAfQ;src=8832015;type=rt;cat=donforms;ord=5308541247179;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0DRBVSJJB1&gtm=45je3bt0v894839724&_p=1704204686776&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=790461794.1704204687&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1704204686&sct=1&seg=0&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&dr=http%3A%2F%2Fgo.marchofdimes.org%2F&dt=Donate%20Now%20%7C%20March%20of%20Dimes&en=scroll&epn.percent_scrolled=90&_et=5&tfd=2365
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DRBVSJJB1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.marchofdimes.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tb
fndrsp.net/ 		2 B
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fndrsp.net/tb
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQCHZVHiaWJE8FotOAejC%2B6bqx0aa8dkdeNraLGBeOFJkwLs16gMyBfvEPhsL4OG0Q35buTAiyKNYy7UCO51fSI0iIqXmMtvr73JebW6rWyR76DE7LklK%2BA4D7Dp"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.marchofdimes.org
access-control-allow-credentials
true
cf-ray
83f397623ecd04d9-CDG
alt-svc
h3=":443"; ma=86400
tb
fndrsp-checkout.net/ 		2 B
498 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fndrsp-checkout.net/tb
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RthWVFKNNOeYr7F5M1RVliSZj%2B2e9GeDbHMHiePyYyEgSfWEVW08NEFABmwX8ODbPAxMcRm1q0rhw1eO%2BLBrU57Zmto4B46ib7G9jFIWvkNJtupERDiKTPt20vvVcuk8rqR4CuYO"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.marchofdimes.org
access-control-allow-credentials
true
cf-ray
83f397632a8df16c-CDG
alt-svc
h3=":443"; ma=86400
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame DF30 		531 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:38:33 GMT
content-encoding
br
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2001
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
W/"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
ZX0-ZQQrySkv-JQVvvuWZjbTbrE98vsA8hqYB2FYAUjk5GVgx_xpjQ==
controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js
js.stripe.com/v3/fingerprinted/js/ Frame DF30 		688 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
bb2798b8ec3b2526abc17688ce317cf0666ff92bddeb2c50c804e095963e126c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:42:06 GMT
content-encoding
br
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1770
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:14 GMT
server
Cloudfront
etag
W/"5ce54273e9cefa73649bdfcbf46e58d4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
jB3y0tfrlow5KsEeUM2XALJyTQ4RVTsH0uKxCMv6hi5pqJPI_YLDrQ==
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame CF41 		526 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:31:12 GMT
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
2416
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
content-length
526
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
DF9xjvblOIX7WgFJlTye61z18u9Hv4eb4Lv34JvoXx6ReUf5SB3uqg==
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame D160 		531 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:38:33 GMT
content-encoding
br
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2001
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
W/"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
Xx5yB8wG1-QmIB8Ql6Z6E70WhuViS9fdqap4U9AOviJTkFBL1vDMtw==
controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js
js.stripe.com/v3/fingerprinted/js/ Frame D160 		688 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
bb2798b8ec3b2526abc17688ce317cf0666ff92bddeb2c50c804e095963e126c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:42:06 GMT
content-encoding
br
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1770
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:14 GMT
server
Cloudfront
etag
W/"5ce54273e9cefa73649bdfcbf46e58d4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
HXSerIyBLWmWsbQGCwLvvX73QEqfX1uiLrHrplNxWMHGsARl9qjC7g==
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame 2CD4 		526 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:31:12 GMT
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
2416
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
content-length
526
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
JgRWjoO-siVnOpsWApW2aSZ99J6n48lvWNJzHebMpiVgHbuwilY08g==
2612.328ca5ce35bb1bd7dfef.js
static.fundraiseup.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/2612.328ca5ce35bb1bd7dfef.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
337738b644c1b01e37308c9026995b63c20387f9bc8f219cb99f72eb3b23f35c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EYTD5E9CCN5DWGA0
age
970675
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
iwIctSV4xQBdDErl6H38ZSUlHN6iAownPcqyazN4KHT7Iq/0HHQdp363Pd6NauukGr/8Q2DCT2E=
last-modified
Fri, 22 Dec 2023 08:14:19 GMT
server
cloudflare
etag
W/"72585859f7005322a24f55039d6502e6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9IbRCF3pIx3JcyCjNxJRufr4XFiZmjVUY7BwImtEe7QxRwFYnBZkgHAT75GEk8Z1mlbJBz2LrnSPy08Sx%2BG8QtIDN3zJv3zZWyYePjGEZI2wdjAVtE%2FD5hIz6NRdlmwD1Tc%2Fh%2BMRLM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f397624adb382e-FRA
9317.8347c21dba66a3c8e00f.js
static.fundraiseup.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/9317.8347c21dba66a3c8e00f.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23098142daf44c1cb7d244684146fb6ecb0568274118ae3f62cef67034551ef2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
JEJ81J8Q78CFDQ24
age
445843
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
zbsMHq4VyciRstrH+Sj7AtxsjpiCotS9moCdfpLUyZbJ4ot5HKYFuQXWfnHOoB3OBGNCetUu6xc=
last-modified
Thu, 28 Dec 2023 09:56:39 GMT
server
cloudflare
etag
W/"cb3cf711444477b5098e7015fbbf15ef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1blhwel7tjAi8aVLNtMD0L5eqnL4%2BjJh8LJnTa50tZzgoLYux0Q74CUT1UElUN51wIgrX%2BWQwFopOizJUl5VDqLyalHafM4Iyk0ojSANmoadTPHmffD6uWjkFSBuxlooAmUS4bOO5cE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f397624ade382e-FRA
3881.cbc277ee4db5221fc545.js
static.fundraiseup.com/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3881.cbc277ee4db5221fc545.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8cd06506717ca4b233b2fd62746d5a39c9230b4ea3c4bb56206edf928ed8d05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8KJK6BFM1BFHE3
age
18421
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
WvMEzx0S93gR+qWSzjSi8/nF00VOsoxETL3RbwGkwu4D5cI1w7EBeMklaae9bXpWQVNSJpLfT/g=
last-modified
Tue, 02 Jan 2024 08:46:53 GMT
server
cloudflare
etag
W/"d3787c003b65e006808cbd3b22d515d6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7JtdTyroV5%2Fl3DYvxc4RhhK0QwvZhhxMt89XUOtHoTqaxr7VSbgsxX0sSr8upgJKnw%2FiFxQLBRu8zAGqzArEplvU7%2FY9oQB8vre%2F493u6uyzTiU%2BlyCGg9ggrGidOGi9u1jjpt7MvM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f397624ae1382e-FRA
8443.30652bd12c39ddd0d48e.js
static.fundraiseup.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/8443.30652bd12c39ddd0d48e.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e7f6cd883b421b03d88891e93891fc89bd7e4cde0266009f72250f0092302aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZVXJ9V8PMAVE17
age
18421
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
vRs2QIAMdn8GjVIqigaHemOaVZAcZKMYZ6K2KU02G46/hsB8TJ3hHylBv7uDBRPFJOw5NfdTDc0=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"188752fb24105ced13abb937e1252dd7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lL4rDcQM%2BHCbWxRy5VAAnr4YC5BCG90pTAlRPSOZ1KwnoJkxREwFIRfMO07P4SeAYXNWy1W9Q8eFkKL2hZBUHmxnKz85UEWWbj2ei6wEgkQR9HW%2FySKFjx80GVDLh8aRWJuJWS8tmJU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f397624ae3382e-FRA
/
ucarecdn.com/16dee98c-4cc2-442e-a7a3-f895f7d22227/-/resize/470x/-/format/auto/ Frame 1779 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ucarecdn.com/16dee98c-4cc2-442e-a7a3-f895f7d22227/-/resize/470x/-/format/auto/
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Uploadcare /
Resource Hash
9516e1c23610840cf3f86fc18968a997a2af08e5f42e0093013f0836285d30bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
x-image-width
470
server
Uploadcare
etag
"997f30d9a41e015338e681fdb6747621"
vary
accept
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control
public, max-age=31556926
content-disposition
inline
x-image-height
263
content-length
11427
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.60bddc71096815d0d15a.woff2
static.fundraiseup.com/common-fonts/ibm-plex-sans/ Frame 1779 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.60bddc71096815d0d15a.woff2
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KG8W0M0BVCA4PDWK
age
1024128
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
56996
x-amz-id-2
ehDT77ViieDgFSVcGsFvckP/H+LVEbHO2xcqXlA4gCAcl/XM+6TVRuOSfeuWNxWwBO8opeFhdTs=
last-modified
Wed, 20 Dec 2023 14:31:09 GMT
server
cloudflare
etag
"643ad5d92cd7c31076790077c3003abc"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZqGTtR0hCXuWiZSI8ahO0vD6yyrV4GR5nhV5rB1LD7HpvFjCfPXU5HdNHvvKDoL3hFTrZqHyB8pgBo%2FtSVWnT1O14V56VQFYP0me%2Bfq%2Bj4FWMJQ3R%2B8pSHjwlVRnZreBuliIWKERI7Y%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83f397624e501901-FRA
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c4db12b4fb0be67f4f37.woff2
static.fundraiseup.com/common-fonts/ibm-plex-sans/ Frame 1779 		52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c4db12b4fb0be67f4f37.woff2
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
E0C5F941D9Y3FH1D
age
1024128
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
53064
x-amz-id-2
12dk9Cf6+G1cXqksEEj7uAeRxc6vfIvLqjdZHPLD48m00Hh7eUWU8aMADM4+/ye2xMXZ+LhtZ/8=
last-modified
Wed, 06 Dec 2023 09:28:27 GMT
server
cloudflare
etag
"c9e466876957e9d2128f63b225a81ae3"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gIpWiJh%2BlLcObd3sVCBCMgMaV%2Fk6fjM%2BXp0W01X7KoZyWND7rxyjARAZuLytp1vni0%2BYZJAAGV8hQArYz15wh7xFNAuXjzzIzjrn7KCryDbrJXLKxCcjTxFYpcr1CFzb0EalzWqII9o%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83f397624e511901-FRA
4308.267ae83b72a737d61bc8.js
static.fundraiseup.com/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4308.267ae83b72a737d61bc8.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8e7a944adcb9d32eaf4e2f6e85cb7d1f9029b74de22ad7ff2d46ef82b189c95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZTH74BX41VD94Z
age
18421
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
0TEf7s5SgFJWzHQ6jYMrpwDve/msiyTZwO4ollK061YXWqP7DUquDICKR+D9twoeYCpS3SDv8F8=
last-modified
Tue, 02 Jan 2024 08:46:53 GMT
server
cloudflare
etag
W/"d17d932280bf77e59d50820c420d7365"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SwdtW%2FJFwdn4%2BnvW6NDecncP2uUGtIPMklkP4OTChZAzt5FO7Erm9MKoyEe%2Fris650SLQtutqdW1wFOC2j0Q8Sct%2Bda4bWHhBwrv85Y2W%2B53qtSICsPhPgjs5kkHvOTctMFZubsufMk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f397625aec382e-FRA
4798.a2fa7f6bbb792b2fa1f0.js
static.fundraiseup.com/ 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4798.a2fa7f6bbb792b2fa1f0.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df9d8e18a3cec3afcf01338e9a26209eeb89e3d0eaf97f0d5298f039776ffc8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
MZASJ5MFEC1B4QF2
age
970675
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
oA4UpXqkbqI+Z6SmMLgS0rjqIdxTr07ojyzVDJKetuDyqQQB1XfCUpwv05Yhf//jZtEp+jQy0mg=
last-modified
Fri, 22 Dec 2023 08:14:26 GMT
server
cloudflare
etag
W/"813c3e21463a5fb18a4652af2d6e3a0d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OoFNTCvf%2BZDE960PDxtBF7rvfx1OF6S2305oja6MHozSMF9t3fh92W8NsSWBmxVBjsS7aQ%2FYwJbdc0v58RRd2dpNFFFtjS3vtvKVihFktM8zB2kXNsoxOAbES6CVMxXe0vGZDu2Tu3o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f397625aee382e-FRA
7470.5c849ae41dfa76a30134.js
static.fundraiseup.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/7470.5c849ae41dfa76a30134.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb48d9e8351750646223a61d5868a0eda7972e2ea278c69677577300810b0ad4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZM19MRV3Z8Z0ZE
age
18421
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
oWeOAuII8toRe55wRK3ZG7CVI8v6ti23P+IXo8SofVkYX3U7J9fJh36CV0G7bTrrnxof79Qw2Ek=
last-modified
Tue, 02 Jan 2024 08:46:54 GMT
server
cloudflare
etag
W/"8116b094c9ac56f0fa0e152d4e72373b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4VrK32FOM6rRxUZxdwvgedJ3eFn1qKwwSZuM3V%2Fh%2FzJMAVeK%2BCGxzuylEyQ72t2GNO678XYXeeztqSznibTja05RsQiMgJXnGyxFDOGeD%2Bi4lV2QcLhapPtYFQYSOtqFDOTp%2Fxm74uM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f397625af1382e-FRA
7161.70dda01ad3bd7b1f43f4.js
static.fundraiseup.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/7161.70dda01ad3bd7b1f43f4.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b1dccb5a273ea2fadd2437f76d7e4b897e7c5f461f52c0b72cc7e74db13cca2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZPNEXWEAW1T5ME
age
18421
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
GLR7ICRlZN1+EuR7oBwdrUOAjrpGxxduf6dcDu2X9pYQVuOipRR2wk8gzhPwJseQco1/FzIc450=
last-modified
Tue, 02 Jan 2024 08:46:54 GMT
server
cloudflare
etag
W/"6a9110bcfcb930b2a0f06f9f8de67d69"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1gDInuStRp%2BHZyv8sPrY%2FfVxLgtt59YhqKsGqNkuxq8TskaBqMqJGfrkBzTPrZAYai3LkOHsOsKzD9W6yYd3ewZRX3XOqGLpSTzYAL3IM7V6M%2BKZkcjmG1d3YjSfu9rVgMwZP3qkx%2Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f397625af2382e-FRA
4172.550614b50a20ec5505f8.js
static.fundraiseup.com/ 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4172.550614b50a20ec5505f8.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67babd89dd5d6e783cbe7ba05cb7d77c2c3ab7bb0b3ba87b185b391a21e8cc35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
9BFS7RQT2YRYP8G2
age
361770
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
MdPvGYYExfYm9cBft+6RLwx+Ry+1MueynVWo+LOla4aVR2OR8knVOnD5ZNrhPuOQMoFI++uKNck=
last-modified
Fri, 10 Nov 2023 11:17:00 GMT
server
cloudflare
etag
W/"82362aa73fa0a4d64a1c55b1d259397a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5OgTZau%2B8cDgaIYor7cT6cgTIwhXfyY%2F6r09ApbVck362o%2Bv6u0xjtBScj%2FnRXM%2F9yHVGFOx3pBIZP9DlZ23%2FuyncGE97Q0fLNwNVuL8EgnqX0LBcLl3bfHwCKcisr6fpTP4wTq0PLk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f397625af3382e-FRA
7912.0af9043c4cad1d41b53d.js
static.fundraiseup.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/7912.0af9043c4cad1d41b53d.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25c3a3c0aecc1c3cdb989b17c48a9a75970beb6343e0df0c2651ba5eb75c900a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8WXRJ2RQ5YKB3GB5
age
1315989
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
rqEC/8NNQ/s28Is7YijTl1Is2bn/AH/Ktppu89hZ+Kavb8WG+2G45ytVF5NSMalekjlYGveVKXQ=
last-modified
Mon, 18 Dec 2023 08:18:02 GMT
server
cloudflare
etag
W/"3aad49c653ac761d3b0dc37c051585c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21jp6qXELtIUrcdJVp9oOPbDzg4yGjVmmNzrsZvQ%2FW%2B3aNaH5uI7d%2BU2ZF%2FL8K%2B0P%2FCJ9IX0LEmKZm58PSrAnXdhAuByeVyJ%2FLTibedzAEhc%2FgHZn%2FxZlO12gWt9LrwRJbrX9nOq4GQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f397625af4382e-FRA
2604.70a67a9325a0b895a893.js
static.fundraiseup.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/2604.70a67a9325a0b895a893.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7e24515a6e8e17332b556ae1a433f0b6e00cdaea90167be98c2734b0049a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3Z8VEGPV9ZQ4D8ZS
age
18421
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
kthCK7BzZJn72+P6oUPVZ4h2qL+M7lkB3l8rMzg8drHpbmzfFsWvKvLdFKU6fH118ULzfZa7PHQ=
last-modified
Tue, 02 Jan 2024 08:46:52 GMT
server
cloudflare
etag
W/"52a2cc1ece90544227187f23af6c444d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DB2oW9Rhi99wpdBQU4t34uizN3kSOQNQNZHmElDW3oAckY0Qyg6LkVk%2FcmWSFMra1UNf%2F6G3K3mJrRl8Dc4Jqz1gkbk%2FIuMZLuixomUhqBHJWCC4gjSPmsfqh4j3YWlGMF7w5ut5B68%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f397625af5382e-FRA
8242.b02aaf21dfdea45ccdeb.js
static.fundraiseup.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/8242.b02aaf21dfdea45ccdeb.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40f7997ff37aac676d939dbdb0d33f6381fc5b66de4e4c79240e6e9503b14c15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HYBH0AE9WPN4MEZV
age
970675
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
wF5+7h/87SrEbp2uxjF0zb8LcL2b8y3jEAXBGtxQzgF0fIoedcwomkGhqGU1nYz3PuqzJqepVgY=
last-modified
Fri, 22 Dec 2023 08:14:31 GMT
server
cloudflare
etag
W/"4b19319add63bf353f59c262e18d678c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JsBVTyCutUk5tk0b8JQTwFfy5mrcJhQ%2BI5LaHOhIPspp1OMrbftQuGB4LnX2BYJaTctN%2BD8Em64karzO0rlOT4c%2FNo2sldqpk%2Fvu3tmjYPIvtVXaXsX5068Y4MLkvBkk4IQwQT8vS3M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f397625af7382e-FRA
1307.079eb3e246fe1582b593.js
static.fundraiseup.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/1307.079eb3e246fe1582b593.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
642c3f67dbc0d646b7d2508b081e0a6040a7be94478f0cd6d2a6de21f5d11ed7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZKQ1PWB1M47CH7
age
18421
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
apdObnbd2aDx7v6jeChUIzpnhtdsbSI782ncRqVTlhjItLwFqP9Lk3/geXE23YLoeXo2gTzMejg=
last-modified
Tue, 02 Jan 2024 08:46:51 GMT
server
cloudflare
etag
W/"7b1aa6725ce10e652729c8ca76f3ed5b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTFnFu%2B2fmfOuZGINxAerM6DB4lPZZVA%2B%2Frs6v1usfOGjWCXbe9RWQz5Hag%2B%2FMZuc5XxTdom4ouGCAfNWHPM0OMn9vyRdnYyLmc0Q%2B6B2jcTj3%2F9K3GrRqjO4tbOGlJMRZYCderD2C4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f397625af8382e-FRA
5294.9d66a191975ea80fb12f.js
static.fundraiseup.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/5294.9d66a191975ea80fb12f.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a06c60d0bdaeba9a685c6b98ec4108e8358606ae608bc2866b3873ba36e8be5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZJAA46H1T2NBT1
age
18421
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
c1JuhxbnXm1baci6Tl2nZ9f5Da4EJrDTltyrCWVB/ae3IeO+ew/DQxood4+PpF8q2LrBQx+vlMU=
last-modified
Tue, 02 Jan 2024 08:46:54 GMT
server
cloudflare
etag
W/"8cbeb2d49dcd2a8be5a4eecf9cb7596b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1cWZQbuhatbZ2Op%2FK2V9aoJ3jiLC8q3XeYoJjC18xW1UPP1MKngud7XCDOaKLYTT8OfBv%2BaibWMGAkreoOLyJDry1DjUuGlSsi8ffqPkLa5g4lcMUxBnrG4iC0sXEFP8azirzlr8IM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f397625af9382e-FRA
3074.d9147f791079b87eabcc.js
static.fundraiseup.com/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3074.d9147f791079b87eabcc.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
377a6ada8b0adaf4e37c51a736bda1e6a66e2339322ce58193e81d5909ee2fb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZPEZRKATJTVKG9
age
18421
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
qApk4zADyAn0BRsYmMpoIv1YLJG0PKQjwLgx566BlHkjuswRKkT/eQgtRJSZcjumEhFZpASIjq8=
last-modified
Tue, 02 Jan 2024 08:46:52 GMT
server
cloudflare
etag
W/"147314f2adff1871b831c3e893d26e47"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNheg63uHESWxXNX72XSlf8qAEUevBzvP2dpEmZ6pAwRFSYINR7TmY9OpXTTXSn%2FlCs1qhLV6Y8GiGq4T27cHgG8U4xMEOkAWPnCGP07RDhAzeutM36sQRco7C3tJ%2FoMWPDodD9iGPc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f397625afb382e-FRA
9101.4c00b74aed875aa4a330.js
static.fundraiseup.com/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/9101.4c00b74aed875aa4a330.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18b65fdc6da2826c107418e5c689078ff47b54e7f2fc690546c33dbd3b343125
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CBVWP60V7JR7XZFR
age
18421
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
CignJ3G1jd4RWRdkKczARqb4Zvt2vfNeTAX+cHkz+EHxD4CHfUoCJK+RFypwwMwn+mPnKzFI1lY=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"c13ccac03382eb3bdadeaae6fb057063"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SB0yzOUKXDlaTqY8fALakf7dK15jAPf8byG75KmDj%2BLUS4ETTyRFRADh9Pue2B8TGYH8%2BC1Ya9WOmvk%2FrLvfAIJO%2BQSuJJE0j7SKAMjvzJUrDxN1oePNbx9rzMLPYk%2FhuMPoCd4a%2FDw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f397625afc382e-FRA
4531.eadbe0b8b04e9dfe84db.js
static.fundraiseup.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/4531.eadbe0b8b04e9dfe84db.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b596c15fc92d124e18473ffa1d9529ea88cf1918efa33f00447fee4113a68338
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
D2YZ3FT61KZ7X3YN
age
1743407
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
vZW4rA6pGwfXvOJ/OPvtZuAWTlNA1zBlu6h06H5EGL9D+THcbMKXkASj8VmofwlSaBqMVJpmV4U=
last-modified
