urlscan.io logo urlscan.io
SecurityTrails logo

fundraise.teamrubiconusa.org Open in urlscan Pro
104.26.4.195  Public Scan

Go To Rescan Add Verdict Report
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Submission: On October 20 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 59 IPs in 7 countries across 46 domains to perform 149 HTTP transactions. The main IP is 104.26.4.195, located in United States and belongs to CLOUDFLARENET, US. The main domain is fundraise.teamrubiconusa.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 31st 2021. Valid for: a year.
This is the only time fundraise.teamrubiconusa.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 104.26.4.195 13335 (CLOUDFLAR...)
17 104.18.113.21 13335 (CLOUDFLAR...)
1 104.16.95.65 13335 (CLOUDFLAR...)
3 172.217.23.98 15169 (GOOGLE)
1 52.143.247.24 8075 (MICROSOFT...)
1 104.16.122.175 13335 (CLOUDFLAR...)
2 13.32.121.61 16509 (AMAZON-02)
3 151.101.128.176 54113 (FASTLY)
11 216.58.212.142 15169 (GOOGLE)
1 13.32.121.41 16509 (AMAZON-02)
2 35.190.88.7 15169 (GOOGLE)
1 104.20.184.68 13335 (CLOUDFLAR...)
2 216.58.212.136 15169 (GOOGLE)
1 151.101.66.137 54113 (FASTLY)
3 54.211.143.234 14618 (AMAZON-AES)
2 93.184.220.66 15133 (EDGECAST)
11 142.250.186.110 15169 (GOOGLE)
4 185.60.216.19 32934 (FACEBOOK)
1 142.250.185.74 15169 (GOOGLE)
2 162.247.243.146 13335 (CLOUDFLAR...)
8 142.250.184.227 15169 (GOOGLE)
3 142.251.5.156 15169 (GOOGLE)
2 52.222.236.120 16509 (AMAZON-02)
1 104.244.42.136 13414 (TWITTER)
1 69.16.175.10 20446 (HIGHWINDS3)
1 54.186.23.98 16509 (AMAZON-02)
4 104.19.147.8 13335 (CLOUDFLAR...)
2 7 18.66.139.90 16509 (AMAZON-02)
1 2.16.186.17 20940 (AKAMAI-ASN1)
1 199.232.136.157 54113 (FASTLY)
3 13.107.21.200 8068 (MICROSOFT...)
1 3 142.250.186.134 15169 (GOOGLE)
1 178.79.242.181 22822 (LLNW)
2 4 142.250.186.98 15169 (GOOGLE)
1 142.250.186.166 15169 (GOOGLE)
5 142.250.186.164 15169 (GOOGLE)
1 142.250.184.193 15169 (GOOGLE)
1 142.250.186.54 15169 (GOOGLE)
1 2 108.174.11.37 14413 (LINKEDIN)
1 1 13.107.42.14 8068 (MICROSOFT...)
4 157.240.20.35 32934 (FACEBOOK)
1 34.208.187.153 16509 (AMAZON-02)
2 4 66.155.71.25 13768 (COGECO-PEER1)
1 1 142.250.185.98 15169 (GOOGLE)
1 104.244.42.131 13414 (TWITTER)
1 104.244.42.197 13414 (TWITTER)
2 216.58.212.163 15169 (GOOGLE)
6 9 52.18.183.31 16509 (AMAZON-02)
1 18.66.96.113 16509 (AMAZON-02)
1 2 54.77.217.29 16509 (AMAZON-02)
1 2 35.227.248.159 15169 (GOOGLE)
1 34.254.143.3 16509 (AMAZON-02)
1 23.53.168.12 16625 (AKAMAI-AS)
1 2 52.30.14.23 16509 (AMAZON-02)
1 54.195.66.206 16509 (AMAZON-02)
1 34.249.212.247 16509 (AMAZON-02)
1 87.248.118.22 34010 (YAHOO-IRD)
1 2 18.194.4.47 16509 (AMAZON-02)
1 2 37.252.173.22 29990 (ASN-APPNEX)
1 2 35.244.159.8 15169 (GOOGLE)
1 1 142.250.185.194 15169 (GOOGLE)
149 59
9    104.26.4.195 (United States)

ASN13335 (CLOUDFLARENET, US)
fundraise.teamrubiconusa.org
17    104.18.113.21 (United States)

ASN13335 (CLOUDFLARENET, US)
prod-frs.content.classy.org
assets.classy.org
1    104.16.95.65 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
3    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
www.googleadservices.com
1    52.143.247.24 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
htp.tokenex.com
1    104.16.122.175 (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    13.32.121.61 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-61.fra60.r.cloudfront.net
cdn.plaid.com
3    151.101.128.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
11    216.58.212.142 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f14.1e100.net
www.google-analytics.com
1    13.32.121.41 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-41.fra60.r.cloudfront.net
cdn.heapanalytics.com
2    35.190.88.7 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 7.88.190.35.bc.googleusercontent.com
sessions.bugsnag.com
1    104.20.184.68 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
2    216.58.212.136 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f8.1e100.net
www.googletagmanager.com
1    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
3    54.211.143.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-143-234.compute-1.amazonaws.com
heapanalytics.com
2    93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)
platform.twitter.com
11    142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net
www.youtube.com
4    185.60.216.19 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net
connect.facebook.net
1    142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net
fonts.googleapis.com
2    162.247.243.146 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
bam-cell.nr-data.net
8    142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net
fonts.gstatic.com
3    142.251.5.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f156.1e100.net
stats.g.doubleclick.net
2    52.222.236.120 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-120.fra56.r.cloudfront.net
m.stripe.network
1    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    69.16.175.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net
code.jquery.com
1    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
4    104.19.147.8 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
7    18.66.139.90 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
1    2.16.186.17 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-17.deploy.static.akamaitechnologies.com
snap.licdn.com
1    199.232.136.157 (United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
3    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
3    142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net
10169194.fls.doubleclick.net
1    178.79.242.181 (Italy)

ASN22822 (LLNW, US)
PTR: https-178-79-242-181.fra.llnw.net
up.pixel.ad
4    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
static.doubleclick.net
5    142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net
www.google.com
1    142.250.184.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net
yt3.ggpht.com
1    142.250.186.54 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f22.1e100.net
i.ytimg.com
2    108.174.11.37 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-11-37.fwd.linkedin.com
px.ads.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
4    157.240.20.35 (United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com
www.facebook.com
1    34.208.187.153 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-187-153.us-west-2.compute.amazonaws.com
m.stripe.com
4    66.155.71.25 (Southampton, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
adservice.google.com
1    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
2    216.58.212.163 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f163.1e100.net
www.gstatic.com
9    52.18.183.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-183-31.eu-west-1.compute.amazonaws.com
d.adroll.com
1    18.66.96.113 (United States)

ASN16509 (AMAZON-02, US)
js.adsrvr.org
2    54.77.217.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-217-29.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    35.227.248.159 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loadm.exelator.com
1    23.53.168.12 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-53-168-12.deploy.static.akamaitechnologies.com
sync.teads.tv
2    52.30.14.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    54.195.66.206 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-66-206.eu-west-1.compute.amazonaws.com
insight.adsrvr.org
1    34.249.212.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-212-247.eu-west-1.compute.amazonaws.com
tracking.crazyegg.com
1    87.248.118.22 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
PTR: e1.ycpi.vip.deb.yahoo.com
ads.yahoo.com
2    18.194.4.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-4-47.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    37.252.173.22 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    35.244.159.8 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
17 classy.org
prod-frs.content.classy.org
assets.classy.org
3 MB
16 adroll.com
s.adroll.com
d.adroll.com
25 KB
12 doubleclick.net
stats.g.doubleclick.net
10169194.fls.doubleclick.net
googleads.g.doubleclick.net
static.doubleclick.net
cm.g.doubleclick.net
5 KB
11 youtube.com
www.youtube.com
737 KB
11 google-analytics.com
www.google-analytics.com
40 KB
10 gstatic.com
fonts.gstatic.com
www.gstatic.com
226 KB
9 teamrubiconusa.org
fundraise.teamrubiconusa.org
54 KB
6 google.com
www.google.com
adservice.google.com
15 KB
5 crazyegg.com
script.crazyegg.com
tracking.crazyegg.com
26 KB
5 stripe.com
js.stripe.com
q.stripe.com
m.stripe.com
66 KB
4 sitescout.com
pixel.sitescout.com
3 KB
4 facebook.com
www.facebook.com
507 B
4 facebook.net
connect.facebook.net
333 KB
4 twitter.com
platform.twitter.com
syndication.twitter.com
analytics.twitter.com
133 KB
4 heapanalytics.com
cdn.heapanalytics.com
heapanalytics.com
42 KB
3 linkedin.com
px.ads.linkedin.com
www.linkedin.com
3 KB
3 bing.com
bat.bing.com
10 KB
3 googleadservices.com
www.googleadservices.com
30 KB
2 openx.net
us-u.openx.net
480 B
2 adnxs.com
ib.adnxs.com
2 KB
2 bidswitch.net
x.bidswitch.net
1 KB
2 crwdcntrl.net
bcp.crwdcntrl.net
1 KB
2 tapad.com
pixel.tapad.com
898 B
2 demdex.net
dpm.demdex.net
2 KB
2 adsrvr.org
js.adsrvr.org
insight.adsrvr.org
3 KB
2 stripe.network
m.stripe.network
16 KB
2 nr-data.net
bam-cell.nr-data.net
1 KB
2 googletagmanager.com
www.googletagmanager.com
113 KB
2 bugsnag.com
sessions.bugsnag.com
141 B
2 plaid.com
cdn.plaid.com
69 KB
1 yahoo.com
ads.yahoo.com
445 B
1 teads.tv
sync.teads.tv
172 B
1 exelator.com
loadm.exelator.com
324 B
1 t.co
t.co
452 B
1 ytimg.com
i.ytimg.com
8 KB
1 ggpht.com
yt3.ggpht.com
3 KB
1 pixel.ad
up.pixel.ad
1 KB
1 ads-twitter.com
static.ads-twitter.com
6 KB
1 licdn.com
snap.licdn.com
2 KB
1 jquery.com
code.jquery.com
30 KB
1 googleapis.com
fonts.googleapis.com
1 KB
1 newrelic.com
js-agent.newrelic.com
16 KB
1 onetrust.com
geolocation.onetrust.com
256 B
1 unpkg.com
unpkg.com
3 KB
1 tokenex.com
htp.tokenex.com
4 KB
1 cloudflareinsights.com
static.cloudflareinsights.com
5 KB
149 46
Domain Requested by
11 www.youtube.com fundraise.teamrubiconusa.org
prod-frs.content.classy.org
www.youtube.com
11 www.google-analytics.com fundraise.teamrubiconusa.org
9 d.adroll.com 6 redirects fundraise.teamrubiconusa.org
9 assets.classy.org
9 fundraise.teamrubiconusa.org fundraise.teamrubiconusa.org
8 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
8 prod-frs.content.classy.org fundraise.teamrubiconusa.org
prod-frs.content.classy.org
7 s.adroll.com 2 redirects fundraise.teamrubiconusa.org
5 www.google.com www.youtube.com
4 pixel.sitescout.com 2 redirects fundraise.teamrubiconusa.org
4 www.facebook.com
4 googleads.g.doubleclick.net 2 redirects www.youtube.com
fundraise.teamrubiconusa.org
4 script.crazyegg.com fundraise.teamrubiconusa.org
script.crazyegg.com
4 connect.facebook.net fundraise.teamrubiconusa.org
3 10169194.fls.doubleclick.net 1 redirects www.googletagmanager.com
10169194.fls.doubleclick.net
3 bat.bing.com fundraise.teamrubiconusa.org
3 stats.g.doubleclick.net fundraise.teamrubiconusa.org
3 heapanalytics.com
3 js.stripe.com fundraise.teamrubiconusa.org
js.stripe.com
3 www.googleadservices.com fundraise.teamrubiconusa.org
2 us-u.openx.net 1 redirects
2 ib.adnxs.com 1 redirects
2 x.bidswitch.net 1 redirects
2 bcp.crwdcntrl.net 1 redirects
2 pixel.tapad.com 1 redirects
2 dpm.demdex.net 1 redirects
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 px.ads.linkedin.com 1 redirects
2 m.stripe.network js.stripe.com
m.stripe.network
2 bam-cell.nr-data.net fundraise.teamrubiconusa.org
2 platform.twitter.com fundraise.teamrubiconusa.org
2 www.googletagmanager.com fundraise.teamrubiconusa.org
2 sessions.bugsnag.com fundraise.teamrubiconusa.org
2 cdn.plaid.com fundraise.teamrubiconusa.org
1 cm.g.doubleclick.net 1 redirects
1 ads.yahoo.com
1 tracking.crazyegg.com script.crazyegg.com
1 insight.adsrvr.org js.adsrvr.org
1 sync.teads.tv
1 loadm.exelator.com
1 js.adsrvr.org 10169194.fls.doubleclick.net
1 t.co
1 analytics.twitter.com fundraise.teamrubiconusa.org
1 adservice.google.com 1 redirects
1 m.stripe.com m.stripe.network
1 www.linkedin.com 1 redirects
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 up.pixel.ad fundraise.teamrubiconusa.org
1 static.ads-twitter.com fundraise.teamrubiconusa.org
1 snap.licdn.com fundraise.teamrubiconusa.org
1 q.stripe.com fundraise.teamrubiconusa.org
1 code.jquery.com fundraise.teamrubiconusa.org
1 syndication.twitter.com platform.twitter.com
1 fonts.googleapis.com fundraise.teamrubiconusa.org
1 js-agent.newrelic.com fundraise.teamrubiconusa.org
1 geolocation.onetrust.com fundraise.teamrubiconusa.org
1 cdn.heapanalytics.com fundraise.teamrubiconusa.org
1 unpkg.com fundraise.teamrubiconusa.org
1 htp.tokenex.com fundraise.teamrubiconusa.org
1 static.cloudflareinsights.com fundraise.teamrubiconusa.org
149 62

This site contains links to these domains. Also see Links.