Wed, 13 Dec 2023 09:34:50 GMT
server
cloudflare
etag
W/"2f5a99aa534d43a5d5741f02d107888c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RlPagrgOfZa8K4QYLZU%2B9tlUSjPOdzEWKrsFMWhBg0l%2Bur9JRk%2BLdNldzYkzrm%2BcgJ2W6CGfhUVyguAu%2FwfJFSv8W6uO9DA%2BOZD8s3ia34MKhruHCP5gU2p88pl4Tdm8xs2glQuyAB4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f397625afd382e-FRA
6658.dc2fd4177fa973c9ceb2.js
static.fundraiseup.com/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/6658.dc2fd4177fa973c9ceb2.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bf7bc0004aeb0dc1b7bb23f128ac24f0302a776cd1950295bc6ffae6e990bf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
20YPGZ83KB96KV53
age
1743407
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
dpcw0lKi1VlNzl1xG3NvYp0r5umXilCQZcSK6dcwFwY077FInHCY2Jj10EILwSzlctQHmkugjOc=
last-modified
Wed, 13 Dec 2023 09:34:52 GMT
server
cloudflare
etag
W/"179e147646e0cd73902eb5b2db332b0f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yw6XhxSxPe9L8VgDoRei0KARjFxYqkA54PuI7O0siqdsYt1LW5nPLdc4LJiQ%2BBFpRVJCZ6DZCfdWR8cahS9lYbbKtfWYyQj1LU%2BZ3uidKcaRS2vfBzFIWhemevscCz143n8wyuSGmJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f397625aff382e-FRA
3646.260d4a1075292b4adf02.js
static.fundraiseup.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3646.260d4a1075292b4adf02.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb83ac4c1a72227dd5036318370e6523f7a06d0e9f791efb6f6fe34b22621ce5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
JEJC3WJKA7HPHEPK
age
445842
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
/jjwSMTPdbp384iCJjqGvaS1Ab5/8TCJmObAbu1tDfiXnZkLKK2ZHBQMbNvamRB2Cib7VaKitzw=
last-modified
Thu, 28 Dec 2023 09:56:31 GMT
server
cloudflare
etag
W/"2411304c845454ffdbcb9e14e0698788"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKiAzeXCsYQabjDbWN0HQVi1JJrf8nqp9ktZ2RUAgc6rOv8Z7ruOh%2Fk2elwK91UfRj5%2Bl6HLB29Lg0kcDDsyTtHQpkmsJ5Gdloq4rUE5Le4V6sDxz14zW0PmHbdFR4v8ruoaBccHx9E%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f397625b00382e-FRA
3105.d6e00ff8e93a442df385.js
static.fundraiseup.com/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3105.d6e00ff8e93a442df385.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cc4700b8677a899840ce32bc6c1b5d5405e5d7f2e14a338ed95e4fe40a2bb96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZNQQPSMTRD99DH
age
18421
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
4avKNXqDb1vdyvKMMzQ+mhcq9WCZCNwuAKC1jCPkEXwBLu6xWzElYmvW2fVySgRwbLD0KbI6UVs=
last-modified
Tue, 02 Jan 2024 08:46:53 GMT
server
cloudflare
etag
W/"36ea0ba3a6b621751333520ee8fd1f70"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVUD9IIn3%2Fb4REJDeik0PDb7DV3Xyt%2B50UjUO1b%2F0SsVZiAIklk8Zhfa%2BDKmsqrL2jXQybN26ae91yaHulWNic2llkoyH5dZCcI85%2BmzqQi0TGisKhNv%2BfUTxvlIxcUYCPrkyNOd%2BeA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f397625b01382e-FRA
3092.789e5f7657c128376286.js
static.fundraiseup.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3092.789e5f7657c128376286.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e50d15896eb602b52225697467a0e13195cddd10423d86ccafc7598f8a6a6111
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZH8F8JHBCPFZ0W
age
18421
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
lGhshSJV6Fi8l5rwGCvulnE1vPqhiFV4XvAcfLWkhMLugt0mlrTQHZlqClgYZlikdKMatKmRoGc=
last-modified
Tue, 02 Jan 2024 08:46:52 GMT
server
cloudflare
etag
W/"d94f94636a66837a35470b946952786c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxa4ZKi30G%2BberBs9iT%2Fi59TPIs3DG6YG3ctMgxUhzxAJtxMp52Q9JUEO1gIc0FWHbVf7GbFdKpDCq4FqPrs4zSVscxViQ2j3Hqovg5oeC%2ByxP4SZu8VgZNhpJ7fgf1vETBHRg91qBM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f397625b02382e-FRA
9927.0b1e038f382f072de5e9.js
static.fundraiseup.com/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/9927.0b1e038f382f072de5e9.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49e6f18090a8c3b811e5d7d50a1cd9e83272f1ecbea95624373950070500a90d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZJC81A0QK0HQKV
age
18421
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
K3pCTqk4eoVVPO87Qn/talWA8rBLB9CmH4vIjdRmu9oDYdr1aJ4MLtlv3+/vGknf248JvbMU8iE=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"3a9bfdc394ebc7d6ad30abca79e6f251"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v5yVdsjUGJ8%2FP%2B2lrCAFQvM6QmV7%2F7HjwQZUAnQfdhHd%2BO30I7IjPfxZPEbrUzs31XM7rmI12CzlnGiYeNLh0%2F6xmmtRLvK1FsCtJQz422whCRYWX2O6pj91ccXcuvmOgg1eRc5N5uY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f397625b03382e-FRA
7730.aaad688a89216a2cc75a.js
static.fundraiseup.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/7730.aaad688a89216a2cc75a.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
276867c5c3ce0b2f35e900e8e9c73fa7dc25a53802bb365f2d20642fd253f79c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZMK6VRN4FG2A57
age
18420
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
1Yisy2XbUiNznt+ORXA2Fab+zBmHfyui24DzhfyqAj3fWV92hxb2kmNYVM5HBkXANo4K1PhU72Q=
last-modified
Tue, 02 Jan 2024 08:46:54 GMT
server
cloudflare
etag
W/"641661c170adba24f7e5f887e0ee88bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bp%2BduiFfuxpwtgH5gTfFMLeR4VHsRFYuZqqie8n00QWqjTygXTnJoYd1jXLdVmkAduG6ICAhWe9h%2FagmGT%2F0Gr7TNnrFOrs8AMUjrtLRHn6B%2FkL4XYOEUL5dJxPA3k8k7gRWOnWn3lE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f397625b04382e-FRA
8598.d58b9cdb2bccb5cd9149.js
static.fundraiseup.com/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/8598.d58b9cdb2bccb5cd9149.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e46de8ce43bbbc4282b65b9805f4f7c462f812ce23b615379b468beb09a989a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CBVG6W47A6EFGKQ2
age
18420
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
14sh4eFQ29pPYErI6bMaCrfZ69JSEfcJCCNnEuzXxr61f86IC7h1+Ne7yYZG+sqPS3IwFzaLsWo=
last-modified
Tue, 02 Jan 2024 08:46:55 GMT
server
cloudflare
etag
W/"854d674b89e3d93f020393ce69f5a7fd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FsTMenS3Gj1O0gbB%2Fy8ERpKnNPteCkcwMDrUb38zs%2B1%2Bk1ysBuNor%2B3JQVzsggosAkHpClaH1MjjQe0%2FUS6RuLSSCFgM4QTDsXQ6ZTdkn58blzx3kW936N4mtIGmkWqnw9rCRmxVu1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f397625b06382e-FRA
3313.8bb649db75fb9f932d94.js
static.fundraiseup.com/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3313.8bb649db75fb9f932d94.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b21363e68e52f1ba52f2f292a183e39f00372c248ecfaf0c5c1fa671ff46a00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZXBT0RPZCTRQ83
age
18420
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
LTkebo1Mg8E/qjOf1GpflArumA2CvFqq8jZkC/IBWAGSxZB1so6FDFpnanMMxvNET2C1BmhimJA=
last-modified
Tue, 02 Jan 2024 08:46:53 GMT
server
cloudflare
etag
W/"85d22b265ca08373504a09621adb500c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZQWU%2F%2FFQKsmB6WldDADxGJZjrUtmfI6ZqSPXNJ7jgzLBF8hCJnC96A860%2F8yDJmDIhjHyMHuwC%2FwhtV6937YK%2BXmBVm0QTditWCC7IJ5bF3wc7E9nUln8d4PAFlDJcMnPLXGbcyNZw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f397625b07382e-FRA
617.b191c125d86fae215d94.js
static.fundraiseup.com/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/617.b191c125d86fae215d94.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc3a41aaf9de8dcdbb1aa7c552942868390ff131f4ae48acd79df9d5a7ff996f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
J4ZX9D4YKJYZE1EH
age
1654317
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Hrnn5drG9H7Vo6WGSdidKYEiql/FDL4ZPvu1NPRdfgsUrNDWNBzFiAAbPRkwPl7GYzdOq1+KmNM=
last-modified
Thu, 14 Dec 2023 10:21:52 GMT
server
cloudflare
etag
W/"9d235534a9b590256d5f9f919849f1c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9UhCQKH3d1%2BsYpWI7Z8DZYk9hqIx9ERwMElkdGm5M4%2BorwWdXWXjiQgs0%2FsGLxaTRCklTYraYKDm0pBjsVRQo2uqD9EQ4GVDtxbFKG23V4kkg5dVYbuYKYBKVTZf7tUnjXJg9yCKuN0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f397625b09382e-FRA
3755.885174add6f9f35ea1cc.js
static.fundraiseup.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/3755.885174add6f9f35ea1cc.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32c2ce3fc3f9f303fb23219d570a67d0c55951c3f6c81b25e440ba6fb68e60d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
58ZVMRG6TSSH1ARQ
age
18420
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ns4UfLOn762abyqPk/JISKBL7pRsAUs7wu4bnOHhOo9hC2JHVjDeRtVh7rTo9UrtgJm5l7ThkCk=
last-modified
Tue, 02 Jan 2024 08:46:53 GMT
server
cloudflare
etag
W/"6332e5261fb5e132c86e8e991694cf7e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=maapetMi4reMVzSF6Ev1JJc4XsRXE12EfC%2FP1roeIcXAgdf%2BUvkNVc75m1OU6WxPc0%2BLBeMGL0xEefjKpvY%2BP4fumphUFqk0958FyPXbvz4zUzvHwpXu%2BiygHynf49R8N0UoZ%2FRqOuo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
83f397625b0a382e-FRA
/
ucarecdn.com/36e1897c-937c-4cc1-9c7d-220d75cd62d0/-/resize/x50/-/format/auto/ Frame 1779 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ucarecdn.com/36e1897c-937c-4cc1-9c7d-220d75cd62d0/-/resize/x50/-/format/auto/
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Uploadcare /
Resource Hash
47a019a4a25f09f59e801a8b3d77f63a3a975a4c763f8430defa7987e14d7d64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
x-image-width
50
server
Uploadcare
etag
"5f0f074f24722ebb2e429bbb349da7d7"
vary
accept
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control
public, max-age=31495204
content-disposition
inline
x-image-height
50
content-length
1937
csp-report
q.stripe.com/ Frame DF30 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204688366479
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204688366065
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame CF41 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204688365677
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204688364550
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame CF41 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204688364889
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204688364590
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame D160 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204688366421
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204688366087
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 2CD4 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204688366639
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204688366127
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 2CD4 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204688368212
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204688366975
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.e17268930006027a6a07.woff2
static.fundraiseup.com/common-fonts/ibm-plex-sans/ Frame 1779 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.fundraiseup.com/common-fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.e17268930006027a6a07.woff2
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1212e7abb6f32136c5d13b04e540ebe36e773a98acd627d5e56e466f685a0b49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
Origin
https://www.marchofdimes.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4XNGNJKF2Y4B544T
age
1059184
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
56460
x-amz-id-2
zbAQlh/zIKk3a0CskolCssfW+JxwLuIWNqNKmhTqSN01RrO2ZXqM8tpZvZPbwK5YqTwCeodOZPQ=
last-modified
Thu, 14 Dec 2023 13:16:28 GMT
server
cloudflare
etag
"cc65a7d46bec1bcadfd3a27d571765f5"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9HSUAel20IoWs6y9kTIE%2BnE%2B%2B32B1WCLemGOIsLlARc2io0X66b4VjDEBvOIsecnVQMyiXfFe3O5Uy6ysqGP%2FkoZOEh53UeEmiXCqS%2FO1CzdrUbwll6OKHISGhTYKfVyvbc9l%2BhC8Ew%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83f39762bedd1901-FRA
inner.html
m.stripe.network/ Frame C4BE 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:5600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
184
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:08:25 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
x-amz-cf-id
HGBrn5cut6a73uL9W_eXozxtidewp5Hv6phN11XwextteODG0QQWfA==
x-amz-cf-pop
DUS51-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
plf
c1.adform.net/imatch/ Frame 2D25 		0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/imatch/plf?name=plff
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
match
ad.360yield.com/ Frame 2D25 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=2724977328310641832&Expiration=1705414287
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.208.161.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-161-54.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:11:27 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
m
ad.yieldlab.net/ Frame 2D25 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=4879&ext_id=2724977328310641832
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.43.61.193 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-43-61-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 14:11:27 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Mon, 01 Jan 2024 14:11:27 GMT
token
token.rubiconproject.com/ Frame 2D25 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=5232&puid=2724977328310641832
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tpui
ih.adscale.de/adscale-ih/ Frame 2D25 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=2724977328310641832&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.129.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-129-10.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 2D25 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=2724977328310641832&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.106 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
transfer-encoding
chunked
content-type
image/gif
user-registering
ads.stickyadstv.com/ Frame 2D25 		43 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=2724977328310641832
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:4::26 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 14:11:27 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1704204687923048-575
sync
x.bidswitch.net/ Frame 2D25 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=70&user_id=2724977328310641832
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.179.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-179-1.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 2D25
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2724977328310641832&expiration=1705414287
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2724977328310641832&expiration=1705414287&C=1
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=2724977328310641832&expiration=1705414287&C=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVv4vbqpys7zK1DGPqkZt1aK4zY1j7Wdd62Yr%2FvwFtqpybErrqxKXckXXo%2FtYdR3TcBJFunOagYYzl1yKttqJgQZgyjQTbSCl%2BeTUoycBCKVBh5xSAjHuGxt8kNQ25LhoKg%2ByMAse6NMhA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83f397636a915d63-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evxqXxnwucjo2HuEvW2izc72PzRAQ5H4UPL0jF%2BtQsi9Qwb9zAktTpgPhE0yJbzsYX0tq%2FeJ5WG4QfMpeStb7lVUUwr%2BNQrB5%2B73qbk3KGiy4s1Yrt6cYLYXRSnBk%2Fm0vwV4HjCSy8hxQg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=111&external_user_id=2724977328310641832&expiration=1705414287&C=1
cache-control
no-cache
cf-ray
83f397634a625d63-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
12092831
se.semasio.net/sync/1/ Frame 2D25
Redirect Chain
  • https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=2724977328310641832&sInitiator=external
  • https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=2724977328310641832&sInitiator=external
  • https://se.semasio.net/sync/1/16266044?sExtCookieId=2724977328310641832&gdpr=&sInitiator=external
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr=
  • https://se.semasio.net/sync/1/647471?sExtCookieId=7319503400653617298&sInitiator=internal&gdpr=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=
  • https://se.semasio.net/sync/1/4354957?sExtCookieId=7996175290072234627&sInitiator=internal&gdpr=
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=OTBGRDE4MThFQTk1NzExNA&gdpr=
  • https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEPej1jEoy_BGEolk9x7JQy4&sInitiator=internal&google_cver=1&gdpr=&google_cver=1
  • https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEPej1jEoy_BGEolk9x7JQy4&sInitiator=internal&google_cver=1&gdpr=
0
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEPej1jEoy_BGEolk9x7JQy4&sInitiator=internal&google_cver=1&gdpr=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
HTTP/1.1
Server
77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:37 GMT
uip-status
Ok
frontend-id
10
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:38 GMT
frontend-id
9
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEPej1jEoy_BGEolk9x7JQy4&sInitiator=internal&google_cver=1&gdpr=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
match
ps.eyeota.net/ Frame 2D25 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=2724977328310641832&bid=9gdtmu1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:11:27 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
pixel.gif
load77.exelator.com/ Frame 2D25
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2724977328310641832
  • https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=2724977328310641832&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
H2
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 02 Jan 2024 14:11:28 GMT
x-age-lb
227816
x-amz-request-id
tx00000490ac5aaa044b44d-0065909fa8-5134150-nyc
x-77-cache
HIT
x-accel-date
1703976872
content-length
43
x-77-nzt
A8O1rw43Nzf/6HkDACUTwjE3Nzexz9PUZg+uJwA
x-accel-expires
@1704573302
x-77-age
227816
x-cache-lb
HIT
last-modified
Sat, 30 Dec 2023 22:32:08 GMT
server
CDN77-Turbo
etag
"fc94fb0c3ed8a8f909dbc7630a0987ff"
x-77-nzt-ray
9083393061535ae190199465e7ece707
content-type
image/gif
x-rgw-object-type
Normal
accept-ranges
bytes

Redirect headers

date
Tue, 02 Jan 2024 14:11:28 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
398366.gif
idsync.rlcdn.com/ Frame 2D25 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/398366.gif?partner_uid=2724977328310641832
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2724977328310641832/gdpr=/ Frame 2D25 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2724977328310641832/gdpr=/gdpr_consent=
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.85.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-85-3.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.24.204
content-length
49
expires
0
29729
tags.bluekai.com/site/ Frame 2D25 		62 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/29729?id=2724977328310641832
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 02 Jan 2024 14:11:28 GMT
content-length
62
content-type
image/gif
sd
eu-u.openx.net/w/1.0/ Frame 2D25 		43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2724977328310641832
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 2D25
Redirect Chain
  • https://api.adrtx.net/thirdparty/click?p=adfo
  • https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
35 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
HTTP/1.1
Server
52.218.112.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:11:29 GMT
Last-Modified
Thu, 29 Oct 2015 16:41:57 GMT
Server
AmazonS3
x-amz-request-id
XVSC8VF21PEZ6KN0
ETag
"c2196de8ba412c60c22ab491af7b1409"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
35
x-amz-id-2
tkZFDRKLImc7S7wQd5edHHsAXVy+DgN8K16CAOXsGicxTD5wgvvXlm+dLNX+02iwL4rcYtbLkt0=

Redirect headers

X-Error-Reason
Missing UserId
Date
Tue, 02 Jan 2024 14:11:27 GMT
Server
akka-http/10.2.10
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
137
/
cm.adsafety.net/ Frame 2D25
Redirect Chain
  • https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=2724977328310641832
  • https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12024010214394491a1ae6daf765b8&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
  • https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=ba9ef564baa8b3d03846c0ca42f3cdf2&idt_did_status=added&gdpr_consent=&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyNDAxMDIxNDM5NDQ5MWExYWU2ZGFmNzY1Yjg&gdpr_consent=&gdpr=0
  • https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEPz98uZCc0pQBmir9qhHKPI&gdpr_consent=&gdpr=0&google_cver=1
  • https://tags.adsafety.net/v1/cm?cm_uid=CM12024010214394491a1ae6daf765b8&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&...
  • https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=ba9ef564baa8b3d03846c0ca42f3cdf2
  • https://c1.adform.net/serving/cookie/match?party=28&cid=CM12024010214394491a1ae6daf765b8
  • https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=2724977328310641832
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=2724977328310641832
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
HTTP/1.1
Server
217.79.187.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
cm43.as.net
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 14:11:28 GMT
Last-Modified
Tue, 02 Jan 2024 14:11:28 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection
keep-alive
Expires
Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=2724977328310641832
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
usermatch.gif
beacon.krxd.net/ Frame 2D25 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=2724977328310641832
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.91.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-91-219.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
beacon-n016-dub-prod.krxd.net
date
Tue, 02 Jan 2024 14:11:28 GMT
cache-control
private, no-cache, no-store
x-request-time
D=35 t=1704204688
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
c1.adform.net/serving/cookie/match/ Frame 2D25
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MjcyNDk3NzMyODMxMDY0MTgzMg
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDcw1WbgLEXUu7cyqxJ_8hU&google_cver=1&google_ula=1641347,0
35 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDcw1WbgLEXUu7cyqxJ_8hU&google_cver=1&google_ula=1641347,0
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
H2
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDcw1WbgLEXUu7cyqxJ_8hU&google_cver=1&google_ula=1641347,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
plf
c1.adform.net/imatch/ Frame 2D25 		0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/imatch/plf?name=plfm
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
setuid
secure.adnxs.com/ Frame 2D25
Redirect Chain
  • https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
  • https://c1.adform.net/serving/cookie/match?party=3&id=7996175290072234627&redirect=1
  • https://secure.adnxs.com/setuid?entity=91&code=2724977328310641832
43 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/setuid?entity=91&code=2724977328310641832
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
H2
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
an-x-request-uuid
66a6e05d-4ba2-4c5c-8546-c516106ad4c1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.10.205; 80.255.10.205; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://secure.adnxs.com/setuid?entity=91&code=2724977328310641832
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 2D25 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2724977328310641832
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:11:26 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cs
pdw-adf.userreport.com/ Frame 2D25 		43 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pdw-adf.userreport.com/cs
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-113.fra56.r.cloudfront.net
Software
nginx/1.22.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Mon, 01 Jan 2024 19:06:39 GMT
Via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.22.0
X-Amz-Cf-Pop
FRA56-C1
Age
68689
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
m1lge2PThijnbsbuBXa7KVt6l9z8Al8EuJCmwTJNQKkcjVK7nP7eiw==
p
a.audrte.com/ Frame 2D25
Redirect Chain
  • https://a.audrte.com/a?adform_uid=2724977328310641832
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YmM1WC1HY0c0REFUVmlYNnhKSVFiVy1pUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
HTTP/1.1
Server
54.170.164.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-164-95.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:11:28 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 02 Jan 2024 14:11:28 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
match
c1.adform.net/serving/cookie/ Frame 2D25
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=1586&dpuuid=2724977328310641832&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=2724977328310641832&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
  • https://c1.adform.net/serving/cookie/match?party=1007&cid=84171717485314219782125166298051699755&noredirect=1
35 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=1007&cid=84171717485314219782125166298051699755&noredirect=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
H2
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

dcs
dcs-prod-irl1-2-v054-0422bf190.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
mwzN1CltRis=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://c1.adform.net/serving/cookie/match?party=1007&cid=84171717485314219782125166298051699755&noredirect=1
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
/
dmp.adform.net/serving/cookie/match/ Frame 2D25
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=2724977328310641832
  • https://dmp.adform.net/serving/cookie/match/?party=1014&cid=218943204749002737598
35 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=218943204749002737598
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
H2
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=218943204749002737598
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
/
dmp.adform.net/serving/cookie/match/ Frame 2D25
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
  • https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7319503400653617298
35 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7319503400653617298
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
H2
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

Location
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7319503400653617298
Date
Tue, 02 Jan 2024 14:11:28 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
33302
tags.bluekai.com/site/ Frame 2D25 		62 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33302?id=2724977328310641832
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 02 Jan 2024 14:11:28 GMT
content-length
62
content-type
image/gif
match
c1.adform.net/serving/cookie/ Frame 2D25
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
  • https://c1.adform.net/serving/cookie/match?party=1084&cid=qnZ3zQLp1RkFuo5
35 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=1084&cid=qnZ3zQLp1RkFuo5
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
H2
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 14:11:28 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://c1.adform.net/serving/cookie/match?party=1084&cid=qnZ3zQLp1RkFuo5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 2D25 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
server
Kestrel
content-length
70
content-type
image/gif
image.sbmx
global.ib-ibi.com/ Frame 2D25 		0
0
0.gif
id5-sync.com/s/10/ Frame 2D25 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/10/0.gif?puid=2724977328310641832
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
/
dmp.adform.net/serving/cookie/match/ Frame 2D25
Redirect Chain
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=252392116
  • https://dmp.adform.net/serving/cookie/match/?party=1145&cid=.vLxMETxRAJQlKCNf49Fie
35 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=.vLxMETxRAJQlKCNf49Fie
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
H2
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
via
1.1 google
last-modified
Tue, 02 Jan 2024 14:11:28 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=.vLxMETxRAJQlKCNf49Fie
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
um
sync.teads.tv/ Frame 2D25 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=119&uid=2724977328310641832
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Tue, 02 Jan 2024 14:11:28 GMT
pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
/
s.ad.smaato.net/c/ Frame 2D25 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=2724977328310641832
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25e8:de00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
cache-control
no-cache, must-revalidate
via
1.1 304aca8444d8c10610191c5e033b348e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS1-P3
x-amz-cf-id
3BCiLYdaUdFb5vYhDRSH4IcH12RKFBVFBTuiK7r81aOVKd5cPES-TA==
x-cache
Miss from cloudfront
2724977328310641832
match.contentexchange.me/adform/ Frame 2D25 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.contentexchange.me/adform/2724977328310641832?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
ilog.vsn.si
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
content-length
0
server
nginx/1.16.1
xuid
eb2.3lift.com/ Frame 2D25 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7354&xuid=2724977328310641832&dongle=AD20
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
put
e1.emxdgt.com/ Frame 2D25 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d52&uid=2724977328310641832
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.128.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-128-62.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
server
awselb/2.0
plf
c1.adform.net/imatch/ Frame 2D25 		0
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/imatch/plf?name=plfl
Requested by
Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c1.adform.net/imatch/pixels?uid=2724977328310641832&agencyId=9068&advertiserId=2177609&src=tp&rnd=672840
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
.deploy_status_henson.json
js.stripe.com/v3/ Frame DF30 		474 B
865 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:10:50 GMT
via
1.1 222ed61ce1f992de78327a3786f482e2.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
42
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
_WxccwasIzqFaNkmbziRnw5ajfB_-RYh-YjEKdGdT0AIHCD13JIvdg==
.deploy_status_henson.json
js.stripe.com/v3/ Frame DF30 		474 B
863 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:10:50 GMT
via
1.1 222ed61ce1f992de78327a3786f482e2.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
42
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
YfmiKo7anpLApM654MlMoPeP2bIEMi5zK4seheSmoSiYpZCRobfOSQ==
inner.html
m.stripe.network/ Frame 7D33 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:5600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
184
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:08:25 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
x-amz-cf-id
wkg-W3Dfg6tK9Vc8Az8ANM12ATEf4mjGioxWDjonORvLFuEYsAlriA==
x-amz-cf-pop
DUS51-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
.deploy_status_henson.json
js.stripe.com/v3/ Frame D160 		474 B
863 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:10:50 GMT
via
1.1 222ed61ce1f992de78327a3786f482e2.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
42
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
fC1aDglzGsyZl_Ob8uhjt15x1rreP4z8Pj-pM9LDLuXQhh7GnV2TAA==
.deploy_status_henson.json
js.stripe.com/v3/ Frame D160 		474 B
865 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:10:50 GMT
via
1.1 222ed61ce1f992de78327a3786f482e2.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
42
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
x1KqoLn_Xx0XUz9TUgo20XwM5sBHbXaZvU3IE_tXHbJxCNwJTX0lYA==
controller-a8db3be7204dff5e963b6f0fd5121b28.html
js.stripe.com/v3/ Frame 1C01 		325 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6304ca07d33fa966939847acddaf96bb7f3b5d0a926e2122882bfc30a902c266
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
50
cache-control
max-age=60
content-length
325
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:10:39 GMT
etag
"a8db3be7204dff5e963b6f0fd5121b28"
last-modified
Fri, 22 Dec 2023 21:08:02 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
x-amz-cf-id
mqTo4M-5nCEUR1j5PObzvVl6wUZ6EDMdT9nslUzqL0HmGFCCHqvljg==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
js.stripe.com/v3/ Frame 75A7 		798 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
9e8417dbf5f2215e91aed66fd3f0e619149f1f2dc3519977f4c663061a9759eb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2067
cache-control
max-age=31536000
content-length
798
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 13:37:05 GMT
etag
"74c94b12a3c991276d75d7e7135461e8"
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
x-amz-cf-id
3KB8kcp-D-OPsCC1V6aAckPZ01NnW5v-ZDWH2D7IZn-5U0LvtvCl5g==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
js.stripe.com/v3/ Frame 5843 		798 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
9e8417dbf5f2215e91aed66fd3f0e619149f1f2dc3519977f4c663061a9759eb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2067
cache-control
max-age=31536000
content-length
798
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 13:41:29 GMT
etag
"74c94b12a3c991276d75d7e7135461e8"
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
x-amz-cf-id
rf46qPl8et9GWImFagCMmvQtjARl3Wel6tfnJ9nYWmQp2jWI9AhEeQ==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
js.stripe.com/v3/ Frame 6315 		798 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
9e8417dbf5f2215e91aed66fd3f0e619149f1f2dc3519977f4c663061a9759eb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2067
cache-control
max-age=31536000
content-length
798
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 13:41:29 GMT
etag
"74c94b12a3c991276d75d7e7135461e8"
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
x-amz-cf-id
PRgZad_dOoHXoE1wYCuES-sy7hio7IKBue4GywG4ErUrZDGPcjlGzw==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
js.stripe.com/v3/ Frame CAA8 		820 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
e7e7f216e2add2e5655784665bea48f8efed39c8be96c40782b3f0cf84df6bbf
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1495
cache-control
max-age=31536000
content-length
820
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 13:47:48 GMT
etag
"5d9a311984498e026b1badc5a52d6bcb"
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
x-amz-cf-id
-NogGDr7OODOBsTo7H2FujXrDMV2CCMTYHvuIkHM8V-q_wr5qzegyg==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
js.stripe.com/v3/ Frame 64F9 		798 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
7a5d1a8956ee3f319edea53bf11ba07988f8c6a0b6204633cee6a41b4b216127
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3040
cache-control
max-age=31536000
content-length
798
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 13:20:48 GMT
etag
"a59168b21e202d878ed59c4fbe9405b6"
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
x-amz-cf-id
-LPx6pcunElyN1jrt_IREluAO0sGff1dQ3fvVxSLExrcEm2JnAm3WQ==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
event
ad.ipredictive.com/d/track/ Frame 1426 		0
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.ipredictive.com/d/track/event?upid=107549&url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&val=&tn=5308541247179&cache_buster=[timestamp]&ps=2
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CI-FpZjxvoMDFeXJOwIdFhAAfQ;src=8832015;type=rt;cat=donforms;ord=5308541247179;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.63.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-63-167.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:11:27 GMT
Connection
keep-alive
X-CI-RTID
044bfaf0-1f75-434c-baf9-937b1691d7b8
Content-Length
0
p
e.acuityplatform.com/ Frame 1426 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.acuityplatform.com/p?pk=9020304230610356278&pg=26254
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CI-FpZjxvoMDFeXJOwIdFhAAfQ;src=8832015;type=rt;cat=donforms;ord=5308541247179;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
154.59.122.94 Schiphol, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
Pixels
px.adentifi.com/ Frame 1426 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adentifi.com/Pixels?a_id=3405;uq=806544289;
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CI-FpZjxvoMDFeXJOwIdFhAAfQ;src=8832015;type=rt;cat=donforms;ord=5308541247179;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.70.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-70-213.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
ld.js
dynamic.criteo.com/js/ld/ Frame 1426 		46 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=81237
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CI-FpZjxvoMDFeXJOwIdFhAAfQ;src=8832015;type=rt;cat=donforms;ord=5308541247179;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
abca992fa4e621e1b432acbd7111a6c3561a508229e1ae32873531feb1d24a17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
dc_pre=CI-FpZjxvoMDFeXJOwIdFhAAfQ;src=8832015;type=rt;cat=donforms;ord=5308541247179;auiddc=*;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=...
adservice.google.com/ddm/fls/z/ Frame 1426 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CI-FpZjxvoMDFeXJOwIdFhAAfQ;src=8832015;type=rt;cat=donforms;ord=5308541247179;auiddc=*;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CI-FpZjxvoMDFeXJOwIdFhAAfQ;src=8832015;type=rt;cat=donforms;ord=5308541247179;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 37C9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-CUAZdmsokbpoDhWN1s47nMisNlLpHT0P-A00nw&google_cm&google_hm=ay1DVUFaZG1zb2ticG9EaFdOMXM0N25NaXNObExwSFQwU...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-CUAZdmsokbpoDhWN1s47nMisNlLpHT0P-A00nw&google_gid=CAESENxuF5P5-I2I1aBOWqI-pms&google_cver=1&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-CUAZdmsokbpoDhWN1s47nMisNlLpHT0P-A00nw&google_gid=CAESENxuF5P5-I2I1aBOWqI-pms&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
771576
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-CUAZdmsokbpoDhWN1s47nMisNlLpHT0P-A00nw&google_gid=CAESENxuF5P5-I2I1aBOWqI-pms&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 37C9 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-RCmL2msokbpoDhWN1s47nMisNlJNh-NWQnEXhg&expires=30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.179.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-179-1.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 37C9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7996175290072234627
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7996175290072234627
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1368125
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
an-x-request-uuid
79875e0d-bb85-4306-87db-249b4891cf0b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7996175290072234627
x-proxy-origin
80.255.10.205; 80.255.10.205; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 37C9 		57 B
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-X8yrA2sokbpoDhWN1s47nMisNlIxIKEM8Zffsw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 14:11:28 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 14:11:28 GMT
tap.php
pixel.rubiconproject.com/ Frame 37C9 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-w5VKUWsokbpoDhWN1s47nMisNlKsL5sICFvO9Q&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
0c26bf0e0878be6b26493f33577d6373
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
rtb-csync.smartadserver.com/redir/ Frame 37C9 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-P58te2sokbpoDhWN1s47nMisNlKj_dfwLZM0tw
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.106 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 37C9 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-3QdwNWsokbpoDhWN1s47nMisNlJ0eqmseCBI1Q
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12971
um
criteo-sync.teads.tv/ Frame 37C9 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k--R6NUmsokbpoDhWN1s47nMisNlIpru3baula1A
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Tue, 02 Jan 2024 14:11:28 GMT
pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 37C9 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-bxOUs2sokbpoDhWN1s47nMisNlLSrYEV1LChOA&dongle=013b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame 37C9 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-F9ougWsokbpoDhWN1s47nMisNlKlOTYuJ6_OoA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cksync.php
hb.yahoo.net/ Frame 37C9 		56 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync.php?cs=1&type=58301&ovsid=k-F9ougWsokbpoDhWN1s47nMisNlKlOTYuJ6_OoA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.22.242.105 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-22-242-105.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 02 Jan 2024 14:11:28 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
56
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 14:11:28 GMT
pixel
cm.adform.net/ Frame 37C9 		43 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-z4OQgWsokbpoDhWN1s47nMisNlKQrzdZ0IJq9Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
last-modified
Thu, 11 May 2023 07:59:59 GMT
server
nginx
accept-ranges
bytes
etag
"645ca07f-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame 37C9 		49 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-4c4MsGsokbpoDhWN1s47nMisNlI2t8lc9t3tRg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.37.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-37-51.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
26
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
rum
r.casalemedia.com/ Frame 37C9 		43 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-yq2_AmsokbpoDhWN1s47nMisNlJDda5rvTozsA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NjQANFvIXa6hWeMi4AoFPMXumZpG7GaLT3dlRI%2FlFJ86lpj0A2ntv01ffLQJxNNOHbePSF0P%2B1tloN4ai3%2BbWnnAsM4MRyXT1ojqjdqAAir3qwQMwYG8gR7gUnzhBHjekHmy"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83f397644bdb5d63-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0
demconf.jpg
dpm.demdex.net/ Frame 37C9
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=bY7XZENkpFYyqDd8ewP6GIzpQKgBAh0V
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=bY7XZENkpFYyqDd8ewP6GIzpQKgBAh0V
42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=bY7XZENkpFYyqDd8ewP6GIzpQKgBAh0V
Protocol
H2
Server
54.76.70.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-70-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v054-031c8e95e.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
ilG3OTcdRXE=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-1-v054-0e377c1af.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
gjhoSGwfQ6M=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=bY7XZENkpFYyqDd8ewP6GIzpQKgBAh0V
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
9.gif
id5-sync.com/s/966/ Frame 37C9 		43 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-D82ZUWsokbpoDhWN1s47nMisNlJo5lzOJNKY8A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
match
ad.360yield.com/ Frame 37C9 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-sTiWaWsokbpoDhWN1s47nMisNlLrvvUDrA2fjw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.208.161.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-161-54.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:11:27 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame 37C9 		42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-QSmGtGsokbpoDhWN1s47nMisNlIbNphPpoA-WA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame 37C9 		0
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-y21mIWsokbpoDhWN1s47nMisNlKknoQm3Mdaqw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.116.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-116-41.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
1017
jadserve.postrelease.com/suid/ Frame 37C9 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-uON24WsokbpoDhWN1s47nMisNlJjqdQT2DblkQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.251.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-251-250.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 37C9 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-ma-O-msokbpoDhWN1s47nMisNlJkhzRxWcZKvQ&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:11:28 GMT
Cache-Control
no-cache
X-TraceId
c56bb3d25a6ad219e6616cae1bb82ce7
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 37C9 		0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-GgAh4GsokbpoDhWN1s47nMisNlJwSCUOLT3WVA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:11:27 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
v1
match.sharethrough.com/sync/ Frame 37C9 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-kb1c_msokbpoDhWN1s47nMisNlI_ELLWf47hzQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.3.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-3-175.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
sync
criteo-partners.tremorhub.com/ Frame 37C9 		43 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-yobhPmsokbpoDhWN1s47nMisNlIkJ4i__vd7aQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:67cf:789f:f482:a995 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Tue, 02 Jan 2024 14:11:28 GMT
server
nginx
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame 37C9 		43 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-8mOPqGsokbpoDhWN1s47nMisNlLJxpUOXzKC9A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.29
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:11:28 GMT
server
Apache
x-powered-by
PHP/7.3.29
content-length
43
content-type
image/gif
m
ad.yieldlab.net/ Frame 37C9 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-BMmC_2sokbpoDhWN1s47nMisNlLwQUlwGIxSSw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.43.61.193 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-43-61-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 14:11:28 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Mon, 01 Jan 2024 14:11:28 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame 37C9 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-3O-no2sokbpoDhWN1s47nMisNlI6UNpNrEqoMA&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.209.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-209-33.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
content-length
0
b
r.stripe.com/ Frame DF30 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:28 GMT
x-stripe-server-envoy-start-time-us
1704204688367996
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204688367733
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame DF30 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:28 GMT
x-stripe-server-envoy-start-time-us
1704204688367955
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1704204688367688
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame DF30 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:28 GMT
x-stripe-server-envoy-start-time-us
1704204688542766
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204688542145
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame D160 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:28 GMT
x-stripe-server-envoy-start-time-us
1704204688368179
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1704204688367657
access-control-allow-credentials
true
content-length
0
csp-report
q.stripe.com/ Frame 7D33 		0
490 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204688367960
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
1
x-stripe-client-envoy-start-time-us
1704204688367345
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame 7D33 		87 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:5600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:08:22 GMT
content-encoding
gzip
via
1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
186
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
DUS51-P1
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
7gxeZq_yyGwPIA_ogaDZ7xLsBkiArmd-j7ShHQWFC-arNaezqVOFzA==
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame 1C01 		531 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:38:33 GMT