Domain
teamrubiconusa.org
www.classy.org
classy.org
Subject Issuer Validity Valid
fundraise.teamrubiconusa.org
Cloudflare Inc ECC CA-3		 2021-05-31 -
2022-05-30		 a year crt.sh
classy.org
Cloudflare Inc ECC CA-3		 2021-06-03 -
2022-06-02		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
api.tokenex.com
Go Daddy Secure Certificate Authority - G2		 2021-01-26 -
2022-01-26		 a year crt.sh
secure.plaid.com
DigiCert SHA2 Extended Validation Server CA		 2020-04-17 -
2022-04-22		 2 years crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2021-07-09 -
2021-11-03		 4 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
cdn.heapanalytics.com
Amazon		 2021-08-28 -
2022-09-26		 a year crt.sh
*.bugsnag.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-05 -
2022-05-05		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2021-02-12 -
2022-02-11		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-06 -
2022-11-07		 a year crt.sh
heapanalytics.com
Amazon		 2020-12-24 -
2022-01-22		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.stripe.com
DigiCert SHA2 Secure Server CA		 2021-09-08 -
2022-09-07		 a year crt.sh
s.adroll.com
Amazon		 2021-08-02 -
2022-08-31		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-09-30 -
2022-03-30		 6 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.pixel.ad
RapidSSL RSA CA 2018		 2020-01-15 -
2022-02-02		 2 years crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-09-16 -
2022-03-16		 6 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-02-02		 3 months crt.sh
*.sitescout.com
RapidSSL RSA CA 2018		 2020-01-15 -
2022-02-02		 2 years crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
adroll.mgr.consensu.org
Amazon		 2021-09-09 -
2022-10-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-13 -
2022-10-14		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
teads.tv
R3		 2021-08-23 -
2021-11-21		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.crazyegg.com
DigiCert SHA2 Secure Server CA		 2020-07-26 -
2022-07-23		 2 years crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-09-27 -
2021-11-17		 2 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh

This page contains 11 frames:

Primary Page: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Frame ID: 6D1063C571A236DF885D30C8B0E0E54A
Requests: 109 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
Frame ID: 82C6EE6D97971F224D9C736CEBAB4160
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/x9dDze9MHZs?wmode=opaque
Frame ID: F6A3EE653B103C9C88EA30C58B761476
Requests: 18 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Ffundraise.teamrubiconusa.org
Frame ID: B376D114F96A186853C0EFB5B0E4A445
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 3432009B4AA1118A1A1463D35B2C3C60
Requests: 4 HTTP requests in this frame

Frame: https://10169194.fls.doubleclick.net/activityi;dc_pre=CK2ZxaGQ2vMCFUbYEQgdgMoIgg;src=10169194;type=hva1f0;cat=allpa0;ord=4851022385496;gtm=2wgak0;auiddc=190374960.1634771997;~oref=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349
Frame ID: 60E85C4192AD496E3C9F37B79CE0AEE5
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Frame ID: 1506B1D588447AC62B26BD9490478838
Requests: 6 HTTP requests in this frame

Frame: https://10169194.fls.doubleclick.net/ddm/fls/r/dc_pre=CK2ZxaGQ2vMCFUbYEQgdgMoIgg;src=10169194;type=hva1f0;cat=allpa0;ord=4851022385496;gtm=2wgak0;auiddc=190374960.1634771997;~oref=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349
Frame ID: B60D959416EF99B58EA64768847A4D41
Requests: 2 HTTP requests in this frame

Frame: https://script.crazyegg.com/pages/data-scripts/0013/7967.json?t=1
Frame ID: AC0104A4DFEB8715E198FF0916695C2A
Requests: 3 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=mn7ndva&ref=https%3A%2F%2Ffundraise.teamrubiconusa.org%2F&upid=3y599rv&upv=1.1.0
Frame ID: 5E6C2374857CD0EE1FF35E1123C2E9D9
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 41A9E2B49BA7969697CF8657A0183741
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

2021 AmRisc Group - Campaign

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • heap-\d+\.js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

149
Requests

99 %
HTTPS

0 %
IPv6

46
Domains

62
Subdomains

59
IPs

7
Countries

4642 kB
Transfer

12583 kB
Size

59
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82
  • https://10169194.fls.doubleclick.net/activityi;src=10169194;type=hva1f0;cat=allpa0;ord=4851022385496;gtm=2wgak0;auiddc=190374960.1634771997;~oref=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349 HTTP 302
  • https://10169194.fls.doubleclick.net/activityi;dc_pre=CK2ZxaGQ2vMCFUbYEQgdgMoIgg;src=10169194;type=hva1f0;cat=allpa0;ord=4851022385496;gtm=2wgak0;auiddc=190374960.1634771997;~oref=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349
Request Chain 86
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 96
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=80894&time=1634771997644&url=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D80894%26time%3D1634771997644%26url%3Dhttps%253A%252F%252Ffundraise.teamrubiconusa.org%252Fcampaign%252F2021-amrisc-group%252Fc347349%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=80894&time=1634771997644&url=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&liSync=true
Request Chain 99
  • https://s.adroll.com/j/exp/Z4UBGHYDBFC6TJJ5DLFHXE/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 100
  • https://s.adroll.com/j/pre/Z4UBGHYDBFC6TJJ5DLFHXE/WEAB5TK2TFCZ7FF4SQWSLI/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js
Request Chain 106
  • https://pixel.sitescout.com/dmp/asyncPixelSync HTTP 302
  • https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Request Chain 107
  • https://pixel.sitescout.com/up/141bc6c012cd9ab0?cntr_url=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349 HTTP 302
  • https://pixel.sitescout.com/up/141bc6c012cd9ab0?cookieQ=1&cntr_url=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349
Request Chain 108
  • https://adservice.google.com/ddm/fls/i/dc_pre=CK2ZxaGQ2vMCFUbYEQgdgMoIgg;src=10169194;type=hva1f0;cat=allpa0;ord=4851022385496;gtm=2wgak0;auiddc=190374960.1634771997;~oref=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349 HTTP 302
  • https://10169194.fls.doubleclick.net/ddm/fls/r/dc_pre=CK2ZxaGQ2vMCFUbYEQgdgMoIgg;src=10169194;type=hva1f0;cat=allpa0;ord=4851022385496;gtm=2wgak0;auiddc=190374960.1634771997;~oref=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349
Request Chain 114
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/824070334/?random=1625758074&cv=9&fst=1634771997650&num=1&value=0&label=htU8COfJmd8BEL6h-YgD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&tiba=2021%20AmRisc%20Group%20-%20Campaign&auid=190374960.1634771997&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=HaRwYbatKLux-gaY96eAAg&sscte=1&crd=&eitems=ChEI8Py-iwYQ_fqxi660oqfZARIdAORs2u5gGENj3lo1E1JGZI6Nyt8BqGRwS-IwhN8 HTTP 302
  • https://www.google.com/pagead/1p-conversion/824070334/?random=1625758074&cv=9&fst=1634771997650&num=1&value=0&label=htU8COfJmd8BEL6h-YgD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&tiba=2021%20AmRisc%20Group%20-%20Campaign&auid=190374960.1634771997&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=HaRwYbatKLux-gaY96eAAg&cid=CAQSKQCNIrLMF5EJX1UsgIJfMXYDEYkdqn_e45tuKyjP69YkSss5Pp-7NDen&eitems=ChEI8Py-iwYQ_fqxi660oqfZARIdAORs2u7QIatY5zXjhlGooSireQTNmJaAL3STlwU&random=4178649280&resp=GooglemKTybQhCsO
Request Chain 120
  • https://dpm.demdex.net/ibs:dpid=82530&dpuuid=2459e3b9-6b31-4119-a099-796e038c5403-6170a41d-5553&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=2459e3b9-6b31-4119-a099-796e038c5403-6170a41d-5553&gdpr=0&gdpr_consent=
Request Chain 121
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2499&partner_device_id=2459e3b9-6b31-4119-a099-796e038c5403-6170a41d-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=2459e3b9-6b31-4119-a099-796e038c5403-6170a41d-5553
Request Chain 124
  • https://bcp.crwdcntrl.net/map/c=1389/tp=STSC/tpid=2459e3b9-6b31-4119-a099-796e038c5403-6170a41d-5553 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=2459e3b9-6b31-4119-a099-796e038c5403-6170a41d-5553
Request Chain 128
  • https://d.adroll.com/pixel/Z4UBGHYDBFC6TJJ5DLFHXE/WEAB5TK2TFCZ7FF4SQWSLI?adroll_fpc=59283201cd8b2c16a044866dc0a3b1e8-1634771998061&arrfrr=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&xid_ch=f&pv=77266424699.27888&cookie=&adroll_s_ref=&keyw= HTTP 302
  • https://s.adroll.com/pixel/Z4UBGHYDBFC6TJJ5DLFHXE/WEAB5TK2TFCZ7FF4SQWSLI/CEPSF3FKHVADTJGZZMJFTZ.js
Request Chain 141
  • https://d.adroll.com/cm/r/out?adroll_fpc=59283201cd8b2c16a044866dc0a3b1e8-1634771998061&arrfrr=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&xid_ch=f&advertisable=Z4UBGHYDBFC6TJJ5DLFHXE HTTP 302
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Request Chain 142
  • https://d.adroll.com/cm/b/out?adroll_fpc=59283201cd8b2c16a044866dc0a3b1e8-1634771998061&arrfrr=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&xid_ch=f&advertisable=Z4UBGHYDBFC6TJJ5DLFHXE HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=YTNkMjE1ODU3ODliZWIwZTI2ZWQyNGM0NGY3M2FjNzQ HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTNkMjE1ODU3ODliZWIwZTI2ZWQyNGM0NGY3M2FjNzQ
Request Chain 143
  • https://d.adroll.com/cm/x/out?adroll_fpc=59283201cd8b2c16a044866dc0a3b1e8-1634771998061&arrfrr=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&xid_ch=f&advertisable=Z4UBGHYDBFC6TJJ5DLFHXE HTTP 302
  • https://ib.adnxs.com/setuid?entity=172&code=YTNkMjE1ODU3ODliZWIwZTI2ZWQyNGM0NGY3M2FjNzQ HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYTNkMjE1ODU3ODliZWIwZTI2ZWQyNGM0NGY3M2FjNzQ
Request Chain 145
  • https://d.adroll.com/cm/o/out?adroll_fpc=59283201cd8b2c16a044866dc0a3b1e8-1634771998061&arrfrr=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&xid_ch=f&advertisable=Z4UBGHYDBFC6TJJ5DLFHXE HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=a3d21585789beb0e26ed24c44f73ac74 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a3d21585789beb0e26ed24c44f73ac74
Request Chain 146
  • https://d.adroll.com/cm/g/out?adroll_fpc=59283201cd8b2c16a044866dc0a3b1e8-1634771998061&arrfrr=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&xid_ch=f&advertisable=Z4UBGHYDBFC6TJJ5DLFHXE&google_nid=adroll5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=o9IVhXib6w4m7STET3OsdA HTTP 302
  • https://d.adroll.com/cm/g/in