content-encoding
br
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2001
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
W/"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
2HX2elr9b6r6L6i38p98hHnSHObLSGRpXvEPDZL0JvtCFrfMFtFhsA==
controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js
js.stripe.com/v3/fingerprinted/js/ Frame 1C01 		688 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
bb2798b8ec3b2526abc17688ce317cf0666ff92bddeb2c50c804e095963e126c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:42:06 GMT
content-encoding
br
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1770
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:14 GMT
server
Cloudfront
etag
W/"5ce54273e9cefa73649bdfcbf46e58d4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
xtA52Cg8GGQ4cJpHW1UPyslODcULypBoKiPe8AXEGF9oiGceHY6P_Q==
csp-report
q.stripe.com/ Frame C4BE 		0
490 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204688368149
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
1
x-stripe-client-envoy-start-time-us
1704204688367336
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame C4BE 		87 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:5600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:08:22 GMT
content-encoding
gzip
via
1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
186
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
DUS51-P1
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
lCw7Q626Y7-X3UXI-pG9E08OtxUWIFi4dTyzd5m6SHCPKuFsdwqmXw==
events.js
tags.srv.stackadapt.com/ Frame 1426 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CI-FpZjxvoMDFeXJOwIdFhAAfQ;src=8832015;type=rt;cat=donforms;ord=5308541247179;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2e2ce02dd175250745c575ee653078aed696b083ac3bf2feaf51261d7b8d072a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:11:28 GMT
cache-control
max-age=5
content-encoding
gzip
content-type
text/javascript
bat.js
bat.bing.com/ Frame 1426 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CI-FpZjxvoMDFeXJOwIdFhAAfQ;src=8832015;type=rt;cat=donforms;ord=5308541247179;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 02 Jan 2024 14:11:27 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: ECE6243C6DE94CD1BD8F7292D784D10D Ref B: FRA31EDGE0519 Ref C: 2024-01-02T14:11:27Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
quant.js
secure.quantserve.com/ Frame 1426 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CI-FpZjxvoMDFeXJOwIdFhAAfQ;src=8832015;type=rt;cat=donforms;ord=5308541247179;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 09 Jan 2024 14:11:27 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 1426 		202 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CI-FpZjxvoMDFeXJOwIdFhAAfQ;src=8832015;type=rt;cat=donforms;ord=5308541247179;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 14:11:27 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
hrGU6Len7lMKh9zL+WljXGH/T/zwaFgiKzyXmJ4wH5lCGBvPhs4XnXzyD49dIMG4SiUJ+WSNNn+zg61VzMJ0LA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame 75A7 		531 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:38:33 GMT
content-encoding
br
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2001
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
W/"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
P_I6IvyGbOkFttE3MqzE4tT_t3OJls86QfJyEWHMTaYerqDuTDqHpw==
ui-shared-897f16408e805d064314826d31faa4db.js
js.stripe.com/v3/fingerprinted/js/ Frame 75A7 		404 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-897f16408e805d064314826d31faa4db.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:31:21 GMT
content-encoding
gzip
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2407
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Cloudfront
etag
W/"6ebbdf76ea3cb97b8ef1d372be5bd37c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
02ii-BuSJ0ZzDfYgzy51S5lSPG5iwHh8S_LzyB9L5RDEP5AIImRnXw==
elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js
js.stripe.com/v3/fingerprinted/js/ Frame 75A7 		52 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
413e38836dfb0157ba879c8ee095223bc38d8f9f6013c7180f6b7e2f1ac67dcd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:21:50 GMT
content-encoding
br
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3385
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Thu, 21 Dec 2023 18:13:40 GMT
server
Cloudfront
etag
W/"b5688a01127f6b7ade6e2a5679b5b032"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
j36fUKFwy5J_WD-YZ_JDaz8c5SO5YWQv7vtSz9u87EtcyegZNc1xyg==
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 75A7 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:45:59 GMT
content-encoding
gzip
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1529
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Tue, 19 Dec 2023 21:32:02 GMT
server
Cloudfront
etag
W/"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
ua8QJ-Y-RmzZGVpIXWGQl_DIShIF_Kt7sGi6yNfneqr1r9snCns_bQ==
elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
js.stripe.com/v3/fingerprinted/css/ Frame 75A7 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
33111c5d00b2e2e4e89f17402709ba30a1563e8c4d2fa93cf5756b44c7d1ee97
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:49:03 GMT
content-encoding
gzip
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1348
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Cloudfront
etag
W/"8385166c06e8d209fc459b542697c4fb"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
jtK_wZIsQIcYU4bxsI3sUa7lW7dg0tLOlGiKBpO8Y9rnWGB3s68tBg==
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame 5843 		531 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:38:33 GMT
content-encoding
br
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2001
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
W/"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
PIOabzLLMZWchlblEYMZR1-wdQXurf63FOGH2t8TgEl4nrWWXLL-sw==
ui-shared-897f16408e805d064314826d31faa4db.js
js.stripe.com/v3/fingerprinted/js/ Frame 5843 		404 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-897f16408e805d064314826d31faa4db.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:31:39 GMT
content-encoding
br
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2407
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Cloudfront
etag
W/"6ebbdf76ea3cb97b8ef1d372be5bd37c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
ieRTjEVRXSsB4xGPIXdw8k4jYT-tkKmdU1O5da5ucBUbNKBSQusK1A==
elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js
js.stripe.com/v3/fingerprinted/js/ Frame 5843 		52 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
413e38836dfb0157ba879c8ee095223bc38d8f9f6013c7180f6b7e2f1ac67dcd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:15:04 GMT
content-encoding
gzip
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3385
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Thu, 21 Dec 2023 18:13:40 GMT
server
Cloudfront
etag
W/"b5688a01127f6b7ade6e2a5679b5b032"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
HjdyplKS9Wn-Oy-T8QolMAdT0MfDya97aou7T6Yw-nQEYnVeKAgayw==
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 5843 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:49:49 GMT
content-encoding
gzip
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1529
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 08 Dec 2023 22:42:58 GMT
server
Cloudfront
etag
W/"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
9CzQB2u26ikhQeOvQyxstgLMSOge--wgP4-R4fBH3kGZ-og1Al3ohA==
elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
js.stripe.com/v3/fingerprinted/css/ Frame 5843 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
33111c5d00b2e2e4e89f17402709ba30a1563e8c4d2fa93cf5756b44c7d1ee97
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:49:49 GMT
content-encoding
br
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1348
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Mon, 18 Dec 2023 21:16:55 GMT
server
Cloudfront
etag
W/"8385166c06e8d209fc459b542697c4fb"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
BizyJwbrUCIAG3CGAk3WkZ_TSrGRsosrGr93KHU0eyCbESsuRk7seQ==
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame 6315 		531 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:38:33 GMT
content-encoding
br
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2001
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
W/"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
VG51uHT4G7ZpP1qruLwuOnG-MpfjGs7bhhQNbNAZfnI18KYsVA5A5w==
ui-shared-897f16408e805d064314826d31faa4db.js
js.stripe.com/v3/fingerprinted/js/ Frame 6315 		404 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-897f16408e805d064314826d31faa4db.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:31:39 GMT
content-encoding
br
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2407
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Cloudfront
etag
W/"6ebbdf76ea3cb97b8ef1d372be5bd37c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
GTOr4lPQTOvkbHwIp7lh9uIhf-eBQAszYQQihBlYKMWM83Gd00xyHw==
elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js
js.stripe.com/v3/fingerprinted/js/ Frame 6315 		52 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
413e38836dfb0157ba879c8ee095223bc38d8f9f6013c7180f6b7e2f1ac67dcd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:21:50 GMT
content-encoding
br
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3385
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Thu, 21 Dec 2023 18:13:40 GMT
server
Cloudfront
etag
W/"b5688a01127f6b7ade6e2a5679b5b032"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
y0qc30QWeU7ZFwamJAfFdY7JPYE2kRoVb4VA8QojRCErrWNbbQnkOQ==
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 6315 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:49:49 GMT
content-encoding
gzip
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1529
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 08 Dec 2023 22:42:58 GMT
server
Cloudfront
etag
W/"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
5DPTXuHKtHxBQVLaGnq6TS4Kpigs6jmtUdKyb1HiFFdJZZSt_zRFuQ==
elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
js.stripe.com/v3/fingerprinted/css/ Frame 6315 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
33111c5d00b2e2e4e89f17402709ba30a1563e8c4d2fa93cf5756b44c7d1ee97
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:49:49 GMT
content-encoding
br
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1348
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Mon, 18 Dec 2023 21:16:55 GMT
server
Cloudfront
etag
W/"8385166c06e8d209fc459b542697c4fb"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
R4RxwL_NLwI-b5bJg803O1i6xk2gbqvcznQCkqC4Ba2Oo2c-g7d8yg==
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame CAA8 		531 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:38:33 GMT
content-encoding
br
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2001
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
W/"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
wTsKQJBVVDiahv4IgwYpWERpSUACcUlJQH6TpxuUYv91bfvBIPAKTA==
ui-shared-897f16408e805d064314826d31faa4db.js
js.stripe.com/v3/fingerprinted/js/ Frame CAA8 		404 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-897f16408e805d064314826d31faa4db.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:31:39 GMT
content-encoding
br
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2407
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Cloudfront
etag
W/"6ebbdf76ea3cb97b8ef1d372be5bd37c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
QRMf_Fq4vTz44azL662zI_X7o4uVbHxAwte8VHvTgbRL8GmhJqoKgA==
elements-inner-au-bank-account-34c8ad6a1ca3f37a9e46b5abfb1b8555.js
js.stripe.com/v3/fingerprinted/js/ Frame CAA8 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-au-bank-account-34c8ad6a1ca3f37a9e46b5abfb1b8555.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
2d414e5f00e69a14d9e552014d9f932df7c40b618b2904726170fb689ef8fe87
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:09:14 GMT
content-encoding
gzip
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
203
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:14 GMT
server
Cloudfront
etag
W/"b80aa36d0aa050d116b6c701597397d9"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
QJTMVwkKBDGeBVPwqzkyomFO2JRL6yq3ogULqVRU93fdybJV_0qmqw==
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame CAA8 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:49:49 GMT
content-encoding
gzip
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1529
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 08 Dec 2023 22:42:58 GMT
server
Cloudfront
etag
W/"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
XEhElCJ-ZaIl2bHRxpiGmqE_tR7yYxfXU9lOf-BjdjyyvIllReobCg==
elements-inner-au-bank-account-e34451f632d458dc560a07f1f94a5e0a.css
js.stripe.com/v3/fingerprinted/css/ Frame CAA8 		764 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-au-bank-account-e34451f632d458dc560a07f1f94a5e0a.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6ec65ff8562887c03245269b73d1ebb60f6f619d9bad49c6ce2c956e7a0826f4
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:59:49 GMT
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
812
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
content-length
764
last-modified
Fri, 22 Dec 2023 21:08:03 GMT
server
Cloudfront
etag
"0507b76e911911910d0e35f2024dd5c6"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
YmqM7_JGJTfB6UllHGCbBDHx2pt0_u6o85-tTzzSeerW-aUrECSAvg==
shared-07463ca4fad8fb90811dcddd012256e9.js
js.stripe.com/v3/fingerprinted/js/ Frame 64F9 		531 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:38:33 GMT
content-encoding
br
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2002
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:16 GMT
server
Cloudfront
etag
W/"cc4990a44decc4d7380c63eabf6828f6"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
_orN3GNhPUPMOMPu3lLgWszmd0IOYIkRRMB2Row3YzMfezoLRajZrA==
ui-shared-897f16408e805d064314826d31faa4db.js
js.stripe.com/v3/fingerprinted/js/ Frame 64F9 		404 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-897f16408e805d064314826d31faa4db.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:31:39 GMT
content-encoding
br
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2408
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Cloudfront
etag
W/"6ebbdf76ea3cb97b8ef1d372be5bd37c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
-02F_Fg1571aZaL6qpslMFWP48XMDTa3ayjxcupFnirMDsTJTjXhGQ==
elements-inner-iban-4ac6a58186cbdc786747a784d558aba4.js
js.stripe.com/v3/fingerprinted/js/ Frame 64F9 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-iban-4ac6a58186cbdc786747a784d558aba4.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f16ade3e5da5d485764a1d4ca2aa3f94f757b785195b04d391de88680adf76ea
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:36:29 GMT
content-encoding
gzip
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2110
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Thu, 21 Dec 2023 18:13:40 GMT
server
Cloudfront
etag
W/"21b89b442b725a93ba30c1992c145c02"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
EThuddbK3rLHDXwUfwEq3ItfUmS7P55cPw9prfeCJr0uYlaLGPiQuw==
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 64F9 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:49:49 GMT
content-encoding
gzip
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1530
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 08 Dec 2023 22:42:58 GMT
server
Cloudfront
etag
W/"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
bWwZD2rC69UdSwyrjVpTGLNP59O7r3tOakEwwwPPyp9SMlyXUT6zKg==
elements-inner-iban-3e7da55d4a3877ba3c3a89df8f9b29bc.css
js.stripe.com/v3/fingerprinted/css/ Frame 64F9 		485 B
980 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-iban-3e7da55d4a3877ba3c3a89df8f9b29bc.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
1ded1815d04f8d9199091223c6862c3942b4cf3cca05a58370bc3b6ce271fe10
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:16:02 GMT
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
3346
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
content-length
485
last-modified
Mon, 18 Dec 2023 21:16:55 GMT
server
Cloudfront
etag
"f6ff2b5ca153d43c332b4e54c118e3d0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
_mkpuWutyPOAfx0pudRfIxPXiEaQguUMm6PW1DSUKfWo33LOlggWzw==
csp-report
q.stripe.com/ Frame 1C01 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204688368403
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204688367353
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 75A7 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204688368868
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204688367727
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 75A7 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204688368324
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204688367768
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 5843 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204688368061
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204688367800
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 5843 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204688368664
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204688367735
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 6315 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204688367944
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204688366945
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 6315 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204688368544
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204688367694
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame CAA8 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204688368148
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204688367376
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame CAA8 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204688367638
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204688367364
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 64F9 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204688367808
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204688367360
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 64F9 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204688368388
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204688367701
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
setuid
ib.adnxs.com/ Frame 37C9 		43 B
897 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-z_Yoh2sokbpoDhWN1s47nMisNlI5tGozmikjPg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
an-x-request-uuid
0d8c6284-d66d-4311-892a-104f9c9fe6af
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.10.205; 80.255.10.205; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
event
widget.us.criteo.com/ Frame 1426
Redirect Chain
  • https://sslwidget.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252...
  • https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252...
10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=ACR6VF82T0JQZ09XY1dOeFYlMkJDWkxYZ3NNYnBCNzAzUm53SldWbzN0NWZmSzFFbnRoamJRNmtBOXdldFpmZ3I4ZXBkS25Xb09lTHFyVEJ2UyUyRmZLbHB1NEVHUWxJMDQwc2hTU1Y1Yzl2UTRlbDZxdTNNNFdVZk1UeXdlZlM2ODhoWHQzTzNoYiUyRnpPcjZNZmtFMGZiSURKakVLam1FaUglMkZBVyUyRmRZSWtTNThWcmgyRzdBJTNE&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=8fb39542-db7e-4bce-bc14-d2e80b64c8ac&dtycbr=85177
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CI-FpZjxvoMDFeXJOwIdFhAAfQ;src=8832015;type=rt;cat=donforms;ord=5308541247179;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
a67c3aa938e6f25db643d460aaf6a5dc3ff328779658bf6c5cc010f126124287
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
20736595
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-origin
*
location
https://widget.us.criteo.com/event?a=81237&v=5.20.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fwww.marchofdimes.org&p1=e%3Dvp%26p%3D1&p2=e%3Dvb%26p%3D%255Bi%25253D1%252526pr%25253D0%252526q%25253D1%255D&p3=e%3Ddis&bundle=ACR6VF82T0JQZ09XY1dOeFYlMkJDWkxYZ3NNYnBCNzAzUm53SldWbzN0NWZmSzFFbnRoamJRNmtBOXdldFpmZ3I4ZXBkS25Xb09lTHFyVEJ2UyUyRmZLbHB1NEVHUWxJMDQwc2hTU1Y1Yzl2UTRlbDZxdTNNNFdVZk1UeXdlZlM2ODhoWHQzTzNoYiUyRnpPcjZNZmtFMGZiSURKakVLam1FaUglMkZBVyUyRmRZSWtTNThWcmgyRzdBJTNE&tld=8832015.fls.doubleclick.net&dy=1&fu=https%253A%252F%252Fwww.marchofdimes.org&pu=https%253A%252F%252Fwww.marchofdimes.org&ceid=8fb39542-db7e-4bce-bc14-d2e80b64c8ac&dtycbr=85177
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
6184072
timing-allow-origin
*
content-length
0
expires
0
rules-p-uyn8UnTsRXguL.js
rules.quantcount.com/ Frame 1426 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-uyn8UnTsRXguL.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:a400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d375fb8f67575a449606683fc8be339674f03ff2fee1c42e632564d0b207c3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:33:09 GMT
content-encoding
gzip
via
1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
age
2300
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 15:08:42 GMT
server
AmazonS3
etag
W/"b4a376a3ece8af98e7567e60db986dc9"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
ummhnYrrTzoC7Dl9b8eUfYqoOOnSeHXeoIWkmnSkjrM3VlgTI6yd3w==
syncframe
gum.criteo.com/ Frame 68F7 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.marchofdimes.org&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=81237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://8832015.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:11:27 GMT
server
Kestrel
server-processing-duration-in-ticks
675469
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
812396462484872
connect.facebook.net/signals/config/ Frame 1426 		134 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/812396462484872?v=2.9.138&r=stable&domain=www.marchofdimes.org
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d30717f2e8dc64c231e7f24843ca4ba6c9076d5e838b08e4d6efc0ee66b9f9c6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 14:11:28 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35834
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
6VhvV+6MOjR9SfD8hq09bKVy53aGg0D29v0hXnsZkIixNTCvYjUfGcGGJc7Uqojkz3/23ZIQ7AxyWdBbFKapMw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
.deploy_status_henson.json
js.stripe.com/v3/ Frame 1C01 		474 B
865 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:10:50 GMT
via
1.1 222ed61ce1f992de78327a3786f482e2.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
43
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
I9SdXFz1B4wxSF1INIC2F9bWdPNFdZid4eMWI0ZVyg-LVnCCTX8h4g==
.deploy_status_henson.json
js.stripe.com/v3/ Frame 1C01 		474 B
865 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:10:50 GMT
via
1.1 222ed61ce1f992de78327a3786f482e2.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
43
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
f3ILn_UvyeFlRIFJl2Kh1PiQVACMTSECDLLgiuiwVU4irPE-JIXSkQ==
/
px.ads.linkedin.com/wa/ 		0
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:11:27 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: BEC1A6FC1020435F83E7BD03C58464F0 Ref B: FRAEDGE1211 Ref C: 2024-01-02T14:11:28Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
access-control-allow-origin
https://www.marchofdimes.org
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYN9xMPvrH/nssJ4p4T2A==
sync
ups.analytics.yahoo.com/ups/58301/ Frame 37C9 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-F9ougWsokbpoDhWN1s47nMisNlKlOTYuJ6_OoA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
6
m.stripe.com/ Frame 7D33 		156 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.170.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-170-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4318838eb45024394c546f67d092c0f88119b8c2acfb46b470fb11c6fe8fa910
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204688567979
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1704204688567450
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
25042596.js
bat.bing.com/p/action/ Frame 1426 		0
119 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/25042596.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 02 Jan 2024 14:11:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DB49CB0CF74843E9B06EE6CB0D7BC4EE Ref B: FRA31EDGE0519 Ref C: 2024-01-02T14:11:28Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ Frame 1426 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=25042596&Ver=2&mid=57780dab-d1dd-4298-af5b-9924a1d82c48&sid=d1914600a97811eea0dfcf53c51d02ae&vid=d1914910a97811eea7381f491711b1c0&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.marchofdimes.org%2F&r=&lt=285&evt=pageLoad&ifm=1&sv=1&rn=317801
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CI-FpZjxvoMDFeXJOwIdFhAAfQ;src=8832015;type=rt;cat=donforms;ord=5308541247179;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 02 Jan 2024 14:11:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9CAA427213EF4A91A0819CB3E549368B Ref B: FRA31EDGE0519 Ref C: 2024-01-02T14:11:28Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 68F7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=8832015.fls.doubleclick.net&sn=ChromeSyncframe&so=2&topUrl=www.marchofdimes.org&bundle=ACR6VF82T0JQZ09XY1dOeFYlMkJDWkxYZ3NNYnBCNzAzUm53SldWbzN0N...
  • https://mug.criteo.com/sid?cpp=LRDcbnxscitGcWdhamNXdklFQzFVTkpyS3VndDBmb1AwMlJtM25GQ2pjSjVVa3FVbnZndVdsY1I0Mit4L0ppWmprb2gyZTIvK01rdFdYMHJDNDFQV1Z2aXFDck9YYng1blZJdkh5MmhFQXJheVAwbHU4dnVLSHRVM0E4eU...
452 B
671 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=LRDcbnxscitGcWdhamNXdklFQzFVTkpyS3VndDBmb1AwMlJtM25GQ2pjSjVVa3FVbnZndVdsY1I0Mit4L0ppWmprb2gyZTIvK01rdFdYMHJDNDFQV1Z2aXFDck9YYng1blZJdkh5MmhFQXJheVAwbHU4dnVLSHRVM0E4eUtyRlhoR29iTDF1NGVLTTcvYVMvdW9HaENmOHRUaU1ndERabjQ5a0grbzlzOEV6UHYvZktmaG1HajB0dzdiMG5OTU9TV2NFRkw3VHZia1o1cDlmZmdnZjBHaE1sd09OcUhLNGlKbDVXbGFEMXRHMUZRVEtNcXhwQnk0UWhKb3N4czVxVFIxUEFoRHFyTU54SGlaYzJUV1h1bko3T01QK2ZoQVRhV3l6VlNmYzNXeDZoOThJNlhoLzd1bVR6SXdURmdQMWdrQ3FKR0I1VXdkbjNhSThjR2xiVEI2V1liUGc9PXw&cppv=2
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CI-FpZjxvoMDFeXJOwIdFhAAfQ;src=8832015;type=rt;cat=donforms;ord=5308541247179;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
129e1478ac4eb092ca3622162a17ba4a510fc8945ab662c6f07152ffc3c07e9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
719952
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=LRDcbnxscitGcWdhamNXdklFQzFVTkpyS3VndDBmb1AwMlJtM25GQ2pjSjVVa3FVbnZndVdsY1I0Mit4L0ppWmprb2gyZTIvK01rdFdYMHJDNDFQV1Z2aXFDck9YYng1blZJdkh5MmhFQXJheVAwbHU4dnVLSHRVM0E4eUtyRlhoR29iTDF1NGVLTTcvYVMvdW9HaENmOHRUaU1ndERabjQ5a0grbzlzOEV6UHYvZktmaG1HajB0dzdiMG5OTU9TV2NFRkw3VHZia1o1cDlmZmdnZjBHaE1sd09OcUhLNGlKbDVXbGFEMXRHMUZRVEtNcXhwQnk0UWhKb3N4czVxVFIxUEFoRHFyTU54SGlaYzJUV1h1bko3T01QK2ZoQVRhV3l6VlNmYzNXeDZoOThJNlhoLzd1bVR6SXdURmdQMWdrQ3FKR0I1VXdkbjNhSThjR2xiVEI2V1liUGc9PXw&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
264906
content-length
0
expires
0
6
m.stripe.com/ Frame C4BE 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.170.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-170-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
5bbb6b4bb0a2cfca768bac0a161f7b8429fe16c31ffef29e1ef9fbf4737a4263
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204688617388
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
3
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1704204688616920
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
pixel;r=320308084;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCI-FpZjxvoMDFeXJOwIdFhAAfQ%3Bsrc%3D8832015%3Btype%3Drt%...
pixel.quantserve.com/ Frame 1426 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=320308084;labels=_fp.channel.marchofdimes;rf=0;a=p-uyn8UnTsRXguL;url=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCI-FpZjxvoMDFeXJOwIdFhAAfQ%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Ddonforms%3Bord%3D5308541247179%3Bauiddc%3D114022055.1704204687%3Bgtm%3D45He3bt0v894218235%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fdonate-now%253Fform%253Ddonatenow%2526srcCode%253DGGGEOYEM2312CMR00130001%2526utm_medium%253Demail%2526utm_source%253Dmandr%2526utm_campaign%253D2023eoy%2526utm_content%253Dem-nat-mandr-2023eoy-2023-12-30-email-7%2526mkto%253Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%2526mkt_tok%253DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks%3F;ref=https%3A%2F%2Fwww.marchofdimes.org%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=0;fpa=P0-1332374161-1704204687221;pbc=;ns=1;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;d=8832015.fls.doubleclick.net;dst=1;et=1704204688119;tzo=-60;ogl=;ses=8df094f9-97a3-48ff-a3db-88273119516c;mdl=
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CI-FpZjxvoMDFeXJOwIdFhAAfQ;src=8832015;type=rt;cat=donforms;ord=5308541247179;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
.deploy_status_henson.json
js.stripe.com/v3/ Frame 75A7 		474 B
865 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:10:50 GMT
via
1.1 222ed61ce1f992de78327a3786f482e2.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
43
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
MdH1DS-ZD5HZqGauiVqSmeAJVvKqlLH5Rg8GGEjYEjsaWLSphDMjLg==
.deploy_status_henson.json
js.stripe.com/v3/ Frame 5843 		474 B
865 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:10:50 GMT
via
1.1 222ed61ce1f992de78327a3786f482e2.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
43
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
OoPE9rFIVkY5BRB0l7LEo4xO4S_mLdeAPmWOUF9VsP4ANBEKhETWJg==
.deploy_status_henson.json
js.stripe.com/v3/ Frame 6315 		474 B
865 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:10:50 GMT
via
1.1 222ed61ce1f992de78327a3786f482e2.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
43
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
NbohTnEKCae-wdCH4IMKBQe-xh9JPXzG7JOl5SCGKsDFGImfd_1Lbg==
.deploy_status_henson.json
js.stripe.com/v3/ Frame CAA8 		474 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:10:50 GMT
via
1.1 222ed61ce1f992de78327a3786f482e2.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
43
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
nzn5ij1y8L3KRuUehQcustS7DtTDUjj_V9wFXWNDexzm2gfTHWk0WQ==
banks-059715db431d46d5564d03a4d03a508a.json
js.stripe.com/v3/fingerprinted/data/ Frame CAA8 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/data/banks-059715db431d46d5564d03a4d03a508a.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3eeaf7446956d4f52db0d9d320988723bec23129315a8daedf665bab334d6b21
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-au-bank-account-5d9a311984498e026b1badc5a52d6bcb.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 13:47:49 GMT
content-encoding
br
via
1.1 222ed61ce1f992de78327a3786f482e2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1421
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
last-modified
Fri, 22 Dec 2023 21:08:04 GMT
server
Cloudfront
etag
W/"059715db431d46d5564d03a4d03a508a"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
DU1S89VB8wBXFqYlXAk3C4tsgNSMOCy2HbrU9dW73qxiP-WnpqsBhg==
.deploy_status_henson.json
js.stripe.com/v3/ Frame 64F9 		474 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-iban-a59168b21e202d878ed59c4fbe9405b6.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:10:50 GMT
via
1.1 222ed61ce1f992de78327a3786f482e2.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
43
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
tMeIQz7Wywi7J5PG_Tsor7WwdgU2ZInzq3MUfumYFIZfnzFa8_lYlw==
/
www.facebook.com/tr/ Frame 1426 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=812396462484872&ev=PageView&dl=https%3A%2F%2F8832015.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCI-FpZjxvoMDFeXJOwIdFhAAfQ%3Bsrc%3D8832015%3Btype%3Drt%3Bcat%3Ddonforms%3Bord%3D5308541247179%3Bauiddc%3D114022055.1704204687%3Bgtm%3D45He3bt0v894218235%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.marchofdimes.org%252Fdonate-now%253Fform%253Ddonatenow%2526srcCode%253DGGGEOYEM2312CMR00130001%2526utm_medium%253Demail%2526utm_source%253Dmandr%2526utm_campaign%253D2023eoy%2526utm_content%253Dem-nat-mandr-2023eoy-2023-12-30-email-7%2526mkto%253Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%2526mkt_tok%253DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks%3F&rl=https%3A%2F%2Fwww.marchofdimes.org%2F&if=true&ts=1704204688258&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&ler=other&it=1704204688048&coo=false&rqm=GET
Requested by
Host: 8832015.fls.doubleclick.net
URL: https://8832015.fls.doubleclick.net/activityi;dc_pre=CI-FpZjxvoMDFeXJOwIdFhAAfQ;src=8832015;type=rt;cat=donforms;ord=5308541247179;auiddc=114022055.1704204687;gtm=45He3bt0v894218235;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 02 Jan 2024 14:11:28 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
sa.css
tags.srv.stackadapt.com/ Frame 1426 		65 B
203 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d3b64adf949a01915c03bae247c1cbdd6f188e488e4fd7fdc349942b2a691fd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:11:28 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
65
content-type
text/css
sa.jpeg
tags.srv.stackadapt.com/ Frame 1426 		0
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:11:28 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
content-type
image/jpeg
usermatch.gif
beacon.krxd.net/ Frame 37C9
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=LsZ9HDFLCZYwSuelc2MIstQ6fEYXiPmX
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=LsZ9HDFLCZYwSuelc2MIstQ6fEYXiPmX
Protocol
H2
Server
18.203.91.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-91-219.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
beacon-n021-dub-prod.krxd.net
date
Tue, 02 Jan 2024 14:11:28 GMT
cache-control
private, no-cache, no-store
x-request-time
D=35 t=1704204688
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=LsZ9HDFLCZYwSuelc2MIstQ6fEYXiPmX
date
Tue, 02 Jan 2024 14:11:28 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
747656
content-length
0
b
r.stripe.com/ Frame 1C01 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:28 GMT
x-stripe-server-envoy-start-time-us
1704204688543305
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204688542756
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 1C01 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:28 GMT
x-stripe-server-envoy-start-time-us
1704204688368025
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204688367629
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 1C01 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:28 GMT
x-stripe-server-envoy-start-time-us
1704204688543446
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
11
x-stripe-client-envoy-start-time-us
1704204688542788
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 1C01 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:28 GMT
x-stripe-server-envoy-start-time-us
1704204688543839
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204688543579
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 1C01 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:28 GMT
x-stripe-server-envoy-start-time-us
1704204688544215
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1704204688543616
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 1C01 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:28 GMT
x-stripe-server-envoy-start-time-us
1704204688544197
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204688543673
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 1C01 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:28 GMT
x-stripe-server-envoy-start-time-us
1704204688544293
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204688543759
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 1C01 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:28 GMT
x-stripe-server-envoy-start-time-us
1704204688543910
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204688543744
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 1C01 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:28 GMT
x-stripe-server-envoy-start-time-us
1704204688544041
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204688543759
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 1C01 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:28 GMT
x-stripe-server-envoy-start-time-us
1704204688544323
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1704204688543795
access-control-allow-credentials
true
content-length
0
tb
fndrsp-checkout.net/ 		2 B
271 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fndrsp-checkout.net/tb
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyTmeiXnYG5%2BRK1ryuxgN7NoTvwBR7TkuhmankOiqC6GUuswSL2RAqwYioCu61RKvtizf0dWoVXwGFYg%2BKIe9sQ13L8ad5l6Cijdt8sAHEqpWLaxJPTNEYlN8Qb5SOE%2F8bTwUK8R"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.marchofdimes.org
access-control-allow-credentials
true
cf-ray
83f397665846f16c-CDG
alt-svc
h3=":443"; ma=86400
token
api.fundraiseup.com/paymentSession/2739638084348341472/googlePay/ 		244 B
799 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.fundraiseup.com/paymentSession/2739638084348341472/googlePay/token?merchantOrigin=www.marchofdimes.org
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5804841d90c0f85380c5dda93b210f0953b5980d3bb50142e4699eb407933b8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' fundraiseup.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain; charset=utf-8

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
content-security-policy
frame-ancestors 'self' fundraiseup.com
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400
x-response-time
74ms
pragma
no-cache
server
cloudflare
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.marchofdimes.org
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7fq1F9knB%2BPKIyNWYjcWirD18MC%2FMeuuziWLRC3ucqw3vHLNSFCDCsvPDMlZ%2BgsZQ7OnNCj%2B9%2BkNowt4f5V6rJmjYFtjRPbb5o0PmsDm%2Bf6dz5DixzLaRQIGFXo6PakSPlN5Ig%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
83f397666f76382e-FRA
expires
0
b
r.stripe.com/ Frame 1C01 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:28 GMT
x-stripe-server-envoy-start-time-us
1704204688544542
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204688543861
access-control-allow-credentials
true
content-length
0
wallet-config
merchant-ui-api.stripe.com/elements/ Frame 1C01 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://merchant-ui-api.stripe.com/elements/wallet-config
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.137.150.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
08c5e96a8e271db496f7bed735af2247208e493497d60f21c5c5ce17b3590f56
Security Headers
Name Value
Content-Security-Policy report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
content-security-policy
report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security
max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy
same-site
content-length
2470
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
access-control-max-age
300
access-control-allow-methods
GET, POST
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://js.stripe.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
access-control-allow-headers
x-stripe-csrf-token
cross-origin-opener-policy-report-only
same-origin; report-to=https://q.stripe.com/coop-report
expires
0
b
r.stripe.com/ Frame 1C01 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:28 GMT
x-stripe-server-envoy-start-time-us
1704204688547400
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204688547151
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 1C01 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:28 GMT
x-stripe-server-envoy-start-time-us
1704204688547482
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1704204688547263
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 1C01 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:28 GMT
x-stripe-server-envoy-start-time-us
1704204688547478
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204688547354
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 1C01 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:28 GMT
x-stripe-server-envoy-start-time-us
1704204688547923
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
6
x-stripe-client-envoy-start-time-us
1704204688547343
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 1C01 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:28 GMT
x-stripe-server-envoy-start-time-us
1704204688547714
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204688547423
access-control-allow-credentials
true
content-length
0
put
e1.emxdgt.com/ Frame 666B 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d53&uid=k-zla0nGsokbpoDhWN1s47nMisNlKFFcsug5SyMw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.128.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-128-62.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
server
awselb/2.0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 666B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-CUAZdmsokbpoDhWN1s47nMisNlLpHT0P-A00nw&google_cm&google_hm=ay1DVUFaZG1zb2ticG9EaFdOMXM0N25NaXNObExwSFQwU...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-CUAZdmsokbpoDhWN1s47nMisNlLpHT0P-A00nw&google_gid=CAESENxuF5P5-I2I1aBOWqI-pms&google_cver=1&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-CUAZdmsokbpoDhWN1s47nMisNlLpHT0P-A00nw&google_gid=CAESENxuF5P5-I2I1aBOWqI-pms&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
590011
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-CUAZdmsokbpoDhWN1s47nMisNlLpHT0P-A00nw&google_gid=CAESENxuF5P5-I2I1aBOWqI-pms&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 666B 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-RCmL2msokbpoDhWN1s47nMisNlJNh-NWQnEXhg&expires=30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.179.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-179-1.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 666B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7996175290072234627
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7996175290072234627
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1074500
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
an-x-request-uuid
3dd11ae0-5292-493f-ae0d-e772cbded1c8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7996175290072234627
x-proxy-origin
80.255.10.205; 80.255.10.205; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 666B 		57 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-X8yrA2sokbpoDhWN1s47nMisNlIxIKEM8Zffsw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 14:11:28 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 14:11:28 GMT
tap.php
pixel.rubiconproject.com/ Frame 666B 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-w5VKUWsokbpoDhWN1s47nMisNlKsL5sICFvO9Q&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
0c26bf0e0878be6b26493f33577d6373
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
rtb-csync.smartadserver.com/redir/ Frame 666B 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-P58te2sokbpoDhWN1s47nMisNlKj_dfwLZM0tw
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.106 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 666B 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-3QdwNWsokbpoDhWN1s47nMisNlJ0eqmseCBI1Q
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13058
um
criteo-sync.teads.tv/ Frame 666B 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k--R6NUmsokbpoDhWN1s47nMisNlIpru3baula1A
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Tue, 02 Jan 2024 14:11:28 GMT
pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 666B 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-bxOUs2sokbpoDhWN1s47nMisNlLSrYEV1LChOA&dongle=013b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame 666B 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-F9ougWsokbpoDhWN1s47nMisNlKlOTYuJ6_OoA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cksync.php
hb.yahoo.net/ Frame 666B 		56 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync.php?cs=1&type=58301&ovsid=k-F9ougWsokbpoDhWN1s47nMisNlKlOTYuJ6_OoA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.22.242.105 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-22-242-105.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 02 Jan 2024 14:11:28 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
56
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 14:11:28 GMT
pixel
cm.adform.net/ Frame 666B 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-z4OQgWsokbpoDhWN1s47nMisNlKQrzdZ0IJq9Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
last-modified
Thu, 11 May 2023 07:59:59 GMT
server
nginx
accept-ranges
bytes
etag
"645ca07f-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame 666B 		49 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-4c4MsGsokbpoDhWN1s47nMisNlI2t8lc9t3tRg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.37.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-37-51.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
7
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
rum
r.casalemedia.com/ Frame 666B 		43 B
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-yq2_AmsokbpoDhWN1s47nMisNlJDda5rvTozsA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2g1InYX3ANPlYnoL0puIt5q0uTACFPp8ncJIWK5bk43UPmLcsPfYlOsmUMl4nlvn7SjNHRAsGwydhlDzdKUFmX5BFv%2B7vh4pNWndArZaQYBwg4l8wfpD83vOhqD0dVenE5f%2B"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83f39766afd64d70-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0
ibs:dpid=28645&dpuuid=dji49Ygo67EtAcOjOxMggMiRaV6gX3iD
dpm.demdex.net/ Frame 666B
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=dji49Ygo67EtAcOjOxMggMiRaV6gX3iD
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=dji49Ygo67EtAcOjOxMggMiRaV6gX3iD
Protocol
H2
Server
54.76.70.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-70-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v054-0fcaa6a4f.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
gBLzYKDlS48=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=dji49Ygo67EtAcOjOxMggMiRaV6gX3iD
date
Tue, 02 Jan 2024 14:11:27 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
782941
content-length
0
9.gif
id5-sync.com/s/966/ Frame 666B 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-D82ZUWsokbpoDhWN1s47nMisNlJo5lzOJNKY8A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 02 Jan 2024 14:11:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
match
ad.360yield.com/ Frame 666B 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-sTiWaWsokbpoDhWN1s47nMisNlLrvvUDrA2fjw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.208.161.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-161-54.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:11:28 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame 666B 		42 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-QSmGtGsokbpoDhWN1s47nMisNlIbNphPpoA-WA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame 666B 		0
877 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-y21mIWsokbpoDhWN1s47nMisNlKknoQm3Mdaqw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.116.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-116-41.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
1017
jadserve.postrelease.com/suid/ Frame 666B 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-uON24WsokbpoDhWN1s47nMisNlJjqdQT2DblkQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.251.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-251-250.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 666B 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-ma-O-msokbpoDhWN1s47nMisNlJkhzRxWcZKvQ&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 14:11:28 GMT
Cache-Control
no-cache
X-TraceId
8062e4d0ca6bb685add1e4e1458e311c
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 666B 		0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-GgAh4GsokbpoDhWN1s47nMisNlJwSCUOLT3WVA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:11:28 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
v1
match.sharethrough.com/sync/ Frame 666B 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-kb1c_msokbpoDhWN1s47nMisNlI_ELLWf47hzQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.3.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-3-175.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
sync
criteo-partners.tremorhub.com/ Frame 666B 		43 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-yobhPmsokbpoDhWN1s47nMisNlIkJ4i__vd7aQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4280:67cf:789f:f482:a995 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Tue, 02 Jan 2024 14:11:28 GMT
server
nginx
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame 666B 		43 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-8mOPqGsokbpoDhWN1s47nMisNlLJxpUOXzKC9A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.29
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 02 Jan 2024 14:11:28 GMT
server
Apache
x-powered-by
PHP/7.3.29
content-length
43
content-type
image/gif
m
ad.yieldlab.net/ Frame 666B 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-BMmC_2sokbpoDhWN1s47nMisNlLwQUlwGIxSSw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.43.61.193 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-43-61-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 14:11:28 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Mon, 01 Jan 2024 14:11:28 GMT
.deploy_status_henson.json
js.stripe.com/v3/ Frame 75A7 		474 B
863 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:10:50 GMT
via
1.1 222ed61ce1f992de78327a3786f482e2.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
43
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
kMGKbecAkWagGLVPiSePuLnvtsnJ3fh0gk45ke8cpBi143XT9xh2Kw==
b
r.stripe.com/ Frame 1C01 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:28 GMT
x-stripe-server-envoy-start-time-us
1704204688547750
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204688547411
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 1C01 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:28 GMT
x-stripe-server-envoy-start-time-us
1704204688547776
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204688547424
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 1C01 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:28 GMT
x-stripe-server-envoy-start-time-us
1704204688547708
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1704204688547454
access-control-allow-credentials
true
content-length
0
pptm.js
www.paypal.com/tagmanager/ Frame 1779 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.marchofdimes.org&t=xo&v=5.0.416&source=payments_sdk&mrid=QC6F4C27ZTBFE&client_id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&disableSetCookie=true&vault=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&merchant-id=QC6F4C27ZTBFE&currency=USD&disable-funding=venmo&locale=en_US&intent=tokenize&vault=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5b17a420163b181948e21b8a69880c8f8098f369084006bfa920b62194ff3c81
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-pCgVJZe6x60Pu5oN1W2d6fUEFCC5C5Ayvc3mcueBMcsm12pQ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-pCgVJZe6x60Pu5oN1W2d6fUEFCC5C5Ayvc3mcueBMcsm12pQ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 14:11:28 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
63432
x-cache
HIT, MISS
paypal-debug-id
f5696235c4423
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4778
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220069-FRA, cache-fra-etou8220069-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f5696235c4423-a4a84418f06c25b8-01