149 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request c347349
fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/ 		112 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
850ca068d16c21dec87ee0471d778318cf731b9e30cc785d810c9d0d9efc6c56
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
fundraise.teamrubiconusa.org
:scheme
https
:path
/campaign/2021-amrisc-group/c347349
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 20 Oct 2021 23:19:55 GMT
content-type
text/html; charset=utf-8
cf-ray
6a15f9449cbc413e-PRG
cache-control
private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie
CSRF-TOKEN=8osadT7I-fQpD9fMfRgBWqwJeVkgdGuzjmn4; Path=/ connect.sid=s%3AjP5e_zcCyMu9pYTWP0iIypb_colAw0c7.TEW6EZwihMPZhJHx41AFcy%2BPewD4H8dYQFM4xvfN%2Ffw; Path=/; Expires=Thu, 10 Aug 2073 05:22:29 GMT; HttpOnly __cf_bm=DjSB6zeZNtc5dOrhBleJQKMigc__yWwHcm8lDrsYChY-1634771995-0-Af1w8w7DNjUMl2QF4B/qaw1OHVpR9ZFC55FzY/VdL1+ifYOopEzQLcGF0BgWSBgTZzjonakz7ClRUbBezyyLLnY=; path=/; expires=Wed, 20-Oct-21 23:49:55 GMT; domain=.fundraise.teamrubiconusa.org; HttpOnly; Secure; SameSite=None
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options
nosniff
vary
Accept-Encoding
server
cloudflare
content-encoding
br
main.css
prod-frs.content.classy.org/prod/14997/static/frs/ 		1 MB
137 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prod-frs.content.classy.org/prod/14997/static/frs/main.css
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26c6b25b787716ce5715e1a235cafb2f5abe07d734e75b605c2903361f9c2a3d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 20 Oct 2021 22:48:34 GMT
server
cloudflare
x-amz-request-id
SHC2NV4T1SKHDVZH
etag
W/"cdb87280018fd7df3af6689106bf0087"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
strict-transport-security
max-age=15552000; includeSubDomains
cf-ray
6a15f94a28564107-PRG
x-amz-id-2
qQd8NpWDxUKIGBTtJwyyop3Kqdjx1sChVu39FGj/6aNIDVMnaX0kqDhju2UK295o8XbEqvD7Q2E=
rocket-loader.min.js
fundraise.teamrubiconusa.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundraise.teamrubiconusa.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
pragma
no-cache
cookie
CSRF-TOKEN=8osadT7I-fQpD9fMfRgBWqwJeVkgdGuzjmn4; connect.sid=s%3AjP5e_zcCyMu9pYTWP0iIypb_colAw0c7.TEW6EZwihMPZhJHx41AFcy%2BPewD4H8dYQFM4xvfN%2Ffw; __cf_bm=DjSB6zeZNtc5dOrhBleJQKMigc__yWwHcm8lDrsYChY-1634771995-0-Af1w8w7DNjUMl2QF4B/qaw1OHVpR9ZFC55FzY/VdL1+ifYOopEzQLcGF0BgWSBgTZzjonakz7ClRUbBezyyLLnY=
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fundraise.teamrubiconusa.org
referer
https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 10:17:24 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"6166b234-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=172800 public
strict-transport-security
max-age=15552000; includeSubDomains
cf-ray
6a15f94b188d413e-PRG
expires
Fri, 22 Oct 2021 23:19:55 GMT
beacon.min.js
static.cloudflareinsights.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.95.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:55 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 16:39:17 GMT
server
cloudflare
etag
W/2021.9.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6a15f94b5b05f9d2-PRG
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
0b52dc3851559db81b5517ed0d7f0ae732f1f758f09834c62d09c02189ca2155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14435
x-xss-protection
0
server
cafe
etag
3499052782129861849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 20 Oct 2021 23:19:55 GMT
onetrustConsent-1539020710655.js
prod-frs.content.classy.org/prod/14997/static/onetrust/ 		53 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod-frs.content.classy.org/prod/14997/static/onetrust/onetrustConsent-1539020710655.js
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caa7a591a041f24db59c7672e3b467f25e4ab1cbd245ef2203b01f0a30c8976e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 20 Oct 2021 22:48:35 GMT
server
cloudflare
x-amz-request-id
SHC6D29VDQB8KPJB
etag
W/"64c3a4446a1c238c4df7f2db78163772"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
strict-transport-security
max-age=15552000; includeSubDomains
cf-ray
6a15f94b38e64107-PRG
x-amz-id-2
Jv6Bo1VqPNBk7ROIYaRph4KwljGrua3s6jQ5seFm0fA10w16y1Bk4FeRkcHegv9pY7jzANXm0mM=
iframe-v3.min.js
htp.tokenex.com/iframe/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://htp.tokenex.com/iframe/iframe-v3.min.js
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
48e76017a2ab32ab6c81dd6a2042fae71c48dc4d7103f8691078eb880936b742
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 29 Sep 2021 19:42:19 GMT
etag
"801f181d6ab5d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
date
Wed, 20 Oct 2021 23:19:55 GMT
accept-ranges
bytes
content-length
3458
x-xss-protection
1; mode=block
paypal-js.legacy.min.js
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.122.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:55 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
3539654
fly-request-id
01FF6GCCD3AGH2H9QDHAP9DXZ3
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6a15f94b8ef3f9ce-PRG
module.min.js
prod-frs.content.classy.org/prod/14997/static/frs/ 		329 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod-frs.content.classy.org/prod/14997/static/frs/module.min.js
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54f241485358d041b05b92ffc679d2834646109abc68ceed3224a879606ff20a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 20 Oct 2021 22:48:34 GMT
server
cloudflare
x-amz-request-id
SHC9Y3Q0KK5VTKBR
etag
W/"4724726f2001204e014de2c44e7e1555"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
strict-transport-security
max-age=15552000; includeSubDomains
cf-ray
6a15f94b38ea4107-PRG
x-amz-id-2
kSA1CAZvG2uQRDVv8/H76uerqi0VwkzxPDlpZfqMA+tkf9e1EaKnK5YlaaZT73INTE4xZsUmaz8=
module.min.js
prod-frs.content.classy.org/prod/14997/static/global/ 		2 MB
319 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod-frs.content.classy.org/prod/14997/static/global/module.min.js
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a04f8a72a6b2a08a9dffa33e2e849498e5eb0aa656a970e40b511432952e411
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 20 Oct 2021 22:48:35 GMT
server
cloudflare
x-amz-request-id
SHC4M535F5BCG04J
etag
W/"00fde6167c8b13be01b9a0589fdd5ffe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
strict-transport-security
max-age=15552000; includeSubDomains
cf-ray
6a15f94b38ec4107-PRG
x-amz-id-2
9y7wyz6vTNtOdR0bQvTGzcIVwxw/DABNBsteNOSwr+qO6fUWEBqRsT1kyZoLwSpawbvX1YAm9Xk=
libs.min.js
prod-frs.content.classy.org/prod/14997/static/global/ 		1 MB
477 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod-frs.content.classy.org/prod/14997/static/global/libs.min.js
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c224dfa203e28003da563e5269c9d67724e053ab7c87b2581b1b6ed22b05499
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 20 Oct 2021 22:48:35 GMT
server
cloudflare
x-amz-request-id
SHC0384GHTVZ817M
etag
W/"9f084e9d38fb2730ca68bb4c3cc1b091"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
strict-transport-security
max-age=15552000; includeSubDomains
cf-ray
6a15f94b38ef4107-PRG
x-amz-id-2
lGAh+v5Qs7Bt3YhOePnNvR7trVUpW76Cr0XB5wTcU51+saLv0XELWzsT1dxVj/MjVOIl/qcy2dQ=
link-initialize.js
cdn.plaid.com/link/v2/stable/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-61.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a26877ebb6d06d125804163f8a0abbaa73ced60d5d50745cb711097e4736d12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 20:14:48 GMT
content-encoding
gzip
x-amz-request-id
HNZD601Q7ZCXTQF5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-id-2
UVs51NIn3/Ulvogv+ZamM+4DF5u4KWASaUwt8c3guGqeuex+buXHC2d7bObhHjWbKFAO0pkrfts=
last-modified
Wed, 20 Oct 2021 19:28:12 GMT
server
AmazonS3
etag
W/"98737bf77389ad380793ff863d5d37d0"
vary
Accept-Encoding
x-amz-version-id
bxtPpnC_KAFlK_l0Sc5cyO1BVLHUx4X4
via
1.1 d7433132a7c6595c9aab2dc2272e7061.cloudfront.net (CloudFront)
cache-control
no-cache,must-revalidate,max-age=0
x-amz-cf-pop
FRA60-P1
content-type
application/javascript
x-amz-cf-id
P6sYgUuh4f1apJfTL1KtsYvngjrEfWGPSmzxBVq4TjkZdW-TV7wDtw==
/
js.stripe.com/v3/ 		264 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
810c4ec2fd4b4ac9ca638fbebd651512e2d13a6e4f1aecb461d43ce06f391130
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:55 GMT
content-encoding
br
vary
Accept-Encoding
age
152
via
1.1 varnish
x-cache
HIT
content-length
64476
x-amz-id-2
9kk1GNGrMYrfKhpSvfaoiHXzfYJmL1X9o+0hJiYCGdNkbaiuG0pcPlJx2NF6MTbOXLKwB75yMjs=
x-served-by
cache-fra19141-FRA
timing-allow-origin
*
last-modified
Tue, 19 Oct 2021 21:56:36 GMT
server
AmazonS3
etag
"162d95aadbf0d6bd433739b5c2433fea"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
2D4SASXSF85T7KYM
access-control-allow-origin
*
cache-control
max-age=60
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
18
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 16:47:48 GMT
server
Golfe2
age
1979
date
Wed, 20 Oct 2021 22:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19887
expires
Thu, 21 Oct 2021 00:46:57 GMT
heap-1566116007.js
cdn.heapanalytics.com/js/ 		105 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-1566116007.js
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.41 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-41.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
530e3f33e17909e02cee7845dcf74603c7718de027f0272b49002e3a770e7b84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:45 GMT
content-encoding
gzip
server
nginx
age
11
etag
W/"1a59c-q/z7zwADAEVcOS/Y1Ijytg"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-pop
FRA60-P1
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
FNaWaIpMKlAt7jNykAJcqR-TqBVnIgEMI61Nl437IAx4I_Ib4vaFgQ==
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Server
35.190.88.7 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
7.88.190.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin
https://fundraise.teamrubiconusa.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
date
Wed, 20 Oct 2021 23:19:56 GMT
content-length
0
via
1.1 google
alt-svc
clear
/
sessions.bugsnag.com/ 		21 B
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.88.7 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
7.88.190.35.bc.googleusercontent.com
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1.0
Referer
https://fundraise.teamrubiconusa.org/
Bugsnag-Sent-At
2021-10-20T23:19:56.563Z
Accept-Language
de-DE,de;q=0.9
Bugsnag-Api-Key
ed2f4223afa43ef4870a151ab82d1ac6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 20 Oct 2021 23:19:56 GMT
via
1.1 google
bugsnag-session-uuid
3845b3b7-9943-463e-b800-629d48051375
alt-svc
clear
content-length
21
content-type
application/json
optanon.css
prod-frs.content.classy.org/prod/14997/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/ 		22 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prod-frs.content.classy.org/prod/14997/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/optanon.css
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7640145bdeb4bec3be6ef54494a65e2a40e4b6db970390aaefb78827d236e2c1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 20 Oct 2021 22:48:35 GMT
server
cloudflare
x-amz-request-id
1856EG47KVEHXV3B
etag
W/"5ec3a032a0370bd8e3f63adf430b4617"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
strict-transport-security
max-age=15552000; includeSubDomains
cf-ray
6a15f9529d514107-PRG
x-amz-id-2
IGMh4e/vezjSc12YWiX7MaBAwBCx3XMQZWp19S+RytVQZscfA3DVciC64oLJ+tfbOL4/9OCsY70=
EU
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/ 		32 B
256 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery32109046505026657312_1634771996473&_=1634771996474
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.184.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6a15f952ef8827b8-PRG
content-length
32
gtm.js
www.googletagmanager.com/ 		320 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGKK4PM
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.136 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
4965a9c714847066b8c92c673664b902476aaf9fb05274ff176bc7b9b827b0fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36291
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 21:30:03 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Oct 2021 23:19:56 GMT
sdk.js
fundraise.teamrubiconusa.org/sso/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundraise.teamrubiconusa.org/sso/sdk.js
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
33ee267763985a483e766006308c74e6afa3d561ac5b23ac58b7ef2a2e55eacc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

:path
/sso/sdk.js
pragma
no-cache
cookie
CSRF-TOKEN=8osadT7I-fQpD9fMfRgBWqwJeVkgdGuzjmn4; connect.sid=s%3AjP5e_zcCyMu9pYTWP0iIypb_colAw0c7.TEW6EZwihMPZhJHx41AFcy%2BPewD4H8dYQFM4xvfN%2Ffw; __cf_bm=DjSB6zeZNtc5dOrhBleJQKMigc__yWwHcm8lDrsYChY-1634771995-0-Af1w8w7DNjUMl2QF4B/qaw1OHVpR9ZFC55FzY/VdL1+ifYOopEzQLcGF0BgWSBgTZzjonakz7ClRUbBezyyLLnY=; _ga=GA1.2.1688333489.1634771996; _gid=GA1.2.1227594612.1634771996; OptanonConsent=landingPath=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&datestamp=Wed+Oct+20+2021+23%3A19%3A56+GMT%2B0000+(GMT)&version=3.6.25
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
fundraise.teamrubiconusa.org
referer
https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
x-powered-by
PHP/5.6.40
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=1200
strict-transport-security
max-age=15552000; includeSubDomains
cf-ray
6a15f952ad1f413e-PRG
expires
Wed, 20 Oct 2021 23:39:56 GMT
nr-spa-1211.min.js
js-agent.newrelic.com/ 		43 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1211.min.js
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
539877722caad874241ab2ec930b7b4aaa5327a34984b64ad813f8a2998bb862

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
CLSa7QJ2hagEFCkLjcLamPCZ0EDdPlaV
content-encoding
gzip
etag
"a5ee6c68d7de5e7446d73910964b5c10"
x-amz-request-id
7P24QENFJWH9MPY0
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
16260
x-amz-id-2
w9tbSzsulzIUpjCfcY1I4Ry340KouzFhxTIpcvI9ziJM3HnvH7QmVv/mcPAA/SBB1qkMT7NKyUM=
x-served-by
cache-hhn4043-HHN
last-modified
Mon, 27 Sep 2021 20:46:51 GMT
server
AmazonS3
x-timer
S1634771997.603506,VS0,VE0
date
Wed, 20 Oct 2021 23:19:56 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
4021
m-outer-f7902241893e7a497417843cb15dc858.html
js.stripe.com/v3/ Frame 82C6 		240 B
544 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/m-outer-f7902241893e7a497417843cb15dc858.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fundraise.teamrubiconusa.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/