x-timer
S1704204688.440917,VS0,VE6
etag
W/"3673-CDYthXayTPHyhbZkx+ebL7PTxgs"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
1, 0
b
r.stripe.com/ Frame 1C01 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:28 GMT
x-stripe-server-envoy-start-time-us
1704204688547887
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204688547586
access-control-allow-credentials
true
content-length
0
sync
ups.analytics.yahoo.com/ups/58301/ Frame 666B 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-F9ougWsokbpoDhWN1s47nMisNlKlOTYuJ6_OoA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
b
r.stripe.com/ Frame 75A7 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:28 GMT
x-stripe-server-envoy-start-time-us
1704204688719028
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204688718843
access-control-allow-credentials
true
content-length
0
saq_pxl
tags.srv.stackadapt.com/ Frame 1426 		116 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=zFWBFWbS14YYtkU1aQYdUw&is_js=true&landing_url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks%3F&t=&tip=NvqA-VhRDieyx3PWOmcsPylgAWSD5OUxlmc5tGNEWHQ&host=https%3A%2F%2F8832015.fls.doubleclick.net&sa_conv_data_css_value=%270-0f71840c-5471-5da1-5f3a-09412cad5991%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd90f71840c54715da15f3a09412cad599150ff0acd&sa-user-id-v3=s%253AAQAKIE5XVrVva16qb5ECRMugLQu3wpQWh_1U3ub5MZSOorisEHwYBCCPs9CsBjABOgT90vuTQgQYcqyB.yyzJHwH8KZTtqLT6Tc05jn80OrufDTXT9X4d%252FLoRYJM&sa-user-id-v2=s%253AD3GEDFRxXaFfOglBLK1ZkVD_Cs0.iPSNVofU1q21OJQoU7GlH%252FZ7h0qTQcGXsBsAiW66ukw&sa-user-id=s%253A0-0f71840c-5471-5da1-5f3a-09412cad5991.KoRVNwZj4f75qyycvc%252Fc8UCM2HsiAjTlAaX5VDW%252Bn58
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.153.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-153-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ae4ad442fdfac1ade543efd816459a6dfba4aeb6583e6e8cc17aee1dfacb65d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8832015.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://8832015.fls.doubleclick.net
date
Tue, 02 Jan 2024 14:11:28 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
116
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
setuid
ib.adnxs.com/ Frame 666B 		43 B
897 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-z_Yoh2sokbpoDhWN1s47nMisNlI5tGozmikjPg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
an-x-request-uuid
49644465-4470-4116-9c97-5e3d840bee44
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.10.205; 80.255.10.205; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
muse.js
www.paypalobjects.com/muse/ Frame 1779 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=www.marchofdimes.org&t=xo&v=5.0.416&source=payments_sdk&mrid=QC6F4C27ZTBFE&client_id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&disableSetCookie=true&vault=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CA9) /
Resource Hash
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
7d1e382a2bb48
dc
ccg11-origin-www-1.paypal.com
content-length
16488
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
server
ECAcc (frc/4CA9)
traceparent
00-00000000000000000007d1e382a2bb48-25405d1f8922f231-01
etag
"64f25363-daa8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Tue, 02 Jan 2024 15:11:28 GMT
ts
t.paypal.com/ Frame 1779 		42 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AQC6F4C27ZTBFE-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AQC6F4C27ZTBFE-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=427565ab-c1a8-42ab-b84a-a768c3a498ca&fltp=analytics&mrid=QC6F4C27ZTBFE&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Donation%20Widget&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1704204688467&g=-60&completeurl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&ru=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&disableSetCookie=true
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 02 Jan 2024 14:11:28 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
2c571800cbbde
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220036-FRA
pragma
no-cache
correlation-id
2c571800cbbde
traceparent
00-00000000000000000002c571800cbbde-a06370a0c09cee59-01
x-timer
S1704204689.504405,VS0,VE187
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jan 2024 14:11:28 GMT
usermatch.gif
beacon.krxd.net/ Frame 666B
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=aWgxH0djSU9lSFQKAxsIMi0kFz2ovC8f
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=aWgxH0djSU9lSFQKAxsIMi0kFz2ovC8f
Protocol
H2
Server
18.203.91.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-91-219.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
beacon-n017-dub-prod.krxd.net
date
Tue, 02 Jan 2024 14:11:28 GMT
cache-control
private, no-cache, no-store
x-request-time
D=29 t=1704204688
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=aWgxH0djSU9lSFQKAxsIMi0kFz2ovC8f
date
Tue, 02 Jan 2024 14:11:27 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
702714
content-length
0
logger
www.paypal.com/xoplatform/logger/api/ Frame 1779 		1019 B
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=Afbm69ig8nMRLmZKS-QoONq7qIHPqlpYJ1l3vyxE_la-UZPU_eEkKH2HRpHFkl7SNJ8a_eKvDkcT9-My&merchant-id=QC6F4C27ZTBFE&currency=USD&disable-funding=venmo&locale=en_US&intent=tokenize&vault=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6291bff86b4cebbf479469740ad6eddd6a0805819b1ae7abc59b5ce3e728a4b9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS
paypal-debug-id
f49609298c459
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-fra-etou8220089-FRA, cache-fra-etou8220089-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f49609298c459-3ed4d28fca66bbdd-01
x-timer
S1704204689.734606,VS0,VE214
etag
W/"3fb-Y7HOSUTagsFDexAyUIO99kISkCk"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.marchofdimes.org
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.marchofdimes.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.marchofdimes.org
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
0
date
Tue, 02 Jan 2024 14:11:28 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f496092f9d836
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f496092f9d836-aaa4d42a823b8f7b-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-fra-etou8220089-FRA, cache-fra-etou8220089-FRA
x-timer
S1704204689.504693,VS0,VE188
unip
trc-events.taboola.com/1335104/log/3/ 		0
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1335104/log/3/unip?en=pre_d_eng_tb&tos=1600&scd=0&ssd=1&est=1704204686920&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1704204688519&vi=1704204686916&ri=898b8dac43c281f945591b54a909dfe6&sd=v2_508e34525b007f6eb26603631ad11c2e_d74b794b-8d69-45e9-932f-9e3f2508d7af-tuctc8d9f0e_1704204686_1704204686_CIi3jgYQwL5RGMSsj9TMMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABol9TM2v-Z45zBAXAB&ui=d74b794b-8d69-45e9-932f-9e3f2508d7af-tuctc8d9f0e&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&cv=20231231-4-RELEASE&item-url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&ler=other&cbp=OneTrust&cbpv=1&cbcd=%2CC0003%2CC0001%2CC0002%2CC0004%2C
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://www.marchofdimes.org
pragma
no-cache
date
Tue, 02 Jan 2024 14:11:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
index.html
www.paypalobjects.com/muse/analytics/ Frame 11A4 		55 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBF) /
Resource Hash
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
16892
content-type
text/html
date
Tue, 02 Jan 2024 14:11:28 GMT
dc
ccg11-origin-www-1.paypal.com
etag
"64f25363-dacc"
expires
Tue, 02 Jan 2024 15:11:28 GMT
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id
a9d0e994b63b4
server
ECAcc (frc/4CBF)
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-0000000000000000000a9d0e994b63b4-d17ea793c2da6d87-01
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
noop.js
www.paypalobjects.com/muse/ Frame 11A4 		18 B
211 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/noop.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (daa/7D25) /
Resource Hash
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypalobjects.com/muse/analytics/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
paypal-debug-id
de84390678a86
dc
ccg11-origin-www-1.paypal.com
content-length
18
last-modified
Sat, 13 Feb 2021 00:26:56 GMT
server
ECAcc (daa/7D25)
traceparent
00-0000000000000000000de84390678a86-e74642cf898efe98-01
etag
"60271cd0-12"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Tue, 02 Jan 2024 14:11:27 GMT
ts
t.paypal.com/ Frame 1779 		42 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AQC6F4C27ZTBFE-1&page=muse%3Aoffer%3A%3A%3AQC6F4C27ZTBFE-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=427565ab-c1a8-42ab-b84a-a768c3a498ca&es=visitorInfoFlowStarted&mrid=QC6F4C27ZTBFE&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Donation%20Widget&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1704204688552&g=-60&completeurl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&disableSetCookie=true
Requested by
Host: www.marchofdimes.org
URL: https://www.marchofdimes.org/donate-now?form=donatenow&srcCode=GGGEOYEM2312CMR00130001&utm_medium=email&utm_source=mandr&utm_campaign=2023eoy&utm_content=em-nat-mandr-2023eoy-2023-12-30-email-7&mkto=em-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001&mkt_tok=ODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 02 Jan 2024 14:11:28 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
2476fa53eba22
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220036-FRA
pragma
no-cache
correlation-id
2476fa53eba22
traceparent
00-00000000000000000002476fa53eba22-fd7f734772118e64-01
x-timer
S1704204689.554507,VS0,VE147
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jan 2024 14:11:28 GMT
pay.js
pay.google.com/gp/p/js/ 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f29af0f45d2483d7b111bf75d2962e7d0a14ef3214068e7d334c09c4620379d3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-taQXuGyDiR0zwXbQLKZ7eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-taQXuGyDiR0zwXbQLKZ7eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Tue, 02 Jan 2024 14:11:28 GMT
6
m.stripe.com/ Frame 7D33 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.170.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-170-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4318838eb45024394c546f67d092c0f88119b8c2acfb46b470fb11c6fe8fa910
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204688759348
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
9
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1704204688759013
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
6
m.stripe.com/ Frame 7D33 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.170.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-170-160.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4318838eb45024394c546f67d092c0f88119b8c2acfb46b470fb11c6fe8fa910
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204688809849
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
3
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1704204688809532
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
graphql
www.paypal.com/targeting/ Frame 11A4 		435 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql?disableSetCookie=true
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9b2d31ec99d54862297525180751bb36e6f115ba25bec9ecb76a203f7af62cb9
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-Rl4emBq19dglbiXZzTOH7NuxjaZHL1SgHzQJ7Ds5lNZUed0s' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
disable-set-cookie
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-Rl4emBq19dglbiXZzTOH7NuxjaZHL1SgHzQJ7Ds5lNZUed0s' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 02 Jan 2024 14:11:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f496092e66bf9
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220069-FRA, cache-fra-etou8220069-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f496092e66bf9-c942ee765e0818a7-01
x-timer
S1704204689.948320,VS0,VE247
etag
W/"1b3-ErdU2rFUGt5AmajGp8Cbd218BdU"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
graphql
www.paypal.com/targeting/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,disable-set-cookie
Access-Control-Request-Method
POST
Origin
https://www.paypalobjects.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,disable-set-cookie
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Tue, 02 Jan 2024 14:11:28 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f496092ecadbe
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f496092ecadbe-5bc3f15f2db53f34-01
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-served-by
cache-fra-etou8220089-FRA, cache-fra-etou8220089-FRA
x-timer
S1704204689.737396,VS0,VE201
b
r.stripe.com/ Frame 1C01 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:28 GMT
x-stripe-server-envoy-start-time-us
1704204688831715
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204688831566
access-control-allow-credentials
true
content-length
0
hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
js.stripe.com/v3/ Frame 04B3 		70 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
06a1918709ba854bcfe97ef585a6cd91c56671b6d23c7ee5ed5177ad97e67243
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; script-src 'self' 'sha256-CBu0w5uiOaPgb2R6Zgf7E0+STJHF4lcPIdhZzQXE6yk='; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
54
cache-control
max-age=60
content-encoding
br
content-security-policy
base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; script-src 'self' 'sha256-CBu0w5uiOaPgb2R6Zgf7E0+STJHF4lcPIdhZzQXE6yk='; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; script-src 'self'; style-src 'self'; worker-src https://newassets.hcaptcha.com; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:10:51 GMT
etag
W/"078b5f9fb44d244a9ec072f93a216630"
last-modified
Fri, 22 Dec 2023 21:08:17 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
x-amz-cf-id
qk6rS1d2c4uxEzeUPI0TT_0mc2MdWzoWwn7gXx1aOFKblG3UE-Rvgw==
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
b
r.stripe.com/ Frame 1C01 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:28 GMT
x-stripe-server-envoy-start-time-us
1704204688839337
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
6
x-stripe-client-envoy-start-time-us
1704204688839172
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 1C01 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:28 GMT
x-stripe-server-envoy-start-time-us
1704204688839933
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204688839798
access-control-allow-credentials
true
content-length
0
csp-report
q.stripe.com/ Frame 04B3 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204688859309
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204688858998
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 04B3 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204688860098
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204688859801
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 04B3 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204688860196
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1704204688859826
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
.deploy_status_henson.json
js.stripe.com/v3/ Frame 04B3 		474 B
863 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:10:50 GMT
via
1.1 222ed61ce1f992de78327a3786f482e2.cloudfront.net (CloudFront)
last-modified
Fri, 22 Dec 2023 21:47:19 GMT
server
Cloudfront
age
43
x-amz-cf-pop
DUS51-P4
etag
"bfcbcb1c52cb90f9deaffee5559683d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
Oz-jCgpYqXQ41_-ice3g2wu73tMiUjqrqWh1baTCQ8W7GYPaOF1WHg==
HCaptchaInvisible.html
b.stripecdn.com/stripethirdparty-srv/assets/v20.0/ Frame 4637 		419 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=56f27d96-86d7-4d27-aad1-3948b1fb89c3&origin=https%3A%2F%2Fjs.stripe.com
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.194.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-194-34.mxp53.r.cloudfront.net
Software
Cloudfront /
Resource Hash
368dd7da190a6dab28436caf13245f59879fdb08fb07f4bf0b9e5f6b6e4fe7d2
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; connect-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://*.hcaptcha.com; img-src 'self'; script-src 'self' https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' https://hcaptcha.com https://*.hcaptcha.com; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
20
cache-control
max-age=60
content-length
419
content-security-policy
base-uri 'self'; connect-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://*.hcaptcha.com; img-src 'self'; script-src 'self' https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' https://hcaptcha.com https://*.hcaptcha.com; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 14:11:16 GMT
etag
"f2595495e2e037e4030e4508b2132de6"
last-modified
Wed, 20 Dec 2023 10:13:46 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding,Origin
via
1.1 adef7e196300f0ab5286a44dbbcbc5a6.cloudfront.net (CloudFront)
x-amz-cf-id
IjqVEB0RHFpChgbT5wCxY029tVGWYe9Zl3uvt6Cg9KyWvjU9Anc7Uw==
x-amz-cf-pop
MXP53-P2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
payframe
pay.google.com/gp/p/ui/ Frame 3A0F 		19 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.marchofdimes.org&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5efa3bc0f4b333ed0f824ef6cdee0c844740ee61fee686fbb6a6d54b43b1d872
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-0ls4z4GWKNAaT9CsXJ_ITw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marchofdimes.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-0ls4z4GWKNAaT9CsXJ_ITw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Tue, 02 Jan 2024 14:11:28 GMT
expires
Tue, 02 Jan 2024 14:11:28 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
api.js
hcaptcha.com/1/ Frame 4637 		326 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit
Requested by
Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=56f27d96-86d7-4d27-aad1-3948b1fb89c3&origin=https%3A%2F%2Fjs.stripe.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b.stripecdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
hseit97.H306pA6BIbqxKZ.3ehwcD0gP
age
0
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Dec 2023 14:33:57 GMT
server
cloudflare
etag
W/"e80b1a7098d3b9624a08a3ac7a13046f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
cf-ray
83f39769acbc18e9-FRA
x-amz-cf-id
scoUCrxhj-rkhJvmkid5KTmv4PtKxskVJfMDtW3_4rBi-V-IbtgYBg==
vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~1c9fb8cc.4ccf3f5b466328f5ff42.bundle.js
b.stripecdn.com/stripethirdparty-srv/assets/v20.0/ Frame 4637 		114 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~1c9fb8cc.4ccf3f5b466328f5ff42.bundle.js
Requested by
Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=56f27d96-86d7-4d27-aad1-3948b1fb89c3&origin=https%3A%2F%2Fjs.stripe.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.194.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-194-34.mxp53.r.cloudfront.net
Software
Cloudfront /
Resource Hash
301850f8ca8b8c106497210d9d78aa7b4e1339f42f01aebff119f7f633984966
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=56f27d96-86d7-4d27-aad1-3948b1fb89c3&origin=https%3A%2F%2Fjs.stripe.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 13:42:44 GMT
via
1.1 adef7e196300f0ab5286a44dbbcbc5a6.cloudfront.net (CloudFront)
age
1760
x-amz-cf-pop
MXP53-P2
x-cache
Hit from cloudfront
last-modified
Wed, 20 Dec 2023 10:13:46 GMT
server
Cloudfront
etag
W/"bee965892c4aac937bcf9539ea1cdb95"
vary
Accept-Encoding,Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=31536000, public
timing-allow-origin
*
x-amz-cf-id
cAFL63DcB0hc962AQJWdK4bAFx4mHMm24VqludlKG2UvR46PAjmutg==
HCaptchaInvisible.ae63b51d892d21e8f568.bundle.js
b.stripecdn.com/stripethirdparty-srv/assets/v20.0/ Frame 4637 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.ae63b51d892d21e8f568.bundle.js
Requested by
Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=56f27d96-86d7-4d27-aad1-3948b1fb89c3&origin=https%3A%2F%2Fjs.stripe.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.194.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-194-34.mxp53.r.cloudfront.net
Software
Cloudfront /
Resource Hash
5ab11304d671d352bac6554d49fffd0f81d7ed1bced6bdf9c021e6e0fa538494
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=56f27d96-86d7-4d27-aad1-3948b1fb89c3&origin=https%3A%2F%2Fjs.stripe.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 13:28:35 GMT
via
1.1 adef7e196300f0ab5286a44dbbcbc5a6.cloudfront.net (CloudFront)
age
2615
x-amz-cf-pop
MXP53-P2
x-cache
Hit from cloudfront
last-modified
Wed, 20 Dec 2023 10:13:46 GMT
server
Cloudfront
etag
W/"b8e83aaf649bb3940fb65537c506c37a"
vary
Accept-Encoding,Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=31536000, public
timing-allow-origin
*
x-amz-cf-id
gbBydATS-896iGUZ4TE3jL-GhdVLJXdRqDZmBa8oumHyQYaJMT_1nA==
csp-report
q.stripe.com/ Frame 4637 		0
490 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://b.stripecdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:11:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1704204688962544
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1704204688962192
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/3b797c3/static/ Frame 0105 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=1jjqwie2bp9
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8ff37bcd275d0863f672f5e6a9578a6e6f04219a1cd63e67445de071105121f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://b.stripecdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
625460
alt-svc
h3=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
83f3976a0d2518e9-FRA
content-encoding
br
content-type
text/html
cross-origin-embedder-policy
credentialless
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:11:28 GMT
last-modified
Wed, 20 Dec 2023 14:33:57 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 42feecb57a2a4d3ece0a33f7c279b80a.cloudfront.net (CloudFront)
x-amz-cf-id
gFBQaEfvG_7VF04Ua0xzyrA9izzVjLGL0WSvH-ig_Gp4k_xQw4N4CQ==
x-amz-cf-pop
CDG50-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
zqmRvj.5H3xz3glqyfc6p0MpeMIvCHe2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
b
r.stripe.com/ Frame 1C01 		0
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:29 GMT
x-stripe-server-envoy-start-time-us
1704204689054616
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204689054120
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame DF30 		0
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:29 GMT
x-stripe-server-envoy-start-time-us
1704204689055000
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1704204689054513
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame DF30 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:29 GMT
x-stripe-server-envoy-start-time-us
1704204689073174
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204689072727
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame D160 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:29 GMT
x-stripe-server-envoy-start-time-us
1704204689073374
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204689072768
access-control-allow-credentials
true
content-length
0
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/3b797c3/ Frame 0105 		326 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=1jjqwie2bp9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=1jjqwie2bp9
Origin
https://newassets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 42feecb57a2a4d3ece0a33f7c279b80a.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
hseit97.H306pA6BIbqxKZ.3ehwcD0gP
age
625519
x-amz-cf-pop
CDG50-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Dec 2023 14:33:57 GMT
server
cloudflare
etag
W/"e80b1a7098d3b9624a08a3ac7a13046f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
cf-ray
83f3976a2d4b18e9-FRA
x-amz-cf-id
FytbI4qW4_5lSTO7R24BAH_A0P3Cg9OqqXt0Id7bZkQWLZDP61bhPw==
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 3A0F 		159 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.marchofdimes.org&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
732b65d05835e912a6f475e5ed7a1f964b3a1bbf780291aac50685c5e0933e18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:27:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
593046
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57423
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 13:07:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Dec 2024 17:27:23 GMT
checksiteconfig
api2.hcaptcha.com/ Frame 0105 		719 B
997 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.hcaptcha.com/checksiteconfig?v=3b797c3&host=b.stripecdn.com&sitekey=463b917e-e264-403f-ad34-34af0ee10294&sc=1&swa=1&spst=1
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efb04a38f78418a2c257c76e71828e504b0649042b149255265fa4958f06fac8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://newassets.hcaptcha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 02 Jan 2024 14:11:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
access-control-allow-credentials
true
cf-ray
83f3976a9dd818e9-FRA
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
alt-svc
h3=":443"; ma=86400
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 3A0F 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: go.marchofdimes.org
URL: http://go.marchofdimes.org/dc/J3TYVLcd5GqFilcTDUV7CFcmH8yaNxcWsqnGRzobGPvl6l-7MgD3KQMRmswUbl2Id2TB5bM8DijcT82TsifHdEQxRzadOp1SQpFr2U7jx1kZ1XnE_GrNNfcfX7d7kn2RGRqZxDl8ee84bVmFmk9OkEdFU5S2ONIO5Nz83GC_3bxr0Ff382zfRlmN6V0XWR-VTtzS6v7AdJS8XzgKB-ZRYlBcQW2otv6oySoVATOFZptFdgxKdfyjNBAQh2TghA0Vj5JWxYL1JyKnZtPqYFK76lik0KouGgamvpV_mv4TKJyKaLJBFZaD21twL0Wjx1xXSbSHDWnjyP5_dWhWib28SV5IrPnEefz0T7JpEk3YYOZOvK6R57KwLDQJURlVgCkl1gr2aH9MQwBfpc0vQfiG1Q==/ODY3LVBLUi01NzEAAAGQWm4DJ5cVhbbztQhssgV0T7VGvB012xTvxo2ghxw9c8cfzsMT-G1kJStLXuHX3IgvPcSVFZM=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 02 Jan 2024 14:11:29 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1608
content-type
text/html; charset=UTF-8
hsw.js
newassets.hcaptcha.com/c/2458d9b/ Frame 0105 		499 KB
217 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/c/2458d9b/hsw.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0c067d3512326ee1d73cce9dccbb1bb59c24b279df3ea650ddf80578182bda6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=1jjqwie2bp9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
1JhSB37kavMYpA6c5WxU_Q.zUc_dI7mQ
age
173181
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:59:11 GMT
server
cloudflare
etag
W/"9d671418ff661c7370b4e3530ac92335"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
83f3976ad9c871dc-FRA
x-amz-cf-id
jATgL_hTRvPqUKAVwZOZbWuikyKCE69V94E4jbh6QOv9XJj69REobw==
m=Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame 3A0F 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4df36e15df2960947ccc39a9e1e22e3656b0855b5c48af6b773a4d86dfd4dcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 18:01:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
591020
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27264
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 05:55:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Dec 2024 18:01:09 GMT
pay
pay.google.com/gp/p/ui/ Frame 3A0F 		1 MB
376 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4013:c04::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
09ab13e20bec7cdc1c631d01d7c45cf417165466ff70d109792e77ea06be651b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EED0yLmSVmtn26fJJa4m8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:11:29 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-EED0yLmSVmtn26fJJa4m8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Tue, 02 Jan 2024 14:11:29 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame 3A0F 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3d47ae3412cfab8873f856540401242f2da0e37077c0839b5e33925d36183e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 18:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
591019
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3732
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 05:55:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Dec 2024 18:01:10 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame 3A0F 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02d8f5e03704768aa366ab03f03808f1e9ea6a7b18e2006febe0fb5b7e036a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 18:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
591019
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14260
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 05:55:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Dec 2024 18:01:10 GMT
log
play.google.com/ Frame 3A0F 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:11:29 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:11:29 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 02 Jan 2024 14:11:29 GMT
expires
Tue, 02 Jan 2024 14:11:29 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 3A0F 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:11:29 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:11:29 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 02 Jan 2024 14:11:29 GMT
expires
Tue, 02 Jan 2024 14:11:29 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 3A0F 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:11:29 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:11:29 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 02 Jan 2024 14:11:29 GMT
expires
Tue, 02 Jan 2024 14:11:29 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 3A0F 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:11:29 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:11:29 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 02 Jan 2024 14:11:29 GMT
expires
Tue, 02 Jan 2024 14:11:29 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 3A0F 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:11:29 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:11:29 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 02 Jan 2024 14:11:29 GMT
expires
Tue, 02 Jan 2024 14:11:29 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 3A0F 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:11:29 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 14:11:29 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 02 Jan 2024 14:11:29 GMT
expires
Tue, 02 Jan 2024 14:11:29 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
463b917e-e264-403f-ad34-34af0ee10294
api.hcaptcha.com/getcaptcha/ Frame 0105 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hcaptcha.com/getcaptcha/463b917e-e264-403f-ad34-34af0ee10294
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f262ca654fb4059bbc2413ffb56f738d9a26b0c377f3d88aee07957e972e773
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://newassets.hcaptcha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jan 2024 14:11:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
access-control-allow-credentials
true
cf-ray
83f3976c880318e9-FRA
alt-svc
h3=":443"; ma=86400
tb
fndrsp-checkout.net/ 		2 B
488 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fndrsp-checkout.net/tb
Requested by
Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AJPYNTWD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.marchofdimes.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 14:11:29 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QSBQMDrLCL%2FrFUJ3rI4ZYlk3gNp3iNrMsHd5v95FZrK82dDj9XgTm7QYFRFlyjiZBFilV9Q01DuWJVfbiKiOwDIuF3YKgmDnRVAcqlhqRYpkhMBekav6sQSt2XBMVCnhDf3BjV79"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.marchofdimes.org
access-control-allow-credentials
true
cf-ray
83f3976c9b8537ea-FRA
alt-svc
h3=":443"; ma=86400
b
r.stripe.com/ Frame 75A7 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:29 GMT
x-stripe-server-envoy-start-time-us
1704204689558950
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1704204689558691
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 1C01 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Tue, 02 Jan 2024 14:11:30 GMT
x-stripe-server-envoy-start-time-us
1704204690646291
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1704204690646005
access-control-allow-credentials
true
content-length
0
unip
trc-events.taboola.com/1335104/log/3/ 		0
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1335104/log/3/unip?en=pre_d_eng_tb&tos=4601&scd=0&ssd=1&est=1704204686920&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1704204691521&vi=1704204686916&ri=898b8dac43c281f945591b54a909dfe6&sd=v2_508e34525b007f6eb26603631ad11c2e_d74b794b-8d69-45e9-932f-9e3f2508d7af-tuctc8d9f0e_1704204686_1704204686_CIi3jgYQwL5RGMSsj9TMMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABol9TM2v-Z45zBAXAB&ui=d74b794b-8d69-45e9-932f-9e3f2508d7af-tuctc8d9f0e&ref=http%3A%2F%2Fgo.marchofdimes.org%2F&cv=20231231-4-RELEASE&item-url=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&ler=other&cbp=OneTrust&cbpv=1&cbcd=%2CC0003%2CC0001%2CC0002%2CC0004%2C
Requested by
Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/4537.6416dff170ad2bc44ace.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://www.marchofdimes.org
pragma
no-cache
date
Tue, 02 Jan 2024 14:11:31 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0DRBVSJJB1&gtm=45je3bt0v894839724z8894218235&_p=1704204686776&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=790461794.1704204687&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1704204686&sct=1&seg=0&dl=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&dr=http%3A%2F%2Fgo.marchofdimes.org%2F&dt=Donate%20Now%20%7C%20March%20of%20Dimes&en=Fundraise%20Up%20Checkout%20Open&ep.CampaignID=FUNHQNAJCAL&ep.CampaignCode=GGGGENWB2200CG0012G6DNW&ep.CampaignName=Default%20Donate%20Now&ep.IsLivemode=true&_et=744&tfd=7365
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0DRBVSJJB1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 14:11:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.marchofdimes.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
js.stripe.com/v3/fingerprinted/js/ 		176 B
678 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:11:57 GMT
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
3586
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
content-length
176
last-modified
Thu, 21 Dec 2023 18:13:43 GMT
server
Cloudfront
etag
"96f5b26d366f47393b3ff36fe7471474"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
elKBLBisQq8d7XUq5JrwxpmSol31H9oPfu0KwrybeR4YWlClQ1UxIQ==
trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
js.stripe.com/v3/fingerprinted/js/ Frame 1779 		176 B
679 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.63.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-63-14.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marchofdimes.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:11:57 GMT
via
1.1 d80c34bef63175e408b52241ca38d75e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
3587
x-amz-cf-pop
DUS51-P4
x-cache
Hit from cloudfront
content-length
176
last-modified
Thu, 21 Dec 2023 18:13:43 GMT
server
Cloudfront
etag
"96f5b26d366f47393b3ff36fe7471474"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
EBkB1IkXmtP5kOrPeSKexztdoppZFBLUlWGNCV0QFcTfYASHXOH_Cw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
global.ib-ibi.com
URL
https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=2724977328310641832

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| documentPictureInPicture object| __cfQR object| __cfBeacon object| OneTrustStub function| OptanonWrapper function| FundraiseUp object| drupalSettings object| Drupal object| webpackChunkgesso object| Donation5Reminder function| formatCurrency function| format2 function| checkEditCalculationPageExists object| gsapVersions boolean| __cfRLUnblockHandlers object| dataLayer string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| __tfa_pixel_init object| _tfa string| _linkedin_data_partner_id object| _qevents function| obApi function| fbq function| _fbq object| resonateAnalytics number| randomNumber object| scriptTag object| insertionNode string| conversionTag string| TiktokAnalyticsObject object| ttq object| _adftrack object| Optanon object| OneTrust object| gaplugins object| gaGlobal object| gaData function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError function| onYouTubeIframeAPIReady function| ttd_dom_ready function| TTDUniversalPixelApi function| gtag function| lintrk boolean| _already_called_lintrk function| quantserve function| __qc object| ezt object| _qoptions function| UET function| UET_init function| UET_push function| apiObj object| ueto_1c92ebb16e object| uetq function| clsn object| dicnf object| google_js_reporting_queue number| google_srt function| btrp function| pdib3 function| vv function| sasrc function| stcc object| google_optimize function| AdelphicUniversalPixel object| Adform object| KJUR object| adf object| funEmbed object| FUN_SERVICE_CONTAINER object| FUN object| FUN_ELEMENT_KEYS boolean| FUN_IS_MALFORMED_ENV object| GooglebQhCsO function| __trcWarn function| omrhp object| webpackChunk_fundraiseup_checkout object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| funElementsApi function| setImmediate function| clearImmediate object| __SENTRY__ object| webpackChunkStripeJSouter function| noop function| Stripe object| ORIBILI object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchantIdsHashedValueListForGpayButtonVariant string| dynamicGpayButtonVariant object| google

106 Cookies

Domain/Path Name / Value
.taboola.com/truenorth-marchofdimes-sc/ Name: taboola_session_id
Value: v2_508e34525b007f6eb26603631ad11c2e_d74b794b-8d69-45e9-932f-9e3f2508d7af-tuctc8d9f0e_1704204686_1704204686_CIi3jgYQwL5RGMSsj9TMMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABol9TM2v-Z45zBAXAB
.marchofdimes.org/ Name: _gcl_au
Value: 1.1.114022055.1704204687
.marchofdimes.org/ Name: _gid
Value: GA1.2.340942534.1704204687
.marchofdimes.org/ Name: _gat_UA-219864-60
Value: 1
.marchofdimes.org/ Name: _ga
Value: GA1.1.790461794.1704204687
.taboola.com/ Name: t_gid
Value: d74b794b-8d69-45e9-932f-9e3f2508d7af-tuctc8d9f0e
.taboola.com/ Name: t_pt_gid
Value: d74b794b-8d69-45e9-932f-9e3f2508d7af-tuctc8d9f0e
.doubleclick.net/ Name: APC
Value: AfxxVi5q7S9reTGdGPqvhSmtT1KK8pDQcKaUpEu0tHQ6g5nHbNAePg
.www.marchofdimes.org/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Tue+Jan+02+2024+15%3A11%3A27+GMT%2B0100+(Central+European+Standard+Time)&version=202309.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=ff0f96d3-b8bc-473b-b74b-7137126c4590&interactionCount=0&landingPath=https%3A%2F%2Fwww.marchofdimes.org%2Fdonate-now%3Fform%3Ddonatenow%26srcCode%3DGGGEOYEM2312CMR00130001%26utm_medium%3Demail%26utm_source%3Dmandr%26utm_campaign%3D2023eoy%26utm_content%3Dem-nat-mandr-2023eoy-2023-12-30-email-7%26mkto%3Dem-nat-mandr-2023eoy-2023-12-30-email-7-SRCGGGEOYEM2312CMR00130001%26mkt_tok%3DODY3LVBLUi01NzEAAAGQWm4DJ3AudS1_XtD8Ull0pVlWVcuBsUa7FbR6EvHpZaH7wkQuGCRFhdAzsgbL6yCaNbjuOa2XJEdS5IybS1oWKzwU7lApjNzMmigqvZp09Ks&groups=C0003%3A1%2CC0001%3A1%2CC0002%3A1%2CC0004%3A1
.tiktok.com/ Name: _ttp
Value: 2aP00xgnYDkiHqW6jSyQ6buvXNy
.doubleclick.net/ Name: IDE
Value: AHWqTUk24rqoI33PZHau97R4o8Ez9TifVsRuf_9fnZ91yCj8AEwa0T4BkageghyO4n0
.marchofdimes.org/ Name: _uetsid
Value: d17b6e40a97811eeb199278edd27f0c3
.marchofdimes.org/ Name: _uetvid
Value: d17b98e0a97811ee8f46b92db87573ec
.bing.com/ Name: MUID
Value: 282C6D7646876B5205887E8C470C6A7E
.marchofdimes.org/ Name: fundraiseup_stat
Value:
.marchofdimes.org/ Name: fundraiseup_cid
Value: 17042046871407430130
.acuityplatform.com/ Name: auid
Value: 871902448362
.adnxs.com/ Name: uuid2
Value: 7996175290072234627
.marchofdimes.org/ Name: _fbp
Value: fb.1.1704204687188.33031171
.quantserve.com/ Name: mc
Value: 6594198f-32d12-5e13b-99bb8
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-0f71840c-5471-5da1-5f3a-09412cad5991.KoRVNwZj4f75qyycvc%2Fc8UCM2HsiAjTlAaX5VDW%2Bn58
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-0f71840c-5471-5da1-5f3a-09412cad5991.KoRVNwZj4f75qyycvc%2Fc8UCM2HsiAjTlAaX5VDW%2Bn58
tags.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AD3GEDFRxXaFfOglBLK1ZkVD_Cs0.iPSNVofU1q21OJQoU7GlH%2FZ7h0qTQcGXsBsAiW66ukw
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AD3GEDFRxXaFfOglBLK1ZkVD_Cs0.iPSNVofU1q21OJQoU7GlH%2FZ7h0qTQcGXsBsAiW66ukw
tags.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIE5XVrVva16qb5ECRMugLQu3wpQWh_1U3ub5MZSOorisEHwYBCCPs9CsBjABOgT90vuTQgQYcqyB.yyzJHwH8KZTtqLT6Tc05jn80OrufDTXT9X4d%2FLoRYJM
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIE5XVrVva16qb5ECRMugLQu3wpQWh_1U3ub5MZSOorisEHwYBCCPs9CsBjABOgT90vuTQgQYcqyB.yyzJHwH8KZTtqLT6Tc05jn80OrufDTXT9X4d%2FLoRYJM
.marchofdimes.org/ Name: __qca
Value: P0-894884628-1704204687032
.marchofdimes.org/ Name: _tt_enable_cookie
Value: 1
.marchofdimes.org/ Name: _ttp
Value: reqx59xj6bAgw46-z8rs3yEB63h
.bing.com/ Name: MSPTC
Value: EKxNj9qSVty4pxYchZZ56iGlRpHzUlQEbdAVeGybOQ0
.criteo.com/ Name: uid
Value: c932262c-cc12-4fc9-9e43-29d20e2c6c4e
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.linkedin.com/ Name: lidc
Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2911:u=1:x=1:i=1704204687:t=1704291087:v=2:sig=AQH9c2PWwAXa0WEYtl5ssmLAOfvUp79f"
.marchofdimes.org/ Name: fundraiseup_func
Value: {%22t%22:%22.marchofdimes.org%22%2C%22s%22:%221704204687148%22%2C%22sp%22:1%2C%22x%22:%2210%22}
www.marchofdimes.org/ Name: dicbo_id
Value: %7B%22dicbo_fetch%22%3A1704204687448%7D
.adform.net/ Name: C
Value: 1
.adform.net/ Name: receive-cookie-deprecation
Value: 1
.ipredictive.com/ Name: cu
Value: 3209d35c-ac8f-4c6c-8f2f-cde128d1807b|1704204687429
.linkedin.com/ Name: li_sugr
Value: f7e9198c-0c72-4bf5-a1f6-adca5b559f83
.linkedin.com/ Name: UserMatchHistory
Value: AQLnRE1oxYESoAAAAYzKg9hRJlu-B9tKU8fxPXnNvoCeTnMkgpgz4x4hOpQekcfWBRlXDjd0EXHaLQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIZhd83zO1eXQAAAYzKg9hRd7v5-U12zhgcM8e5RfzRQmVlEH5x_TFdSS5jURQRQw0cQp0x6wBCMaUFH50Ztw
.linkedin.com/ Name: bcookie
Value: "v=2&ae7f6e18-0b0e-4a87-8fcd-6255361557cf"
.adform.net/ Name: uid
Value: 2724977328310641832
.adform.net/ Name: CM
Value: 1|1
.marchofdimes.org/ Name: _ga_0DRBVSJJB1
Value: GS1.1.1704204686.1.0.1704204687.0.0.0
.www.linkedin.com/ Name: bscookie
Value: "v=1&20240102141127320efe24-6427-456c-827f-eb72b03648feAQEq9zOkd1G0M2kz8XlwzCsGLIKsKHCD"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDQyMDQ2ODc7MjswMjH67VnSQuBAM68MEq08QBfG5dmrphcDiaRUbUzsIGCEjA==
.adform.net/ Name: CM14
Value: 1704291087_1704204687_1_Hu7u4e4e4R7u4e4REREeEREREQ
.seadform.net/ Name: uid
Value: 2724977328310641832
.eyeota.net/ Name: SERVERID
Value: 19131~DM
.casalemedia.com/ Name: CMID
Value: ZZQZjzIVk-UjVQujLH7AvgAA
.casalemedia.com/ Name: CMPS
Value: 5205
.casalemedia.com/ Name: CMPRO
Value: 5205
.ads.stickyadstv.com/ Name: uid-bp-617
Value: 2724977328310641832
.ads.stickyadstv.com/ Name: UID
Value: 722bff63646998c385bd8e744d2c8b20
.semasio.net/ Name: SEUNCY
Value: 90FD1818EA957114
.adnxs.com/ Name: anj
Value: dTM7k!M40<D>6NRF']wIg2C')ks/aY!]taP8i_imf$9G=A^A/0J!HBpJ+ym=%^+S.4H@.eDoCV*gssx<<QJ<:IJdX]IK<yP@qMWpF/HFLF1#KXb7CXq+(Ec2pT<c-vwR)pUJU-_ocw.?#k+R#NIVEOPlZ[C[-kX-Dvr<R
cm.adsafety.net/ Name: UID
Value: CM12024010214394491a1ae6daf765b8
.adsafety.net/ Name: cm_uid
Value: CM12024010214394491a1ae6daf765b8
.exelator.com/ Name: EE
Value: "9cf65aed7e1acb63f7095fa01c96ebfd"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcEyOc3MNDE1xTzVMDE5ycw4zdzA0jQt0cAw2dIsNSktZXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIYEl%252BUWb6IhfXxUUpaQyLSopPBR9LdQIA9Yoq9g%253D%253D"
ads.smartstream.tv/ Name: DID
Value: ba9ef564baa8b3d03846c0ca42f3cdf2
ads.smartstream.tv/ Name: idt
Value: 100
ads.smartstream.tv/ Name: permanent
Value: 1
ads.smartstream.tv/ Name: cm_uid
Value: CM12024010214394491a1ae6daf765b8
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%22d21698d0-a978-11ee-b5a9-c783bea5410c%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22d21698d0-a978-11ee-b5a9-c783bea5410c%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%22d21698d0-a978-11ee-b5a9-c783bea5410c%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22d21698d0-a978-11ee-b5a9-c783bea5410c%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-y21mIWsokbpoDhWN1s47nMisNlKknoQm3Mdaqw%22%2C%22version%22%3A%22criteo%22%7D
cm.adsafety.net/ Name: permanent
Value: 1
.krxd.net/ Name: _kuid_
Value: QAwLB0TM
.adfarm1.adition.com/ Name: UserID1
Value: 7319503400653617298
.w55c.net/ Name: wfivefivec
Value: qnZ3zQLp1RkFuo5
.dpm.demdex.net/ Name: dpm
Value: 84171717485314219782125166298051699755
.demdex.net/ Name: demdex
Value: 84171717485314219782125166298051699755
.media.net/ Name: visitor-id
Value: 3472062889172504000V10
.media.net/ Name: data-c-ts
Value: 1704204688
.media.net/ Name: data-c
Value: k-X8yrA2sokbpoDhWN1s47nMisNlIxIKEM8Zffsw~~3
.w55c.net/ Name: matchadform
Value: 5
.weborama.fr/ Name: AFFICHE_W
Value: vOtM83M5fVa852
.omnitagjs.com/ Name: ayl_visitor
Value: a4c88a9f284f5559057a775c25fab3a7
tags.adsafety.net/ Name: UID
Value: ba9ef564baa8b3d03846c0ca42f3cdf2
tags.adsafety.net/ Name: DID
Value: ba9ef564baa8b3d03846c0ca42f3cdf2
tags.adsafety.net/ Name: IDT
Value: 100
tags.adsafety.net/ Name: cookie_ver
Value: 2
tags.adsafety.net/ Name: block_reset
Value: 1
.adsafety.net/ Name: ct_uid
Value: ba9ef564baa8b3d03846c0ca42f3cdf2
.adsafety.net/ Name: ct_did
Value: ba9ef564baa8b3d03846c0ca42f3cdf2
.adsafety.net/ Name: ct_idt
Value: 100
.agkn.com/ Name: ab
Value: 0001%3ARZqlYG7J7Noc%2BArLSJi5%2Fdjwor8nK4tL
.audrte.com/ Name: arcki2
Value: bc5X-GcG4DATViX6xJIQbW-iQ!20220908!1704204688208!ip#80.255.10.205
.audrte.com/ Name: arcki2_adform
Value: 2724977328310641832!20220908!1704204688208
.bluekai.com/ Name: bku
Value: aG/99J9jksUN/MyS
.bluekai.com/ Name: bkpa
Value: KJy9/Qe5d02pSUHknp1p1p90wtkAwE/l1Mx8Bpzp1MQp1E9tBeWT1p/e9JtkYez=
cm.adsafety.net/ Name: cache0
Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaMndMTmhiODJnR1VIeWFCbzE0TTVpTFgrRGhnZmRjcGVmbUdDeG1Fanp6bU1sd1NJOWhTb1UyUnFrRXhnL3JWN1ZaRWN3SGZ3b01ZSkZ2NHJUQmFWUjAvRlV6VWhWWE0xUVhvTG1GdU1TcWdtOW00YlFKWGVOQmdQRWhpdW94NGtqRUdBdEhHNDFxRXUvblprdlBTQ0Ruc2lOcGZSb1gvZkhwejFDT24yTm1FQ01aV3R2SVNZYmZmZ21sTjYyUmJNSFEyZE9URG9DdXNzckhYSUtPZ08ycnRYcndMdmZ6Y2VGdzdqcGJGOUtJdjR3ODR4d3ZpN1hQdEtyVTd2cWpFaWpiMFRnN3FXSkNDTFFjVkNmaEpIck5xNGpOb3pVS2V4ZS9xZ0gwK1hBMHVHUzc0OXpHY1Z2b1Z5d1I1RzVzbFpZODZPL1dsU1l3YmJjN01YV2ExUGJkb3RYQ0Ewb1pBVUU0bVpObEdCY1ZyalllU2VvN1NlczdJV1BEK3hVQTVhNmRvRkxvV2xPWVJWR0x1Wk9LNDVaTkJqdXR6bVgybWl3Qnl3SmZXSjIyQUtvUkRBZkRiSzdvSDhZR0ZIV3F0TWpyenZqSkg4ZUJJVlU0TmFsTXhDNjdtMGl4cmJyR29IWnJEMkdLUEtsdHZsNjNBUzI1YndPYjRqOXJScUFKRmNZdFlkbDNzcDRSeXRXTGZCc3FBelkrZFhLVjcwSEt5Q3NkaHJ4dkx3dE5YTktMcFY4c0VhRENIYm40V2d1S09pTkdNVHl0Nkk4cUtTNktMT3JmQXRCeXhSdW15NExJUEpOL3RJaE1wNmRQaFR2eWVwaXJ4ZGFGMlVxSE9tSlZuY2w3R0xQUTNxUS9hQzRXa2NMS2NHNHBVYkw0VkdhdDl3aDMySG1FR0psODZXQXZseDBiQlYyOXVIaWRaVDJXUXI1TzlYelkzT2Rxek5XUXVnOURrR1BaamU5NlN1TlAwOTdtTC9tQWtyaWVFdTlFR2s4RnBoc0JWQ1pJQ1JWRDFkR1BQQjBYZHp5N3RzamlwM3QyK2lnNFQyRnNKT2tETXhBU2M1V0Z0N1NDT0xTVFAxYmd3bjl6QW0vS21ZSW1nYUE9PQ%3D%3D
.audrte.com/ Name: arcki2_ddp2
Value: bc5X-GcG4DATViX6xJIQbW-iQ!20220908!1704204688270
.postrelease.com/ Name: opt_out
Value: 1
.tremorhub.com/ Name: tvid
Value: 32011a5f0a534371bff03880b9703481
.tremorhub.com/ Name: tv_UICR
Value: k-yobhPmsokbpoDhWN1s47nMisNlIkJ4i__vd7aQ
.www.marchofdimes.org/ Name: __stripe_mid
Value: 9d29fbc1-3019-4808-bd6d-58968006a78822b236
.www.marchofdimes.org/ Name: __stripe_sid
Value: 1b79c3d2-b420-46a7-b834-0f03263e3239a83375
.google.com/ Name: NID
Value: 511=sktWWCPe6nQqg3dxjLxMQYLFvkr8kHL0QGjqCv4YR0bJsheOHFJOi17pkyNjdWKXrG3am0wZ-eW2SeTe6nMCOiNiO0lR5g4casHlQgoFt36SiKEt_69WOl4X9K9uRRnlVvS23V9aEJslFnicsqmGBbeoGYb7oVN_qjlUwSJVv14
m.stripe.com/ Name: m
Value: 57977297-0dc4-4784-94eb-5ff0dbed2d7513060b
api2.hcaptcha.com/ Name: __cflb
Value: 0H28vk2VKwPbLoawFj9mU2fhedYxxWRCoeFGVF7t1eM
api.hcaptcha.com/ Name: hmt_id
Value: 8ce23351-5c15-4089-bada-91bb1b3830e1

17 Console Messages

Source Level URL
Text
javascript warning URL: https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=51266557178?