Response headers

x-amz-id-2
A0wzX0HiXAJGgRzm3pCSzHrA7Pexi0Sstb+eem/iRiuH54T5o5jOBwdd4wi6bqgyYdKbESvlwIE=
x-amz-request-id
PR2AWK80NFH32R8Q
last-modified
Tue, 19 Oct 2021 21:45:17 GMT
etag
"f7902241893e7a497417843cb15dc858"
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
br
accept-ranges
bytes
date
Wed, 20 Oct 2021 23:19:56 GMT
via
1.1 varnish
age
280
x-served-by
cache-fra19141-FRA
x-cache
HIT
x-cache-hits
179
vary
Accept-Encoding
access-control-allow-origin
*
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
cache-control
max-age=60
content-length
141
link-dynamic-loader.js
cdn.plaid.com/link/2.0.1176/ 		0
40 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.plaid.com/link/2.0.1176/link-dynamic-loader.js
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-61.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 20:14:49 GMT
content-encoding
gzip
age
11108
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 20 Oct 2021 19:28:12 GMT
server
AmazonS3
etag
W/"62a0f22f9e83bb7accd7c0452fab1b97"
vary
Accept-Encoding
x-amz-version-id
qSS9bwxkyqVWikTWQ8HrmUco9rgQDTfF
via
1.1 d7433132a7c6595c9aab2dc2272e7061.cloudfront.net (CloudFront)
cache-control
max-age=10800
x-amz-cf-pop
FRA60-P1
content-type
application/javascript
x-amz-cf-id
wTwqaURRdpHriX4Z9Oeg0XVCSlVmmrcRX9DhHoW0NZa-k_l9tXVVsw==
h
heapanalytics.com/ 		37 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=1566116007&u=6706181534595456&v=2077651536206359&s=2815424183470193&b=web&tv=4.0&z=0&h=%2Fcampaign%2F2021-amrisc-group%2Fc347349&d=fundraise.teamrubiconusa.org&t=2021%20AmRisc%20Group&ts=1634771996615&st=1634771996616
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.143.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-143-234.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 23:19:56 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6772) /
Resource Hash
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 23:19:56 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Oct 2021 18:33:56 GMT
Server
ECS (frb/6772)
Age
161
Etag
"a709ab1b2c0d5d5e7c19895f6e1dcbfd+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
29104
iframe_api
www.youtube.com/ 		980 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
ESF /
Resource Hash
272d71624a8d4634901f0260580882a059268ff037cc12302b283a9710756c2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
expires
Wed, 20 Oct 2021 23:19:56 GMT
x9dDze9MHZs
www.youtube.com/embed/ Frame F6A3 		57 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/x9dDze9MHZs?wmode=opaque
Requested by
Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/14997/static/global/libs.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
ESF /
Resource Hash
81f85c33161d71564501c0c929e8140c24afcd6a84d832360b29f048776d7527
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/x9dDze9MHZs?wmode=opaque
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fundraise.teamrubiconusa.org/
accept-encoding
gzip, deflate, br
cookie
YSC=959tze3j1Tk; VISITOR_INFO1_LIVE=ak5RLqlRwm0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 20 Oct 2021 23:19:56 GMT
strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
report-to
{"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
tax-entities
fundraise.teamrubiconusa.org/frs-api/organizations/5643/ 		394 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundraise.teamrubiconusa.org/frs-api/organizations/5643/tax-entities
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc351c64e8551e12883742e11330d8a84d5ac09db2fda4eba4059c9cc2765866
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-fetch-mode
cors
x-xsrf-token
8osadT7I-fQpD9fMfRgBWqwJeVkgdGuzjmn4
tracestate
423787@nr=0-1-423787-363751183-23d17aa5a6b98248----1634771996853
accept-language
de-DE,de;q=0.9
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIyM2QxN2FhNWE2Yjk4MjQ4IiwidHIiOiJmZTQ5YzZhM2NhZmI0M2M2YzdhNDBhMGFlMTgyOWU0MCIsInRpIjoxNjM0NzcxOTk2ODUzfX0=
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
CSRF-TOKEN=8osadT7I-fQpD9fMfRgBWqwJeVkgdGuzjmn4; connect.sid=s%3AjP5e_zcCyMu9pYTWP0iIypb_colAw0c7.TEW6EZwihMPZhJHx41AFcy%2BPewD4H8dYQFM4xvfN%2Ffw; __cf_bm=DjSB6zeZNtc5dOrhBleJQKMigc__yWwHcm8lDrsYChY-1634771995-0-Af1w8w7DNjUMl2QF4B/qaw1OHVpR9ZFC55FzY/VdL1+ifYOopEzQLcGF0BgWSBgTZzjonakz7ClRUbBezyyLLnY=; _ga=GA1.2.1688333489.1634771996; _gid=GA1.2.1227594612.1634771996; OptanonConsent=landingPath=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&datestamp=Wed+Oct+20+2021+23%3A19%3A56+GMT%2B0000+(GMT)&version=3.6.25; _hp2_id.1566116007=%7B%22userId%22%3A%226706181534595456%22%2C%22pageviewId%22%3A%222077651536206359%22%2C%22sessionId%22%3A%222815424183470193%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D; _hp2_ses_props.1566116007=%7B%22z%22%3A0%2C%22ts%22%3A1634771996615%2C%22d%22%3A%22fundraise.teamrubiconusa.org%22%2C%22h%22%3A%22%2Fcampaign%2F2021-amrisc-group%2Fc347349%22%2C%22t%22%3A%222021%20AmRisc%20Group%22%7D
:path
/frs-api/organizations/5643/tax-entities
pragma
no-cache
x-newrelic-id
UAQEVl5UGwAGV1ZQBgMEVg==
traceparent
00-fe49c6a3cafb43c6c7a40a0ae1829e40-23d17aa5a6b98248-01
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
fundraise.teamrubiconusa.org
referer
https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
:scheme
https
sec-fetch-site
same-origin
csrf-token
8osadT7I-fQpD9fMfRgBWqwJeVkgdGuzjmn4
:method
GET
X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN
8osadT7I-fQpD9fMfRgBWqwJeVkgdGuzjmn4
tracestate
423787@nr=0-1-423787-363751183-23d17aa5a6b98248----1634771996853
traceparent
00-fe49c6a3cafb43c6c7a40a0ae1829e40-23d17aa5a6b98248-01
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIyM2QxN2FhNWE2Yjk4MjQ4IiwidHIiOiJmZTQ5YzZhM2NhZmI0M2M2YzdhNDBhMGFlMTgyOWU0MCIsInRpIjoxNjM0NzcxOTk2ODUzfX0=
Accept
application/json, text/plain, */*
csrf-token
8osadT7I-fQpD9fMfRgBWqwJeVkgdGuzjmn4
Referer
https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"18a-LakQMCfiHU2oZsXup34aMYcGqVI"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/json; charset=utf-8
cache-control
private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie
CSRF-TOKEN=tVHVbKGK-Bg_opsm6fAwlB42sXfnEeQ1y-pw; Path=/
cf-ray
6a15f9546e26413e-PRG
vary
Accept-Encoding
initial-feed
fundraise.teamrubiconusa.org/frs-api/campaigns/347349/ 		7 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundraise.teamrubiconusa.org/frs-api/campaigns/347349/initial-feed?with=member,linkable&sort=linkable_effective_at:desc&per_page=5&campaignId=347349
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29037e0d6a205c878cecf2015f50694ed9eff17eb2b1965be8cf68321180f006
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-fetch-mode
cors
x-xsrf-token
8osadT7I-fQpD9fMfRgBWqwJeVkgdGuzjmn4
tracestate
423787@nr=0-1-423787-363751183-e19dd18e24f7b291----1634771996860
accept-language
de-DE,de;q=0.9
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJlMTlkZDE4ZTI0ZjdiMjkxIiwidHIiOiI2ODI0YmE3YzYyMzVlOTcyNTYyMGY2Yjk5OWNkYzZiMCIsInRpIjoxNjM0NzcxOTk2ODYwfX0=
sec-fetch-dest
empty
accept-encoding
gzip, deflate, br
cookie
CSRF-TOKEN=8osadT7I-fQpD9fMfRgBWqwJeVkgdGuzjmn4; connect.sid=s%3AjP5e_zcCyMu9pYTWP0iIypb_colAw0c7.TEW6EZwihMPZhJHx41AFcy%2BPewD4H8dYQFM4xvfN%2Ffw; __cf_bm=DjSB6zeZNtc5dOrhBleJQKMigc__yWwHcm8lDrsYChY-1634771995-0-Af1w8w7DNjUMl2QF4B/qaw1OHVpR9ZFC55FzY/VdL1+ifYOopEzQLcGF0BgWSBgTZzjonakz7ClRUbBezyyLLnY=; _ga=GA1.2.1688333489.1634771996; _gid=GA1.2.1227594612.1634771996; OptanonConsent=landingPath=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&datestamp=Wed+Oct+20+2021+23%3A19%3A56+GMT%2B0000+(GMT)&version=3.6.25; _hp2_id.1566116007=%7B%22userId%22%3A%226706181534595456%22%2C%22pageviewId%22%3A%222077651536206359%22%2C%22sessionId%22%3A%222815424183470193%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D; _hp2_ses_props.1566116007=%7B%22z%22%3A0%2C%22ts%22%3A1634771996615%2C%22d%22%3A%22fundraise.teamrubiconusa.org%22%2C%22h%22%3A%22%2Fcampaign%2F2021-amrisc-group%2Fc347349%22%2C%22t%22%3A%222021%20AmRisc%20Group%22%7D
:path
/frs-api/campaigns/347349/initial-feed?with=member,linkable&sort=linkable_effective_at:desc&per_page=5&campaignId=347349
pragma
no-cache
x-newrelic-id
UAQEVl5UGwAGV1ZQBgMEVg==
traceparent
00-6824ba7c6235e9725620f6b999cdc6b0-e19dd18e24f7b291-01
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
fundraise.teamrubiconusa.org
referer
https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
:scheme
https
sec-fetch-site
same-origin
csrf-token
8osadT7I-fQpD9fMfRgBWqwJeVkgdGuzjmn4
:method
GET
X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN
8osadT7I-fQpD9fMfRgBWqwJeVkgdGuzjmn4
tracestate
423787@nr=0-1-423787-363751183-e19dd18e24f7b291----1634771996860
traceparent
00-6824ba7c6235e9725620f6b999cdc6b0-e19dd18e24f7b291-01
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJlMTlkZDE4ZTI0ZjdiMjkxIiwidHIiOiI2ODI0YmE3YzYyMzVlOTcyNTYyMGY2Yjk5OWNkYzZiMCIsInRpIjoxNjM0NzcxOTk2ODYwfX0=
Accept
application/json, text/plain, */*
csrf-token
8osadT7I-fQpD9fMfRgBWqwJeVkgdGuzjmn4
Referer
https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"1dc0-crE6aUfMuRCNyUkKhuTAb69S1FA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/json; charset=utf-8
cache-control
private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie
CSRF-TOKEN=JRjFUjQd-CxGYvGXYK5_qe32qaZJ4OL7eIuM; Path=/
cf-ray
6a15f9546e2f413e-PRG
vary
Accept-Encoding
user-icon.png
fundraise.teamrubiconusa.org/static/global/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundraise.teamrubiconusa.org/static/global/images/user-icon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcdc7148d1f31a3d06cff6b52d1064cb1a0dca292ccd80e3d8c52b1bf5330440
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