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.doubleclick.net/ddm/adj/N9539.197812NSO.CODESRV/B21591273.227039140;sz=1x2;ord=51266557178?(Line 142)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
other warning URL: https://static.fundraiseup.com/checkout.677091bbeb21f0afc5db.js
Message:
Allow attribute will take precedence over 'allowpaymentrequest'.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network error URL: https://idsync.rlcdn.com/398366.gif?partner_uid=2724977328310641832
Message:
Failed to load resource: the server responded with a status of 451 ()
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network error URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2724977328310641832/gdpr=/gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=2724977328310641832
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
security error URL: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html#debugMode=false&parentOrigin=https%3A%2F%2Fwww.marchofdimes.org(Line 2)
Message:
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-CBu0w5uiOaPgb2R6Zgf7E0+STJHF4lcPIdhZzQXE6yk='), or a nonce ('nonce-...') is required to enable inline execution.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-fLVGG6k8d/y7h3bSNyDZC/HAziMZDIlTIx/ddcAdC7A=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8832015.fls.doubleclick.net
a.audrte.com
a.twiago.com
a1.seadform.net
a2.adform.net
aa.agkn.com
ad.360yield.com
ad.doubleclick.net
ad.ipredictive.com
ad.yieldlab.net
ads.smartstream.tv
ads.stickyadstv.com
adservice.google.com
amplify.outbrain.com
analytics.tiktok.com
api.adrtx.net
api.fundraiseup.com
api.hcaptcha.com
api2.hcaptcha.com
b.stripecdn.com
bat.bing.com
beacon.krxd.net
c1.adform.net
cdn.cookielaw.org
cdn.fundraiseup.com
cdn.resonate.com
cdn.taboola.com
cds.taboola.com
cm.adform.net
cm.adsafety.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dynamic.criteo.com
e.acuityplatform.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
exchange.mediavine.com
fndrsp-checkout.net
fndrsp.net
fonts.googleapis.com
give.marchofdimes.org
global.ib-ibi.com
go.marchofdimes.org
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
hcaptcha.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
insight.adsrvr.org
jadserve.postrelease.com
js.adsrvr.org
js.ipredictive.com
js.stripe.com
load77.exelator.com
loadm.exelator.com
m.stripe.com
m.stripe.network
match.adsrvr.org
match.contentexchange.me
match.sharethrough.com
matching.ivitrack.com
merchant-ui-api.stripe.com
mug.criteo.com
newassets.hcaptcha.com
pagead2.googlesyndication.com
pay.google.com
pdw-adf.userreport.com
pips.taboola.com
pixel.quantserve.com
pixel.rubiconproject.com
play.google.com
pm.w55c.net
ps.eyeota.net
px.adentifi.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.stripe.com
r.casalemedia.com
r.stripe.com
redirect.frontend.weborama.fr
region1.google-analytics.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
se.semasio.net
secure.adnxs.com
secure.quantserve.com
sentry.fundraiseup.com
simage2.pubmatic.com
snap.licdn.com
sslwidget.criteo.com
static.cloudflareinsights.com
static.fundraiseup.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.crwdcntrl.net
sync.outbrain.com
sync.teads.tv
t.paypal.com
tags.adsafety.net
tags.bluekai.com
tags.srv.stackadapt.com
token.rubiconproject.com
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
ucarecdn.com
uipglob.semasio.net
ups.analytics.yahoo.com
visitor.omnitagjs.com
wave.outbrain.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.marchofdimes.org
www.paypal.com
www.paypalobjects.com
x.bidswitch.net
global.ib-ibi.com
104.17.72.206
104.18.12.242
104.19.218.90
104.26.5.251
108.157.1.118
108.157.194.34
13.107.42.14
13.248.245.213
139.162.141.41
141.226.224.32
141.226.228.48
142.250.186.34
142.250.186.98
151.101.129.35
151.101.129.44
151.101.193.21
154.59.122.94
162.19.138.118
172.217.23.102
172.64.151.101
178.250.1.9
18.154.63.14
18.154.63.82
18.158.179.1
18.184.216.10
18.193.153.136
18.196.116.41
18.202.209.33
18.203.91.219
185.167.164.49
185.64.191.210
185.89.210.141
185.89.210.153
188.114.96.3
192.229.221.25
193.135.9.125
198.137.150.141
2.22.242.105
2.23.197.190
2001:4860:4802:34::36
216.58.206.38
217.79.187.54
23.213.165.149
23.32.185.35
23.38.98.77
23.43.61.193
2600:1f18:612b:4280:67cf:789f:f482:a995
2600:9000:224a:5600:19:7d10:bd80:93a1
2600:9000:224a:a400:6:44e3:f8c0:93a1
2600:9000:25e8:de00:1b:5138:8a40:93a1
2606:4700:10::ac43:a5a
2606:4700::6810:3865
2606:4700::6812:82ec
2607:ae80:4::26
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::200a
2a00:1450:4013:c04::5c
2a02:2638:3::c
2a02:2638:3::e
2a02:26f0:480:f::213:7ec6
2a02:26f0:480:f::213:7ed5
2a02:6ea0:c700::10
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:200::300
3.127.129.10
3.33.220.150
3.71.149.231
34.117.157.22
34.193.251.250
34.213.170.160
34.248.85.3
34.98.64.218
35.190.24.218
35.244.174.68
37.157.2.228
37.157.5.72
37.157.6.237
37.157.6.243
40.160.4.235
46.19.11.36
52.203.70.213
52.208.161.54
52.218.112.115
52.57.164.72
52.58.128.62
52.58.3.175
52.71.63.167
54.154.73.73
54.170.164.95
54.186.23.98
54.76.70.173
54.78.254.47
65.9.66.113
69.173.144.139
69.173.144.165
70.42.32.159
72.246.168.23
74.119.119.150
77.243.51.121
77.243.51.122
81.17.55.106
85.114.159.118
85.215.5.31
99.80.37.51
99.81.243.254
01016a6fe7e537a6cef5639f1c0c4fce24349aa12858b2172a8153a9f3ba7de2
019696b175f8558a9f629b596b30b4715bf1219fbee3e3588dbacfb1582df84c
02d8f5e03704768aa366ab03f03808f1e9ea6a7b18e2006febe0fb5b7e036a87
06a1918709ba854bcfe97ef585a6cd91c56671b6d23c7ee5ed5177ad97e67243
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
0759fd6bed5370e4bc3c573dedceaeef9d7b64efc7343a10d0b147ac0b04ad53
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
08c5e96a8e271db496f7bed735af2247208e493497d60f21c5c5ce17b3590f56
09ab13e20bec7cdc1c631d01d7c45cf417165466ff70d109792e77ea06be651b
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e
0bf7bc0004aeb0dc1b7bb23f128ac24f0302a776cd1950295bc6ffae6e990bf2
116448ff3191f74560d6d91c76cebc18ec741564aa62d5c6f8bdf8f611e8a2b7
1212e7abb6f32136c5d13b04e540ebe36e773a98acd627d5e56e466f685a0b49
129e1478ac4eb092ca3622162a17ba4a510fc8945ab662c6f07152ffc3c07e9c
16b59918ab6733c57a8a7a9d6a1968d29e79df70c67909ddf241e029d0c15230
183d1f7f458dfc35496d9eb446598b1b96658ab4dc316b23cea4cd7bfcd4c8ea
18b65fdc6da2826c107418e5c689078ff47b54e7f2fc690546c33dbd3b343125
1c2e62deea90ad8ea208037abde538d6100d5a3efce136c89e64a80c1b1c6b07
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1ded1815d04f8d9199091223c6862c3942b4cf3cca05a58370bc3b6ce271fe10
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a
218b91569ad8f0a5cf1aba89f3957966ecffb7b5852ca25b709bd8f887a00c90
225cd565a241fd2329d7fbdc32be0c9d94ac4692b5f9b507454604980a418c70
23098142daf44c1cb7d244684146fb6ecb0568274118ae3f62cef67034551ef2
24049fb41335d87d82a9faea10cf9aa2a0ef868037667b029d2953a940cdf67b
25c3a3c0aecc1c3cdb989b17c48a9a75970beb6343e0df0c2651ba5eb75c900a
2671080421a95ca136f6dfaaf0850957bae95fcee4efd7d803619f78bac12b4d
26bbc198911e52e8de1d0b76e595351ed9dc93c0a586bb39f1db47e99df2a29a
26dd3e70c1aa731ac4c5a27ac65c200ceb2756eca0ae5862e8fab8b7d4985dd0
276867c5c3ce0b2f35e900e8e9c73fa7dc25a53802bb365f2d20642fd253f79c
2972ea87cd5c4adceba0baf8d735c0dae6512fd7bb276586f5ef9b707b2cde92
2a79623b8606d1583bada494ecdaac61b10440ba7a0da23185892f9d86f172dc
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aa9b0ccf31fe34e187c3b09bec7e9d8fccdeb48a5b2223d9f80df2a8790a6af
2ac93c14f7863cc7b7df8e279a534c4940cae9a66ae48192761c6b7c5986eee2
2ceee682f306a64e8cf1b48d513f71a81dc852709cf2b36b3d9b3719fac0b0fa
2d414e5f00e69a14d9e552014d9f932df7c40b618b2904726170fb689ef8fe87
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e2ce02dd175250745c575ee653078aed696b083ac3bf2feaf51261d7b8d072a
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
301850f8ca8b8c106497210d9d78aa7b4e1339f42f01aebff119f7f633984966
319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7
31c9ef99aae6896ff764e44f3cc121359d2a42dc49389a16a8b236f6e8aacfca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32c2ce3fc3f9f303fb23219d570a67d0c55951c3f6c81b25e440ba6fb68e60d9
33111c5d00b2e2e4e89f17402709ba30a1563e8c4d2fa93cf5756b44c7d1ee97
337738b644c1b01e37308c9026995b63c20387f9bc8f219cb99f72eb3b23f35c
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
368dd7da190a6dab28436caf13245f59879fdb08fb07f4bf0b9e5f6b6e4fe7d2
377a6ada8b0adaf4e37c51a736bda1e6a66e2339322ce58193e81d5909ee2fb3
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
3a06c60d0bdaeba9a685c6b98ec4108e8358606ae608bc2866b3873ba36e8be5
3de7a0f6d4d192cc931ffc60dcd9c41cf823614d8fe3264c7553611853a2dc52
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3ed0a4e695771f9903b95ac84166dbb8b89a5f6ead020bdba7fccce3d082e2f8
3eeaf7446956d4f52db0d9d320988723bec23129315a8daedf665bab334d6b21
40970414ca5ea4a2d6a32b5eaeeba2f74e144159f7cadbe9f9f582f0df5dbee8
40f7997ff37aac676d939dbdb0d33f6381fc5b66de4e4c79240e6e9503b14c15
413e38836dfb0157ba879c8ee095223bc38d8f9f6013c7180f6b7e2f1ac67dcd
420a436e0e9e1c48a2f9ce50b59fdb2b805d0274cc20fa569fd1726c4dbf90e9
4318838eb45024394c546f67d092c0f88119b8c2acfb46b470fb11c6fe8fa910
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4471ccb98d7627f19e1fd997e5562b4be936baf86b6597eb63330c6843fc59c1
450bbdeb6f906a15f2941fc467d5d32c59fd29578a36b8aef1d1590d3986c558
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
46ffa27a716a55780501f5d6711c054bdb1772174f1076dc0e49dee9b00648e9
47a019a4a25f09f59e801a8b3d77f63a3a975a4c763f8430defa7987e14d7d64
49e6f18090a8c3b811e5d7d50a1cd9e83272f1ecbea95624373950070500a90d
4aa2fdddfcb25552a1713673a954bc864de1a7b22dc0ebe664fe8ddb6bcb21ee
4b57a6d97fc4340e01339086713fe15bc8c6bace25a8fa8b8682558c953c444a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bc9b49ae6ec81de78cb07234ba748e5f186b819079eca3e7e82db4690641275
4c73ae3eda72c7eef8b13c75031180df1d81626dec2a68a846094d697fec3546
4d663da5e7f6fe773fda5fe642d04a71cd988f1132b343edb5be914d44a1f534
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e7f6cd883b421b03d88891e93891fc89bd7e4cde0266009f72250f0092302aa
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
517aa5c6549c92ef5244d8e9df5d662310d50ca9419b12b9157e67ff640be3b8
52142e0671ba7294da28434e2a92636b8848c1fe284fe09543c4e8f7e4716d11
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5503d11c2a92f6ab58616eff9cb33cd627db8639f41c3ef78f6880015a4e7d64
55934d27fdb4a14ddc59cac40e940a9c8100acc76c156e9be5f3b9c0dff6569f
564997debc20f446a4f38720248e1dbaaaa15ee5e40de23c946a0af7aadc6b47
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5ab11304d671d352bac6554d49fffd0f81d7ed1bced6bdf9c021e6e0fa538494
5b17a420163b181948e21b8a69880c8f8098f369084006bfa920b62194ff3c81
5bbb6b4bb0a2cfca768bac0a161f7b8429fe16c31ffef29e1ef9fbf4737a4263
5cc76e7f5b027b2566d97e2701af7b605a376c4a0487302d2634bbceb67eb349
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5efa3bc0f4b333ed0f824ef6cdee0c844740ee61fee686fbb6a6d54b43b1d872
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fbdec47eb761902c4f7d14ccd5a3b97bbaca6a18d485482157fff7f97684d3d
5fda46ad6de82ed65908428f090ab3cb24da2b2ab22e3f19e2713e94eecdc907
6018d98685484b3e379431582aafc6481dc84dfe771e41090ee2e5c20a00361d
6109a9264c6bb75eaf69d45fd3fc6f193794adac940245584a014c10d334dda5
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61585b7029e203625c34db47091e75f023b36c6d34e3a71e63f494f8952a0b23
6291bff86b4cebbf479469740ad6eddd6a0805819b1ae7abc59b5ce3e728a4b9
6304ca07d33fa966939847acddaf96bb7f3b5d0a926e2122882bfc30a902c266
642c3f67dbc0d646b7d2508b081e0a6040a7be94478f0cd6d2a6de21f5d11ed7
642d50bf95258a7181203326b05c08982dc5298ff21982594594a2ece141bed8
6432a66c7d8240059ca76b571620dd0f54b4d3a5dc05fccf8cff7c8304bc9493
67babd89dd5d6e783cbe7ba05cb7d77c2c3ab7bb0b3ba87b185b391a21e8cc35
68992b4d42e44dfe22ff246aeefebef14a07727e00ba33466eaf352c3f7dd6fc
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
69c942423058ca7c0d54a661d67cded9d06b9f030dd45e434bcc72cd150e7e92
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b1dccb5a273ea2fadd2437f76d7e4b897e7c5f461f52c0b72cc7e74db13cca2
6cc4700b8677a899840ce32bc6c1b5d5405e5d7f2e14a338ed95e4fe40a2bb96
6d72fa0f78c80b1874d3ee4aadf43d973edc442a65fef83d37e684ac559893b7
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6ec65ff8562887c03245269b73d1ebb60f6f619d9bad49c6ce2c956e7a0826f4
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
7176a2935514018f4c12a99dccc108407f9f4bdd7c1be1a097cbec7a90fb7542
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
732b65d05835e912a6f475e5ed7a1f964b3a1bbf780291aac50685c5e0933e18
75c911d121bdba9548b91e8a057bfae7edbebe988a7423821fc7d4c090c64b92
7a5d1a8956ee3f319edea53bf11ba07988f8c6a0b6204633cee6a41b4b216127
803f9665533b781ac3abb157ba32b9a1f48d3b7a30bada354656d4b89be22610
8166e6a7d3fe9fdc26b2f8a0bff105a647c884e550c57225b9cc660d0be6b278
81cde3f01b38120a310a1511896c42f68a46f83b6a5ea874ca447de65563cdc2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b21363e68e52f1ba52f2f292a183e39f00372c248ecfaf0c5c1fa671ff46a00
8d375fb8f67575a449606683fc8be339674f03ff2fee1c42e632564d0b207c3b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e758310065d56c81731fadefacd48f77fe962456070bcd42b4fab78e044a69d
8eeb23a1dcd42802d5d861556c6ae4848a05fd28cd22bb8ed884015b62eefd9e
9117a44e3398445da87c5ef674bc99a8e0e2d0cf42c60d7ba4a24d71bdb7e443
917c4576da1400425368a4e9d2e434dd7558ced44112a03e24349a8b40ee848b
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9516e1c23610840cf3f86fc18968a997a2af08e5f42e0093013f0836285d30bb
95b5364598cbd72a2321515750dc9ce4137ac7ee8ca5a8b4350cf823998c4045
98b2231b86974817ee296cd79e82374ecaae68b096638100e4bdd0b0386a2997
98fec5c4653bda889430cc5f033525265ca3018bf9d5463cb9f7040af370ac4f
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
9b2d31ec99d54862297525180751bb36e6f115ba25bec9ecb76a203f7af62cb9
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9e8417dbf5f2215e91aed66fd3f0e619149f1f2dc3519977f4c663061a9759eb
9f262ca654fb4059bbc2413ffb56f738d9a26b0c377f3d88aee07957e972e773
9fb218a2b6a039eaf89cbd37cd1555bc0f0398efdffde33a410990feda30a3c6
a03c785037ad1b5e421dd7d4335f1f697c0ab24f71aa14e49e632679b4112299
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1571d86b8170f5143bc5696c881e5314244228cc2451696f383bb1080af84b2
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a67c3aa938e6f25db643d460aaf6a5dc3ff328779658bf6c5cc010f126124287
aa4f6cfbf87befc125843523e2dfe029009376cb8f5d590cffbc1bb267dd69ce
abca992fa4e621e1b432acbd7111a6c3561a508229e1ae32873531feb1d24a17
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
ad57366636e32f982af9c249ade2bd2e2fbcfc11abf4062c527e419ebd6d9321
ae4ad442fdfac1ade543efd816459a6dfba4aeb6583e6e8cc17aee1dfacb65d4
ae885067159b6a4c7f153446d01bd1e0405d0acd180089840397091758a42695
af5c5a92b8718e2ab140fe43a865d77720962b4b534391dfb474716eb7bc1ccc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3d47ae3412cfab8873f856540401242f2da0e37077c0839b5e33925d36183e1
b410913850321efd333e39ddf1a5d49a433b29721126ec6d785f8f039e98bc32
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b596c15fc92d124e18473ffa1d9529ea88cf1918efa33f00447fee4113a68338
b73c2239b5b0ae6e051cb135734dc2101aeaf9032dd6b2c29ce9679330fc0bd0
b81f50d6d819dd6d6aaf0cb6402329f0479c734ad2f0918eb9f8366b66f78c83
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
b8ff37bcd275d0863f672f5e6a9578a6e6f04219a1cd63e67445de071105121f
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2798b8ec3b2526abc17688ce317cf0666ff92bddeb2c50c804e095963e126c
bb83ac4c1a72227dd5036318370e6523f7a06d0e9f791efb6f6fe34b22621ce5
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8
bff4e5a01e8dd93a69abd5a5531d53cd891f65134c552718134e0adeda2be295
c09f9bc171c32544001b130b5ed1f7f2e2b8c1ac817823452288bc678afc57e6
c0c067d3512326ee1d73cce9dccbb1bb59c24b279df3ea650ddf80578182bda6
c0ee34fcf7db9c8bc2412f47c264d8de575c2d477198cabc635ba538ddcd77f0
c16547857a50f0c9028a43638449177346ab0fce1ff973e5259995978d1fe31c
c1f92dcc7494187b5787cabe4834de25f4502ff2aa4228956b919785118df04d
c279df85c68b609b44e53997eecbbc03a3aaf8c56a72fb31fab29968147b71d5
c3c193a2e64fe803deba1f8c52fbec46e6a2089c546d8b18dc1f9a56ec4ca692
c50703a9859028e070c5ba54517ac39c873fcfc5015907f5dac21c78648ccbdf
c91d4a23e0001862471bd7f67ca563d90b10f95d32b6f0af3874ef27d399388f
c963fd1212d60ca1c683bccb3c3ace830cdedc1dccf7256c112a9708f9e7cf88
cb48d9e8351750646223a61d5868a0eda7972e2ea278c69677577300810b0ad4
cb6f9e60e6bf41a5af731690552807e6e4ca7be8994fd8804b9cf15592d3ef5c
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce34b48d423f106808707cb1a20d435d0932011d1777f6c5b33923514ef72689
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1802297dea21b3e6a860ccb64dac092312598f1743b8b6b9dd6c30adb4bfe45
d30717f2e8dc64c231e7f24843ca4ba6c9076d5e838b08e4d6efc0ee66b9f9c6
d3b64adf949a01915c03bae247c1cbdd6f188e488e4fd7fdc349942b2a691fd5
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d3f7e24515a6e8e17332b556ae1a433f0b6e00cdaea90167be98c2734b0049a0
d4660c763169716a38ee1153d2cc4eca87ca421195d67bd89ea964b10bfbacac
d4b502c11c0543e983db580fb0a451c152c6eb3f3be3e1fd84059900420cacc8
d6b464961085b9382df1de7463fceca80ae0d387d2118392e6e9fcf2b3f0efaf
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81
db2fe02b994fdded9fe3acc3f595150e738f4a0c34d9a41e76a6627be26b5352
db9719f2d84f3a97df3f4879dec1c926b021125f4429dca8bb0800ca390c84ab
dc4c53719441015688ddfe8cf43aa2bf95d0a4574d533c3e051a16887d4f703a
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df9d8e18a3cec3afcf01338e9a26209eeb89e3d0eaf97f0d5298f039776ffc8a
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e2717d806962fe1e4c9810ca869fb82c8bbd86638ca6787d01ff8c947c20df3c
e2a900b2a6524b9f6a640eddeda6e045bea4aff194c9203ea660e6db5743b69b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46de8ce43bbbc4282b65b9805f4f7c462f812ce23b615379b468beb09a989a7
e50d15896eb602b52225697467a0e13195cddd10423d86ccafc7598f8a6a6111
e7e7f216e2add2e5655784665bea48f8efed39c8be96c40782b3f0cf84df6bbf
e944de09b6e048d89b1dff57baf718b2ac1dc0d273e55560decb4c82cc828c8f
e9719b638317091bed0ab518c0ef99c5dbf1a3083d8b481673d376c47b3da124
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
ebd6d32400095fb406e63e748a6a8451eb6cdefc0f57d5f3217de10fdc57b416
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
eefe1e7d99ab4810bfb479ff54c275efb459b6ae9abfebfd221c4a518ead27d7
ef09195c774e2e9eb4422a2f8e3dcfb4af38c6d54b393a48f7f8118b2e519142
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb04a38f78418a2c257c76e71828e504b0649042b149255265fa4958f06fac8
f16ade3e5da5d485764a1d4ca2aa3f94f757b785195b04d391de88680adf76ea
f29af0f45d2483d7b111bf75d2962e7d0a14ef3214068e7d334c09c4620379d3
f300f66c1304e23bfc15a23908129f0b10ff24c89f5a2727bc52735acda82d57
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
f4df36e15df2960947ccc39a9e1e22e3656b0855b5c48af6b773a4d86dfd4dcf
f55809ae21d5dcfb8a6e01596d12eb88c0630f7e0aeff4c285b981df7864aed5
f5804841d90c0f85380c5dda93b210f0953b5980d3bb50142e4699eb407933b8
f8cd06506717ca4b233b2fd62746d5a39c9230b4ea3c4bb56206edf928ed8d05
f8e7a944adcb9d32eaf4e2f6e85cb7d1f9029b74de22ad7ff2d46ef82b189c95
fc3a41aaf9de8dcdbb1aa7c552942868390ff131f4ae48acd79df9d5a7ff996f