:path
/static/global/images/user-icon.png
pragma
no-cache
cookie
CSRF-TOKEN=8osadT7I-fQpD9fMfRgBWqwJeVkgdGuzjmn4; connect.sid=s%3AjP5e_zcCyMu9pYTWP0iIypb_colAw0c7.TEW6EZwihMPZhJHx41AFcy%2BPewD4H8dYQFM4xvfN%2Ffw; __cf_bm=DjSB6zeZNtc5dOrhBleJQKMigc__yWwHcm8lDrsYChY-1634771995-0-Af1w8w7DNjUMl2QF4B/qaw1OHVpR9ZFC55FzY/VdL1+ifYOopEzQLcGF0BgWSBgTZzjonakz7ClRUbBezyyLLnY=; _ga=GA1.2.1688333489.1634771996; _gid=GA1.2.1227594612.1634771996; OptanonConsent=landingPath=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&datestamp=Wed+Oct+20+2021+23%3A19%3A56+GMT%2B0000+(GMT)&version=3.6.25; _hp2_id.1566116007=%7B%22userId%22%3A%226706181534595456%22%2C%22pageviewId%22%3A%222077651536206359%22%2C%22sessionId%22%3A%222815424183470193%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D; _hp2_ses_props.1566116007=%7B%22z%22%3A0%2C%22ts%22%3A1634771996615%2C%22d%22%3A%22fundraise.teamrubiconusa.org%22%2C%22h%22%3A%22%2Fcampaign%2F2021-amrisc-group%2Fc347349%22%2C%22t%22%3A%222021%20AmRisc%20Group%22%7D
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
fundraise.teamrubiconusa.org
referer
https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Oct 2021 22:44:40 GMT
server
cloudflare
etag
"61709bd8-11ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000; includeSubDomains
accept-ranges
bytes
cf-ray
6a15f9547e39413e-PRG
content-length
4588
expires
Thu, 20 Oct 2022 23:19:57 GMT
b9877acc-eed3-11ea-978a-0ee030372895.png
assets.classy.org/13498460/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.classy.org/13498460/b9877acc-eed3-11ea-978a-0ee030372895.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0e056665b6191b144545413483d1e965b2ef638048776dc160cfcd455de1d6c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
via
1.1 0c8bf5614b4bcc3e76982cb7ff9a7662.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
FAILED
content-length
60215
last-modified
Fri, 04 Sep 2020 17:26:12 GMT
server
cloudflare
etag
"3a7db5bed3dc431da75a5645b3b13f88"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/png
cache-control
public,max-age=31536000
x-amz-version-id
Z.vys8JDCDVVxBWv7JPwgO3h.46Xa1DY
accept-ranges
bytes
cf-ray
6a15f954be8f4107-PRG
x-amz-cf-id
v-lw9VaJUEckEgxe3BGnkWUy8vvijkqIkaNYolh2DM5SatwBj6c5LQ==
a70e574c-dab6-11eb-88bf-0af5dd02a7b1.png
assets.classy.org/13891843/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.classy.org/13891843/a70e574c-dab6-11eb-88bf-0af5dd02a7b1.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bcb13711bab5b4c9df8e4c907847f17a51896d50882452471ca5fdb844f3861
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
via
1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
FAILED
content-length
16387
last-modified
Thu, 01 Jul 2021 21:52:40 GMT
server
cloudflare
etag
"924834dd971894f57abadd2c793bf300"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/png
cache-control
public,max-age=31536000
x-amz-version-id
.ex_plSrdDPTuEEKw7_m10SrtVJaNjuf
accept-ranges
bytes
cf-ray
6a15f954be904107-PRG
x-amz-cf-id
YjMJdm-4j1AIe5NwLcGXzFmyItGjnK-MH5WoiCotIKabNXHatOL8KA==
e0de6b64-6391-11e8-b9e4-0a7069b98fa2.png
assets.classy.org/3872427/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.classy.org/3872427/e0de6b64-6391-11e8-b9e4-0a7069b98fa2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bcb13711bab5b4c9df8e4c907847f17a51896d50882452471ca5fdb844f3861
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
via
1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
content-length
16387
last-modified
Tue, 29 May 2018 22:44:45 GMT
server
cloudflare
etag
"924834dd971894f57abadd2c793bf300"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/png
cache-control
public,max-age=31536000
x-amz-version-id
Rjrz.BSA5n1QaYgaZ2JcOWhR8vPK38Ky
accept-ranges
bytes
cf-ray
6a15f954be914107-PRG
x-amz-cf-id
U4xVzyFETYIkBZSsHWyJEKfiFO8F9TMkTVEk-JCrxpgJNyR0_Oxc1Q==
1b4f2f60-dab6-11eb-995b-0a58a9feac02.jpg
assets.classy.org/13891843/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.classy.org/13891843/1b4f2f60-dab6-11eb-995b-0a58a9feac02.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb41550860402d628b812596cc9236c1774280adf0a300ad560217b468720173
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
via
1.1 badae0844eca8f0bad6677607d947120.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
FAILED
content-length
59899
last-modified
Thu, 01 Jul 2021 21:48:45 GMT
server
cloudflare
etag
"ce830742e42d9d79e5ef2da9df47f6cc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
cache-control
public,max-age=31536000
x-amz-version-id
MNtx_9aDy1F8aRhuulu4xMEZZkxUJEuB
accept-ranges
bytes
cf-ray
6a15f954be8d4107-PRG
x-amz-cf-id
6CsPt8OQAO6yg_qdTmOJY9SXurfRn4FjFybM4-dQQy6Hn80K4J_PfA==
10f1cb8e-af7e-11e7-89bf-0e612d81029c.jpg
assets.classy.org/3872427/ 		751 KB
752 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.classy.org/3872427/10f1cb8e-af7e-11e7-89bf-0e612d81029c.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19ccb6ce6df742c30fa21ce2c12d71a7d19d4b1e2882843466483417a89f50dc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
via
1.1 41b7bdf4fb536a6c72b9f49d9b6affe9.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
content-length
768715
last-modified
Thu, 12 Oct 2017 18:49:27 GMT
server
cloudflare
etag
"eb2b994e4572d3419fb3b5f0b9ba6bb6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/jpeg
cache-control
public,max-age=31536000
x-amz-version-id
yINEuMCKSD9BwaEcWRG7zkew364gQ3S_
accept-ranges
bytes
cf-ray
6a15f954be944107-PRG
x-amz-cf-id
BiMn_WKeo-Fdr8LlwXDygIWN3x_ablI3YVxV8WlSCiAXCOA0-qZtlg==
f3071388-6439-11e8-b276-06d9a8f1bd92.png
assets.classy.org/3872427/ 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.classy.org/3872427/f3071388-6439-11e8-b276-06d9a8f1bd92.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b27e208e15914f60d058ddd9be57ed97ff79bd6bdcd2b05673a3435848ac0a8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
via
1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
x-amz-cf-pop
PRG50-C1
cf-ray
6a15f954be924107-PRG
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
content-length
150088
last-modified
Wed, 30 May 2018 18:47:49 GMT
server
cloudflare
etag
"39db3600bf19e1c1a8ca542cfabfcf1e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-amz-version-id
cCxSdK31Vm8pTJkCSrX_7FrqOmP3cX1I
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
VA301hSHhA-l0HrIuvWg7DyyZ6BRwwHtWEFQGlOhNXNNfvCCyjHTfw==
f6ae6ebe-6439-11e8-9933-0a0a2ade4d02.png
assets.classy.org/3872427/ 		145 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.classy.org/3872427/f6ae6ebe-6439-11e8-9933-0a0a2ade4d02.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c19c6489c0f9a438c484ad093dcda9a5a8c109e34c98543e34a8ee24d840cebe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:58 GMT
via
1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
x-amz-cf-pop
PRG50-C1
cf-ray
6a15f95868a14107-PRG
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
content-length
148795
last-modified
Wed, 30 May 2018 18:47:55 GMT
server
cloudflare
etag
"3d7e4618716f8c8a6fe7762e3959b6db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-amz-version-id
kc65.wJu.d3vlcIUJ4Sxt_51iUo41hYu
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
Bcx36RhOAGSZB6JtI9Aq2i2xrCl3Gjkdl4YWlJtht3-ruD-x2RrCIg==
fa03ef58-6439-11e8-bf68-0ef84106d2c2.png
assets.classy.org/3872427/ 		145 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.classy.org/3872427/fa03ef58-6439-11e8-bf68-0ef84106d2c2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d645f3da180b52feaa6cd094e7e21c3b6e118da131f86c3dbe68c55f911d93
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:58 GMT
via
1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
x-amz-cf-pop
PRG50-C1
cf-ray
6a15f95888b14107-PRG
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
content-length
148590
last-modified
Wed, 30 May 2018 18:48:01 GMT
server
cloudflare
etag
"9baebefdc1e915362b1fe35e7240ac03"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-amz-version-id
.vW7lfs76PUpz3qpunWVSwSSLgdLztSq
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
uMBU403doZdvHzcA0JcEa9NGKOpzK8n8nkAUpaFI3c03I_qi8l3tRA==
fea0b2a8-6439-11e8-912d-0e4b3c11e3ba.png
assets.classy.org/3872427/ 		151 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.classy.org/3872427/fea0b2a8-6439-11e8-912d-0e4b3c11e3ba.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0fe032e34e91da94ef30e71fa97c745d2984236dcceecc3efd09ee8584455
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:58 GMT
via
1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
x-amz-cf-pop
PRG50-C1
cf-ray
6a15f958f8df4107-PRG
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
content-length
154322
last-modified
Wed, 30 May 2018 18:48:09 GMT
server
cloudflare
etag
"a211b91331e4a5f68d1d37b821463dfc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
x-amz-version-id
H6ule7SA.CWY8zA12wW9oKY31gUueDn5
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
1it0C-DM3x78r45zbuJnyIry4NQryUQCzmU6ej-t7OE3D964gYSuYw==
ClassyIcons.woff
prod-frs.content.classy.org/prod/14997/static/global/fonts/ 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prod-frs.content.classy.org/prod/14997/static/global/fonts/ClassyIcons.woff
Requested by
Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/14997/static/frs/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7d07a13b2bdaede49433096be134e6b5e91f16663d92060b6420677a2644e0d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://prod-frs.content.classy.org/prod/14997/static/frs/main.css
Origin
https://fundraise.teamrubiconusa.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
x-amz-request-id
C04EX3512D9R7B0Z
strict-transport-security
max-age=15552000; includeSubDomains
content-length
42880
x-amz-id-2
1bf2HqzNPuBD7R9i/7ZpkliWF0LDud79DuFDnD5NXVoJyFGBlsB1W5u8+i2b9xEGFyB78T4VrA8=
last-modified
Wed, 20 Oct 2021 22:48:34 GMT
server
cloudflare
etag
"50a7f2d2df5a60ffdc3194ce2c875588"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
0
access-control-allow-methods
GET, HEAD
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6a15f954c8be2798-PRG
fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/14997/static/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prod-frs.content.classy.org/prod/14997/static/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/14997/static/frs/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.113.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://prod-frs.content.classy.org/prod/14997/static/frs/main.css
Origin
https://fundraise.teamrubiconusa.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
x-amz-request-id
C045R79E5S16VYM6
strict-transport-security
max-age=15552000; includeSubDomains
content-length
66624
x-amz-id-2
+5VDTgD+vO8ny9kvguaaUdGRYPawO4tb6IDDXHf+Yp4ChA+6kFFJcYoJ+HoLMpYKyWKq7PkVZH8=
last-modified
Wed, 20 Oct 2021 22:48:34 GMT
server
cloudflare
etag
"db812d8a70a4e88e888744c1c9a27e89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
0
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6a15f954c8c02798-PRG
rum
fundraise.teamrubiconusa.org/cdn-cgi/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundraise.teamrubiconusa.org/cdn-cgi/rum?
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-fetch-mode
cors
origin
https://fundraise.teamrubiconusa.org
accept-encoding
gzip, deflate, br
tracestate
423787@nr=0-1-423787-363751183-751dd2ada68276e8----1634771996904
accept-language
de-DE,de;q=0.9
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI3NTFkZDJhZGE2ODI3NmU4IiwidHIiOiIxN2NiNjRjNmFmODM1NjE5MTI3ZDNhODQzNmQ0NmZkMCIsInRpIjoxNjM0NzcxOTk2OTA0fX0=
sec-fetch-dest
empty
cookie
CSRF-TOKEN=8osadT7I-fQpD9fMfRgBWqwJeVkgdGuzjmn4; connect.sid=s%3AjP5e_zcCyMu9pYTWP0iIypb_colAw0c7.TEW6EZwihMPZhJHx41AFcy%2BPewD4H8dYQFM4xvfN%2Ffw; __cf_bm=DjSB6zeZNtc5dOrhBleJQKMigc__yWwHcm8lDrsYChY-1634771995-0-Af1w8w7DNjUMl2QF4B/qaw1OHVpR9ZFC55FzY/VdL1+ifYOopEzQLcGF0BgWSBgTZzjonakz7ClRUbBezyyLLnY=; _ga=GA1.2.1688333489.1634771996; _gid=GA1.2.1227594612.1634771996; OptanonConsent=landingPath=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&datestamp=Wed+Oct+20+2021+23%3A19%3A56+GMT%2B0000+(GMT)&version=3.6.25; _hp2_id.1566116007=%7B%22userId%22%3A%226706181534595456%22%2C%22pageviewId%22%3A%222077651536206359%22%2C%22sessionId%22%3A%222815424183470193%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D; _hp2_ses_props.1566116007=%7B%22z%22%3A0%2C%22ts%22%3A1634771996615%2C%22d%22%3A%22fundraise.teamrubiconusa.org%22%2C%22h%22%3A%22%2Fcampaign%2F2021-amrisc-group%2Fc347349%22%2C%22t%22%3A%222021%20AmRisc%20Group%22%7D
content-length
4749
:path
/cdn-cgi/rum?
pragma
no-cache
x-newrelic-id
UAQEVl5UGwAGV1ZQBgMEVg==
traceparent
00-17cb64c6af835619127d3a8436d46fd0-751dd2ada68276e8-01
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
fundraise.teamrubiconusa.org
referer
https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
:scheme
https
sec-fetch-site
same-origin
:method
POST
X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
tracestate
423787@nr=0-1-423787-363751183-751dd2ada68276e8----1634771996904
traceparent
00-17cb64c6af835619127d3a8436d46fd0-751dd2ada68276e8-01
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI3NTFkZDJhZGE2ODI3NmU4IiwidHIiOiIxN2NiNjRjNmFmODM1NjE5MTI3ZDNhODQzNmQ0NmZkMCIsInRpIjoxNjM0NzcxOTk2OTA0fX0=
content-type
application/json
Referer
https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349

Response headers

date
Wed, 20 Oct 2021 23:19:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://fundraise.teamrubiconusa.org
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6a15f954be5c413e-PRG
vary
Origin
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25969
x-xss-protection
0
pragma
public
x-fb-debug
S7K28PrgKFQQRXHdngO4JexEd9WMlADr+KdTnNnx/5Fre1Hrj0myInewkuiQ8rckAdGMKTAYBCgsKZNBnn0Wxw==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Wed, 20 Oct 2021 23:19:56 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
ESF /
Resource Hash
dc8579028e6c99023b053237372924e8d9b433250c9bab706f4995ef6d3a4c44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 23:19:57 GMT
server
ESF
date
Wed, 20 Oct 2021 23:19:57 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Wed, 20 Oct 2021 23:19:57 GMT
67fe2a1b26
bam-cell.nr-data.net/1/ 		49 B
725 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/67fe2a1b26?a=363721230&v=1211.ba193a8&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaU1QLRQRZVwxLCFsEWEBUD1ILflEPAR1bX1ZRWBZUDFdeKwAY&rst=2706&ck=1&ref=https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349&ap=314.798227&be=1999&fe=2294&dc=2293&tt=cc241d2bb7f49&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1634771994283,%22n%22:0,%22f%22:1,%22dn%22:2,%22dne%22:12,%22c%22:12,%22s%22:27,%22ce%22:48,%22rq%22:48,%22rp%22:795,%22rpe%22:1078,%22dl%22:799,%22di%22:1081,%22ds%22:1171,%22de%22:1171,%22dc%22:1998,%22l%22:1998,%22le%22:2006%7D,%22navigation%22:%7B%7D%7D&fp=2632&fcp=2632&jsonp=NREUM.setToken
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.146 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 23:19:57 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
6a15f955886af9da-PRG
widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html
platform.twitter.com/widgets/ Frame B376 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Ffundraise.teamrubiconusa.org
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6711) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://fundraise.teamrubiconusa.org/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
94704
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 20 Oct 2021 23:19:57 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Mon, 18 Oct 2021 18:32:00 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6711)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1800402061&t=timing&_s=1&dl=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&ul=en-us&de=UTF-8&dt=2021%20AmRisc%20Group%20-%20Campaign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20latency&utv=fresh&utl=1634771996681&utt=48&_u=KGDACEABBAAAAC~&jid=210827344&gjid=554630605&cid=1688333489.1634771996&tid=UA-3837893-1&_gid=1227594612.1634771996&_r=1&_slc=1&z=1599817082
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fundraise.teamrubiconusa.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 23:19:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fundraise.teamrubiconusa.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&a=1800402061&t=timing&_s=2&dl=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&ul=en-us&de=UTF-8&dt=2021%20AmRisc%20Group%20-%20Campaign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20first%20byte&utv=fresh&utl=1634771996681&utt=795&_u=KGDACEABBAAAAC~&jid=&gjid=&cid=1688333489.1634771996&tid=UA-3837893-1&_gid=1227594612.1634771996&z=213564833
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 08:59:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51633
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&a=1800402061&t=timing&_s=3&dl=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&ul=en-us&de=UTF-8&dt=2021%20AmRisc%20Group%20-%20Campaign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20last%20byte&utv=fresh&utl=1634771996681&utt=1078&_u=KGDACEABBAAAAC~&jid=&gjid=&cid=1688333489.1634771996&tid=UA-3837893-1&_gid=1227594612.1634771996&z=1174561874
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 08:59:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51633
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&a=1800402061&t=timing&_s=4&dl=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&ul=en-us&de=UTF-8&dt=2021%20AmRisc%20Group%20-%20Campaign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20document%20ready&utv=fresh&utl=1634771996681&utt=2006&_u=KGDACEABBAAAAC~&jid=&gjid=&cid=1688333489.1634771996&tid=UA-3837893-1&_gid=1227594612.1634771996&z=2090137689
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 08:59:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51633
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&a=1800402061&t=timing&_s=5&dl=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&ul=en-us&de=UTF-8&dt=2021%20AmRisc%20Group%20-%20Campaign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20view%20rendered&utv=fresh&utl=1634771996681&utt=2658&_u=KGDACEABBAAAAC~&jid=&gjid=&cid=1688333489.1634771996&tid=UA-3837893-1&_gid=1227594612.1634771996&z=719537633
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 08:59:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51633
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
telemetry
heapanalytics.com/api/ 		37 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/api/telemetry?a=1566116007&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=8&st=1634771997036&hv=4.15.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.143.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-143-234.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 23:19:57 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
m-outer-639174098ea8fe7fede6fa654790e8ec.js
js.stripe.com/v3/fingerprinted/js/ Frame 82C6 		1 KB
852 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
content-encoding
br
vary
Accept-Encoding
age
137
via
1.1 varnish
x-cache
HIT
content-length
645
x-amz-id-2
uj5sXu6iCgOWQN80T3CNcs9KNmgH/M0/uXKKEZX04Nk8LWBMe4c8ZDfexRr+6T8Y+ULgCmXqdxo=
x-served-by
cache-fra19141-FRA
timing-allow-origin
*
last-modified
Tue, 19 Oct 2021 21:45:00 GMT
server
AmazonS3
etag
"5213886b88cd72e6d0aebc89868e5d13"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
7EBSJEA9KY47HYR8
access-control-allow-origin
*
cache-control
max-age=60
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
91
gtm.js
www.googletagmanager.com/ 		298 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N2JKFX&l=dataLayer
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.136 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
a6e714bc9cd18f90849ed08181db9521c253af36c30dae526f6538a8b95ca958
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
79371
x-xss-protection
0
last-modified
Wed, 20 Oct 2021 21:30:03 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Oct 2021 23:19:57 GMT
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v5/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mulish/v5/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
b16d1466b18311b381e28bb2c1eebd8160ae5841105c9122d639f16d69f9d7cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fundraise.teamrubiconusa.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:57:49 GMT
x-content-type-options
nosniff
age
69728
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27652
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 16:57:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Oct 2022 03:57:49 GMT
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v5/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mulish/v5/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
b16d1466b18311b381e28bb2c1eebd8160ae5841105c9122d639f16d69f9d7cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fundraise.teamrubiconusa.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:57:49 GMT
x-content-type-options
nosniff
age
69728
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27652
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 16:57:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Oct 2022 03:57:49 GMT
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v5/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mulish/v5/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
b16d1466b18311b381e28bb2c1eebd8160ae5841105c9122d639f16d69f9d7cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fundraise.teamrubiconusa.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:57:49 GMT
x-content-type-options
nosniff
age
69728
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27652
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 16:57:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Oct 2022 03:57:49 GMT
1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v5/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mulish/v5/1Pttg83HX_SGhgqk2jovaqQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
3e1808a9ace7385d348932f3772b932fae013838a7eccf665e0c3beb2373050c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fundraise.teamrubiconusa.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:00:30 GMT
x-content-type-options
nosniff
age
191967
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29248
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 17:00:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 18 Oct 2022 18:00:30 GMT
www-player-webp.css
www.youtube.com/s/player/9e457a67/ Frame F6A3 		335 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9e457a67/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/x9dDze9MHZs?wmode=opaque
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
sffe /
Resource Hash
35501bfd5f2a8d2d8fb04695bc80793b9aa7160ded872a9f89cc094b140f8702
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/x9dDze9MHZs?wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 15:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
199659
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46953
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 00:14:57 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 18 Oct 2022 15:52:18 GMT
www-embed-player.js
www.youtube.com/s/player/9e457a67/www-embed-player.vflset/ Frame F6A3 		209 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9e457a67/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/x9dDze9MHZs?wmode=opaque
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
sffe /
Resource Hash
a94e60203c4a1d8371c22e4410baf6dbec30875599730d8ca8a22adaf23518d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/x9dDze9MHZs?wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 17:33:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
20792
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70183
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 00:14:57 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 20 Oct 2022 17:33:25 GMT
base.js
www.youtube.com/s/player/9e457a67/player_ias.vflset/de_DE/ Frame F6A3 		2 MB
512 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9e457a67/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/x9dDze9MHZs?wmode=opaque
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
sffe /
Resource Hash
a728f23ae512668f87d868b76ec44f5117c840fc4ac3809fa66ecf2ccb54d97e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/x9dDze9MHZs?wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 15:52:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
199659
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
524366
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 00:14:57 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 18 Oct 2022 15:52:18 GMT
fetch-polyfill.js
www.youtube.com/s/player/9e457a67/fetch-polyfill.vflset/ Frame F6A3 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9e457a67/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/x9dDze9MHZs?wmode=opaque
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/x9dDze9MHZs?wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 15:20:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
28742
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 00:14:57 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 20 Oct 2022 15:20:55 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F6A3 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/x9dDze9MHZs?wmode=opaque
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 19:58:13 GMT
x-content-type-options
nosniff
age
184904
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Oct 2022 19:58:13 GMT
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.47
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
20661
x-xss-protection
0
pragma
public
x-fb-debug
VuA/bJx+PhwIGd8q7bs7jMai6vW118EoL/4mTpPcB+V+wMRzBpLwU0xHkpZKu4JsR9asFDMuAHNOenQSb5RH1g==
x-frame-options
DENY
date
Wed, 20 Oct 2021 23:19:57 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
1589848707967354
connect.facebook.net/signals/config/ 		490 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1589848707967354?v=2.9.47&r=stable
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
aa4eefb57c2cce66ead4ecaaec4c3c9a0b544bdd569397fa3b98da9e4ff263a3
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
hEewVxFZA0/GiwNgEs0s0gerxGe9FHcEnOI2LW3jYHrputIyOf7ZQNnmqtxts0hsGoPb9I54OsF2XeDL7QSyDA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 20 Oct 2021 23:19:57 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/9e457a67/www-widgetapi.vflset/ 		143 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9e457a67/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
sffe /
Resource Hash
007ae39c614f532fd0efffce182882893814be75637bd67a6eaeed98ab364402
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 19:48:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
12672
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47516
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 00:14:57 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 20 Oct 2022 19:48:45 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-3837893-1&cid=1688333489.1634771996&jid=210827344&gjid=554630605&_gid=1227594612.1634771996&_u=KGDACEAABAAAAC~&z=2074507435
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.5.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wg-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fundraise.teamrubiconusa.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 20 Oct 2021 23:19:57 GMT
content-type
text/plain
access-control-allow-origin
https://fundraise.teamrubiconusa.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
inner.html
m.stripe.network/ Frame 3432 		932 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-120.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
m.stripe.network
:scheme
https
:path
/inner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://js.stripe.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/

Response headers

content-type
text/html; charset=utf-8
content-length
932
date
Wed, 20 Oct 2021 23:17:57 GMT
accept-ranges
bytes
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
x-content-type-options
nosniff
cache-control
max-age=300, public
content-security-policy
connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 f9c16664a13e70e73a4e280c7a0f2267.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
DZMr01VvlbxJTLnOolvhIsmxj9p287e79oXjGGslNniY5EiXknPkjQ==
age
121
1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v5/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mulish/v5/1Pttg83HX_SGhgqk2jovaqQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
3e1808a9ace7385d348932f3772b932fae013838a7eccf665e0c3beb2373050c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fundraise.teamrubiconusa.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 18:00:30 GMT
x-content-type-options
nosniff
age
191967
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29248
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 17:00:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 18 Oct 2022 18:00:30 GMT
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v5/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mulish/v5/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
b16d1466b18311b381e28bb2c1eebd8160ae5841105c9122d639f16d69f9d7cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fundraise.teamrubiconusa.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:57:49 GMT
x-content-type-options
nosniff
age
69728
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27652
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 16:57:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Oct 2022 03:57:49 GMT
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v5/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mulish/v5/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
b16d1466b18311b381e28bb2c1eebd8160ae5841105c9122d639f16d69f9d7cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fundraise.teamrubiconusa.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:57:49 GMT
x-content-type-options
nosniff
age
69728
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27652
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 16:57:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Oct 2022 03:57:49 GMT
settings
syndication.twitter.com/ Frame B376 		232 B
432 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=69370f2cd4ee4c2b686a308a24d0f91da5f93b8b
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Ffundraise.teamrubiconusa.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 23:19:57 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
6370766dbaaad23b162f79266fa40b79b99bccb9a33bd9e756086564b4102642
content-length
166
jquery-3.3.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
https://fundraise.teamrubiconusa.org/
Origin
https://fundraise.teamrubiconusa.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
content-encoding
gzip
last-modified
Sat, 20 Jan 2018 17:26:44 GMT
server
nginx
etag
W/"5a637bd4-1538f"
vary
Accept-Encoding
x-hw
1634771997.dop209.fr8.t,1634771997.cds231.fr8.hn,1634771997.cds002.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30288
csp-report
q.stripe.com/ Frame 3432 		0
121 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://m.stripe.network/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
x-envoy-upstream-service-time
1
server
nginx
content-length
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
collect
stats.g.doubleclick.net/j/ 		2 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-23186019-1&cid=1688333489.1634771996&jid=714404572&gjid=640995600&_gid=1227594612.1634771996&_u=aGDAiEABBAAAAG~&z=1155992976
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.5.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wg-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fundraise.teamrubiconusa.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 20 Oct 2021 23:19:57 GMT
content-type
text/plain
access-control-allow-origin
https://fundraise.teamrubiconusa.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 16:47:48 GMT
server
Golfe2
age
1980
date
Wed, 20 Oct 2021 22:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19887
expires
Thu, 21 Oct 2021 00:46:57 GMT
7967.js
script.crazyegg.com/pages/scripts/0013/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0013/7967.js
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.147.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a5f523e05c66d06ba8558f2194b6ef49f6a91067d4fd2e8d708ad7c08dfcb6c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
content-encoding
gzip
cf-cache-status
MISS
cf-ray
6a15f95788cd4120-PRG
ce-version
11.1.351
content-length
1857
last-modified
Wed, 20 Oct 2021 23:19:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
roundtrip.js
s.adroll.com/j/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00a838051c95fd70f609e56b14160f3b11f9cc925ebf863b6b6d05aa05f18410

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id
20dI2pPzXWu4owz5yzq5GCZ31O2z_uNt
Content-Encoding
gzip
Etag
W/"42b7053581646365ea5fe1cf37686183"
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Access-Control-Max-Age
600
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Mon, 18 Oct 2021 20:57:17 GMT
Server
AmazonS3
Date
Wed, 20 Oct 2021 23:06:21 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Via
1.1 ad3c90e13b86d72e2a5e6bf65eab3451.cloudfront.net (CloudFront)
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
-yMZLeGTSOUaYaVToeRFLIIMn5Pq08C4F3sJIAuhNAXkDEhiYbqJHA==
insight.min.js
snap.licdn.com/li.lms-analytics/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.17 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-17.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 23:19:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Sep 2021 19:17:49 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=36832
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2036
uwt.js
static.ads-twitter.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 23:58:10 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-geo-cc_and_ra
DE-BW
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kjyo7100098-IAD, cache-hhn11572-HHN
bat.js
bat.bing.com/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d891455e32c9a425e36e190047b1f58abeb7e3709eff687134ddea7ac9cfdd3b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:56 GMT
content-encoding
gzip
last-modified
Wed, 06 Oct 2021 19:11:47 GMT
x-msedge-ref
Ref A: C551B011B8F548FC8A24C29203B37225 Ref B: PRG01EDGE1012 Ref C: 2021-10-20T23:19:57Z
etag
"805b72e6bad71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
10001
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
0b52dc3851559db81b5517ed0d7f0ae732f1f758f09834c62d09c02189ca2155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14435
x-xss-protection
0
server
cafe
etag
3499052782129861849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 20 Oct 2021 23:19:57 GMT
activityi;dc_pre=CK2ZxaGQ2vMCFUbYEQgdgMoIgg;src=10169194;type=hva1f0;cat=allpa0;ord=4851022385496;gtm=2wgak0;auiddc=190374960.1634771997;~oref=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%...
10169194.fls.doubleclick.net/ Frame 60E8
Redirect Chain
  • https://10169194.fls.doubleclick.net/activityi;src=10169194;type=hva1f0;cat=allpa0;ord=4851022385496;gtm=2wgak0;auiddc=190374960.1634771997;~oref=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampai...
  • https://10169194.fls.doubleclick.net/activityi;dc_pre=CK2ZxaGQ2vMCFUbYEQgdgMoIgg;src=10169194;type=hva1f0;cat=allpa0;ord=4851022385496;gtm=2wgak0;auiddc=190374960.1634771997;~oref=https%3A%2F%2Ffun...
531 B
441 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10169194.fls.doubleclick.net/activityi;dc_pre=CK2ZxaGQ2vMCFUbYEQgdgMoIgg;src=10169194;type=hva1f0;cat=allpa0;ord=4851022385496;gtm=2wgak0;auiddc=190374960.1634771997;~oref=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N2JKFX&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
5d0e62c621759b2a9d49339fdd9f839f2ad22bec6546ea8b815ec3626153e245
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
10169194.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CK2ZxaGQ2vMCFUbYEQgdgMoIgg;src=10169194;type=hva1f0;cat=allpa0;ord=4851022385496;gtm=2wgak0;auiddc=190374960.1634771997;~oref=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fundraise.teamrubiconusa.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 20 Oct 2021 23:19:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
416
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 20-Oct-2021 23:34:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 20 Oct 2021 23:19:57 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://10169194.fls.doubleclick.net/activityi;dc_pre=CK2ZxaGQ2vMCFUbYEQgdgMoIgg;src=10169194;type=hva1f0;cat=allpa0;ord=4851022385496;gtm=2wgak0;auiddc=190374960.1634771997;~oref=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
up.js
up.pixel.ad/assets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://up.pixel.ad/assets/up.js?um=1
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.242.181 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-242-181.fra.llnw.net
Software
AC1.1 /
Resource Hash
5bdf1120c4df8c868092d0bcb7f2540a85456fd94cd1e1a5570c9b63906b1a5b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
content-encoding
gzip
last-modified
Mon, 24 Aug 2020 15:06:26 GMT
server
AC1.1
age
5184
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1041
x-llid
b86b03c0d6ac337c32202f53ba084813
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&a=1800402061&t=pageview&_s=1&dl=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&ul=en-us&de=UTF-8&dt=2021%20AmRisc%20Group%20-%20Campaign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiEABBAAAAC~&jid=714404572&gjid=640995600&cid=1688333489.1634771996&tid=UA-23186019-1&_gid=1227594612.1634771996&gtm=2wgak0N2JKFX&z=703855679
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 08:59:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51633
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
out-4.5.40.js
m.stripe.network/ Frame 3432 		85 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.40.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-120.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:15:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
Cloudfront
age
294
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 f9c16664a13e70e73a4e280c7a0f2267.cloudfront.net (CloudFront)
cache-control
max-age=300, public
x-amz-cf-pop
FRA56-P4
timing-allow-origin
*
vary
Accept-Encoding,Accept-Encoding
x-amz-cf-id
ZI4GO52VPd9GmyEzlzQz4hzF9h1zpl6JBLoK5nvXOxzZh14V1RxwWw==
id
googleads.g.doubleclick.net/pagead/ Frame F6A3
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/x9dDze9MHZs?wmode=opaque
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
090ba9a772e496a7dc14c845da96ee03f4152d0cf614234693f242b7a8581051
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 20 Oct 2021 23:19:57 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame F6A3 		29 B
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e457a67/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:13:00 GMT
x-content-type-options
nosniff
age
417
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Oct 2021 23:28:00 GMT
iframeResizer-6bb8ec1b02.js
fundraise.teamrubiconusa.org/sso/ssobuild/js/ 		34 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundraise.teamrubiconusa.org/sso/ssobuild/js/iframeResizer-6bb8ec1b02.js
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a420d3aaef8542c2952614ab83b697fcb3d1c57c7728b3565876611b5f06ef7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
tracestate
423787@nr=0-1-423787-363751183-a037283cc0ec8b7b----1634771997387
accept-language
de-DE,de;q=0.9
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJhMDM3MjgzY2MwZWM4YjdiIiwidHIiOiIzMzQyMWRiZTM2MDRiNmE2YTFlYzVhM2E3YWNjMzY0MCIsInRpIjoxNjM0NzcxOTk3Mzg3fX0=
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
connect.sid=s%3AjP5e_zcCyMu9pYTWP0iIypb_colAw0c7.TEW6EZwihMPZhJHx41AFcy%2BPewD4H8dYQFM4xvfN%2Ffw; __cf_bm=DjSB6zeZNtc5dOrhBleJQKMigc__yWwHcm8lDrsYChY-1634771995-0-Af1w8w7DNjUMl2QF4B/qaw1OHVpR9ZFC55FzY/VdL1+ifYOopEzQLcGF0BgWSBgTZzjonakz7ClRUbBezyyLLnY=; _ga=GA1.2.1688333489.1634771996; _gid=GA1.2.1227594612.1634771996; _hp2_id.1566116007=%7B%22userId%22%3A%226706181534595456%22%2C%22pageviewId%22%3A%222077651536206359%22%2C%22sessionId%22%3A%222815424183470193%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D; _hp2_ses_props.1566116007=%7B%22ts%22%3A1634771996615%2C%22d%22%3A%22fundraise.teamrubiconusa.org%22%2C%22h%22%3A%22%2Fcampaign%2F2021-amrisc-group%2Fc347349%22%7D; OptanonConsent=landingPath=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&datestamp=Wed+Oct+20+2021+23%3A19%3A56+GMT%2B0000+(GMT)&version=3.6.25&EuOnly=true; _gat_classyTrack=1; _hp2_props.1566116007=%7B%22environment%22%3A%22prod%22%2C%22organization_id%22%3A5643%2C%22payment_processor%22%3A%22WePay%22%2C%22campaign%22%3A347349%2C%22campaign_type%22%3A%22crowdfunding%22%2C%22duplicate_fundraisers%22%3Afalse%2C%22existing_fundraiser%22%3Afalse%7D; _gcl_au=1.1.190374960.1634771997; _dc_gtm_UA-23186019-1=1; CSRF-TOKEN=JRjFUjQd-CxGYvGXYK5_qe32qaZJ4OL7eIuM
:path
/sso/ssobuild/js/iframeResizer-6bb8ec1b02.js
pragma
no-cache
x-newrelic-id
UAQEVl5UGwAGV1ZQBgMEVg==
traceparent
00-33421dbe3604b6a6a1ec5a3a7acc3640-a037283cc0ec8b7b-01
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
fundraise.teamrubiconusa.org
referer
https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
:scheme
https
sec-fetch-site
same-origin
:method
GET
X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
tracestate
423787@nr=0-1-423787-363751183-a037283cc0ec8b7b----1634771997387
traceparent
00-33421dbe3604b6a6a1ec5a3a7acc3640-a037283cc0ec8b7b-01
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJhMDM3MjgzY2MwZWM4YjdiIiwidHIiOiIzMzQyMWRiZTM2MDRiNmE2YTFlYzVhM2E3YWNjMzY0MCIsInRpIjoxNjM0NzcxOTk3Mzg3fX0=
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
X-Requested-With
XMLHttpRequest

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 19 Oct 2021 23:17:40 GMT
server
cloudflare
etag
W/"616f5214-893d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
strict-transport-security
max-age=15552000; includeSubDomains
cf-ray
6a15f957b88a413e-PRG
expires
Thu, 20 Oct 2022 23:19:57 GMT
ga-audiences
www.google.com/ads/ 		42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-23186019-1&cid=1688333489.1634771996&jid=714404572&_u=aGDAiEABBAAAAG~&z=886663852
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 23:19:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
remote.js
www.youtube.com/s/player/9e457a67/player_ias.vflset/de_DE/ Frame F6A3 		93 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9e457a67/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e457a67/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
sffe /
Resource Hash
29b93a0c7ce944834a9841b7ed98b20f1c19e871ff4f3361db76a026f46d6a06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/x9dDze9MHZs?wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 15:52:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
199658
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29594
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 00:14:57 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 18 Oct 2022 15:52:19 GMT
LOmHOoAv0oJwm2BB9so6lRy8TBRhtyNZy_JhYGjOIrE.js
www.google.com/js/th/ Frame F6A3 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/LOmHOoAv0oJwm2BB9so6lRy8TBRhtyNZy_JhYGjOIrE.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e457a67/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
sffe /
Resource Hash
2ce9873a802fd282709b6041f6ca3a951cbc4c1461b72359cbf2616068ce22b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 12:32:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
38830
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13444
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 20 Oct 2022 12:32:47 GMT
embed.js
www.youtube.com/s/player/9e457a67/player_ias.vflset/de_DE/ Frame F6A3 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9e457a67/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e457a67/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
sffe /
Resource Hash
5086b34a1e9d368fcf3c5ef99cddc58a9ca924649f90bccde0ac0a20f327f9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/x9dDze9MHZs?wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 15:52:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
199646
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7355
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 00:14:57 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 18 Oct 2022 15:52:31 GMT
truncated
/ Frame F6A3 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
AKedOLQgWxw5aKwaof9OhUbLKXFd3tWFRH0oRmLUJXT2sw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame F6A3 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLQgWxw5aKwaof9OhUbLKXFd3tWFRH0oRmLUJXT2sw=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/x9dDze9MHZs?wmode=opaque
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
fife /
Resource Hash
748263421051d77fd35874dbc3018a789e570c4bd13508793c5a99f8ccb363da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2251
x-xss-protection
0
server
fife
etag
"v189a"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 21 Oct 2021 14:20:39 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/x9dDze9MHZs/ Frame F6A3 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/x9dDze9MHZs/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/x9dDze9MHZs?wmode=opaque
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f22.1e100.net
Software
sffe /
Resource Hash
b0ff891a8c7587a10b68df6f45fe52608018fb4a30a8fc22b62a9234e68a1093
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
x-content-type-options
nosniff
server
sffe
etag
"1614386861"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8020
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 21 Oct 2021 01:19:57 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=80894&time=1634771997644&url=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D80894%26time%3D1634771997644%26url%3Dhttps%253A%252F%252Ffundraise.teamrubiconusa...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=80894&time=1634771997644&url=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&liSync=true
0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=80894&time=1634771997644&url=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&liSync=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.11.37 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-11-37.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:58 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-esv5
content-type
application/javascript
content-length
0
x-li-uuid
HK60pnjgrxbAJosBaisAAA==

Redirect headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAXO0QRAZBPOZlhBZGnCUQ==
pragma
no-cache
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 2BC0D2D2E4534EF8AB5383300A2E1C16 Ref B: PRG01EDGE0712 Ref C: 2021-10-20T23:19:58Z
date
Wed, 20 Oct 2021 23:19:57 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=80894&time=1634771997644&url=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&liSync=true
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/968725110/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/968725110/?random=1634771997647&cv=9&fst=1634771997647&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&tiba=2021%20AmRisc%20Group%20-%20Campaign&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
865793dc03e2dd0fefc37d83996ffd50b15eb1a105a20d43a10b0e2c4f9007f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 23:19:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1017
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/824070334/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/824070334/?random=1634771997650&cv=9&fst=1634771997650&num=1&value=0&label=htU8COfJmd8BEL6h-YgD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&tiba=2021%20AmRisc%20Group%20-%20Campaign&auid=190374960.1634771997&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
fec6b9e641991989f89069723bdab21ca46250cae7bf36dbc7bf856975683730
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 23:19:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1235
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/Z4UBGHYDBFC6TJJ5DLFHXE/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id
dPv0Hcrnu1ogzkPItoFzSnX7IO5liBxs
Via
1.1 ad3c90e13b86d72e2a5e6bf65eab3451.cloudfront.net (CloudFront)
Etag
"5816cced8568d223aa09d889f300692b"
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28
Last-Modified
Thu, 30 Sep 2021 23:26:42 GMT
Server
AmazonS3
Date
Wed, 20 Oct 2021 02:43:04 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
6uMGDsu2cQoj-n4tMDMr5n_bxPjTiHFCJaRY1aXUq9dfkBPymGOGSA==

Redirect headers

Date
Wed, 20 Oct 2021 12:26:21 GMT
Via
1.1 ad3c90e13b86d72e2a5e6bf65eab3451.cloudfront.net (CloudFront)
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P4
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
X-Amz-Cf-Id
LtYW99afUWuMWltzZPbUOoRl_DnaPAp-rZnko2ILKELl4H5VE8bb6g==
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/Z4UBGHYDBFC6TJJ5DLFHXE/WEAB5TK2TFCZ7FF4SQWSLI/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
721 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/index.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via
1.1 ad3c90e13b86d72e2a5e6bf65eab3451.cloudfront.net (CloudFront)
Etag
"d41d8cd98f00b204e9800998ecf8427e"
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Server
AmazonS3
Date
Wed, 20 Oct 2021 00:54:46 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
oCni3nxVtbnoDZ5yBskmV3QpVYucLqoS1Bb2uZSbncVsDX_O_18B-g==

Redirect headers

Date
Wed, 20 Oct 2021 12:26:21 GMT
Via
1.1 ad3c90e13b86d72e2a5e6bf65eab3451.cloudfront.net (CloudFront)
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P4
Location
https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
X-Amz-Cf-Id
SqX51fiyaciVM6ZaB6-lcAEh8WLE5uQokQglf6Feo13vwtP0Un7b7Q==
index.js
s.adroll.com/j/pre/Z4UBGHYDBFC6TJJ5DLFHXE/WEAB5TK2TFCZ7FF4SQWSLI/ 		0
782 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/Z4UBGHYDBFC6TJJ5DLFHXE/WEAB5TK2TFCZ7FF4SQWSLI/index.js
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id
KgLDseKVVETrVUb0YDzOSBrpBSPk5cwx
Via
1.1 ad3c90e13b86d72e2a5e6bf65eab3451.cloudfront.net (CloudFront)
Etag
"d41d8cd98f00b204e9800998ecf8427e"
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Server-Side-Encryption
AES256
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Thu, 07 Oct 2021 03:29:25 GMT
Server
AmazonS3
Date
Wed, 20 Oct 2021 23:19:59 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
95jo0yJNOLqjvLRUzIc7EO1wh-JnF_Sc1ILpVCaut5iDYWaCQRK4Ig==
/
www.facebook.com/tr/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1589848707967354&ev=PageView&dl=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&rl=&if=false&ts=1634771997672&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1634771997671.262781396&it=1634771997093&coo=false&exp=p1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.35 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 20 Oct 2021 23:19:57 GMT
26039304.js
bat.bing.com/p/action/ 		0
111 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/26039304.js
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 20 Oct 2021 23:19:57 GMT
cache-control
private,max-age=86400
x-msedge-ref
Ref A: BDABCE0CB3DA441A94766DACB14C71B5 Ref B: PRG01EDGE1012 Ref C: 2021-10-20T23:19:57Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=26039304&tm=gtm002&Ver=2&mid=02cb2c01-a405-4c52-adfc-92c9cf36a20d&sid=3d9c351031fc11ecabe9eb0c39ca56d3&vid=3d9c1d5031fc11ecb67d37e092787789&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=2021%20AmRisc%20Group%20-%20Campaign&p=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&r=&lt=2006&evt=pageLoad&msclkid=N&sv=1&rn=496092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 20 Oct 2021 23:19:57 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: FF6A44E38D8E45BF8F042FC434B55303 Ref B: PRG01EDGE1012 Ref C: 2021-10-20T23:19:57Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
6
m.stripe.com/ Frame 3432 		156 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.40.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.187.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-208-187-153.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4d0e258dcda358e9419321d52004d0f9e6591741330888d161fad9aa130bdaef
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Oct 2021 23:19:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
strict-transport-security
max-age=31556926; includeSubDomains; preload
access-control-allow-headers
Content-Type
asyncPixelSync
pixel.sitescout.com/dmp/ Frame 1506
Redirect Chain
  • https://pixel.sitescout.com/dmp/asyncPixelSync
  • https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
5d669e60bbf217eac8e404ebcee116943199b648ca66738bec99eefde5595ff5

Request headers

:method
GET
:authority
pixel.sitescout.com
:scheme
https
:path
/dmp/asyncPixelSync?cookieQ=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fundraise.teamrubiconusa.org/
accept-encoding
gzip, deflate, br
cookie
ssi=2459e3b9-6b31-4119-a099-796e038c5403#1634771997792
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349

Response headers

cache-control
max-age=0,no-cache,no-store
pragma
no-cache
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
set-cookie
ssi=2459e3b9-6b31-4119-a099-796e038c5403#1634771997792; Domain=.sitescout.com; Expires=Thu, 20-Oct-2022 23:19:57 GMT; Path=/; Secure; SameSite=None _ssuma=eyIzNCI6MTYzNDc3MTk5NzgzMCwiMiI6MTYzNDc3MTk5NzgzMCwiNCI6MTYzNDc3MTk5NzgzMCwiMzkiOjE2MzQ3NzE5OTc4MzAsIjciOjE2MzQ3NzE5OTc4MzB9; Domain=.sitescout.com; Expires=Fri, 19-Nov-2021 23:19:57 GMT; Path=/; Secure; SameSite=None
content-type
text/html;charset=UTF-8
content-length
1139
date
Wed, 20 Oct 2021 23:19:57 GMT
server
AC1.1

Redirect headers

set-cookie
ssi=fdce41bf-fe5f-4817-91b9-03cb7cbd2733#1634771997790; Domain=.sitescout.com; Expires=Thu, 20-Oct-2022 23:19:57 GMT; Path=/; Secure; SameSite=None
location
https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
content-length
0
date
Wed, 20 Oct 2021 23:19:57 GMT
server
AC1.1
141bc6c012cd9ab0
pixel.sitescout.com/up/
Redirect Chain
  • https://pixel.sitescout.com/up/141bc6c012cd9ab0?cntr_url=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349
  • https://pixel.sitescout.com/up/141bc6c012cd9ab0?cookieQ=1&cntr_url=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349
43 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/up/141bc6c012cd9ab0?cookieQ=1&cntr_url=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 23:19:57 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control
max-age=0,no-cache,no-store
content-type
image/gif
content-length
43
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location
https://pixel.sitescout.com/up/141bc6c012cd9ab0?cookieQ=1&cntr_url=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349
date
Wed, 20 Oct 2021 23:19:56 GMT
server
AC1.1
content-length
0
dc_pre=CK2ZxaGQ2vMCFUbYEQgdgMoIgg;src=10169194;type=hva1f0;cat=allpa0;ord=4851022385496;gtm=2wgak0;auiddc=190374960.1634771997;~oref=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amr...
10169194.fls.doubleclick.net/ddm/fls/r/ Frame B60D
Redirect Chain
  • https://adservice.google.com/ddm/fls/i/dc_pre=CK2ZxaGQ2vMCFUbYEQgdgMoIgg;src=10169194;type=hva1f0;cat=allpa0;ord=4851022385496;gtm=2wgak0;auiddc=190374960.1634771997;~oref=https%3A%2F%2Ffundraise.t...
  • https://10169194.fls.doubleclick.net/ddm/fls/r/dc_pre=CK2ZxaGQ2vMCFUbYEQgdgMoIgg;src=10169194;type=hva1f0;cat=allpa0;ord=4851022385496;gtm=2wgak0;auiddc=190374960.1634771997;~oref=https%3A%2F%2Ffun...
658 B
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10169194.fls.doubleclick.net/ddm/fls/r/dc_pre=CK2ZxaGQ2vMCFUbYEQgdgMoIgg;src=10169194;type=hva1f0;cat=allpa0;ord=4851022385496;gtm=2wgak0;auiddc=190374960.1634771997;~oref=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349
Requested by
Host: 10169194.fls.doubleclick.net
URL: https://10169194.fls.doubleclick.net/activityi;dc_pre=CK2ZxaGQ2vMCFUbYEQgdgMoIgg;src=10169194;type=hva1f0;cat=allpa0;ord=4851022385496;gtm=2wgak0;auiddc=190374960.1634771997;~oref=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
7643ad0ac825156d7d26136a9222a83679e312cc229ec3d99ca09942ef0722de
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
10169194.fls.doubleclick.net
:scheme
https
:path
/ddm/fls/r/dc_pre=CK2ZxaGQ2vMCFUbYEQgdgMoIgg;src=10169194;type=hva1f0;cat=allpa0;ord=4851022385496;gtm=2wgak0;auiddc=190374960.1634771997;~oref=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://10169194.fls.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm-6ivwkgQvOoxhOvMJwUlqCGgxw2ttBfbgRZLD-QScAGJf2slOSmaBbSBZ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://10169194.fls.doubleclick.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 20 Oct 2021 23:19:57 GMT
expires
Wed, 20 Oct 2021 23:19:57 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
378
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 20 Oct 2021 23:19:57 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
location
https://10169194.fls.doubleclick.net/ddm/fls/r/dc_pre=CK2ZxaGQ2vMCFUbYEQgdgMoIgg;src=10169194;type=hva1f0;cat=allpa0;ord=4851022385496;gtm=2wgak0;auiddc=190374960.1634771997;~oref=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
adsct
analytics.twitter.com/i/ 		31 B
657 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ny36y&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=56b63215-65a0-43b6-b91b-a351ece09e23&tw_document_href=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
pragma
no-cache
last-modified
Wed, 20 Oct 2021 23:19:57 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
d2b5275070ebfda4b84bb1ac691b4f4f24d1770710e6015d121b36ebb3a8a778
x-transaction
1fb6997c902d8693
expires
Tue, 31 Mar 1981 05:00:00 GMT
adsct
t.co/i/ 		43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ny36y&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=56b63215-65a0-43b6-b91b-a351ece09e23&tw_document_href=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Wed, 20 Oct 2021 23:19:57 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
901806f38a8adc372f4511ddeca40c75c6a531ee0885250278a21270c8ad58ea
x-transaction
60f2d542a6e81b2c
expires
Tue, 31 Mar 1981 05:00:00 GMT
/
www.google.com/pagead/1p-user-list/968725110/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/968725110/?random=1634771997647&cv=9&fst=1634770800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&frm=0&url=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&tiba=2021%20AmRisc%20Group%20-%20Campaign&async=1&fmt=3&is_vtc=1&random=214066253&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 23:19:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame F6A3 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e457a67/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.163 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f163.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Oct 2021 23:19:57 GMT
generate_204
www.youtube.com/ Frame F6A3 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?f1JCiQ
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/x9dDze9MHZs?wmode=opaque
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/x9dDze9MHZs?wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
/
www.google.com/pagead/1p-conversion/824070334/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/824070334/?random=1625758074&cv=9&fst=1634771997650&num=1&value=0&label=htU8COfJmd8BEL6h-YgD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&...
  • https://www.google.com/pagead/1p-conversion/824070334/?random=1625758074&cv=9&fst=1634771997650&num=1&value=0&label=htU8COfJmd8BEL6h-YgD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/824070334/?random=1625758074&cv=9&fst=1634771997650&num=1&value=0&label=htU8COfJmd8BEL6h-YgD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&tiba=2021%20AmRisc%20Group%20-%20Campaign&auid=190374960.1634771997&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=HaRwYbatKLux-gaY96eAAg&cid=CAQSKQCNIrLMF5EJX1UsgIJfMXYDEYkdqn_e45tuKyjP69YkSss5Pp-7NDen&eitems=ChEI8Py-iwYQ_fqxi660oqfZARIdAORs2u7QIatY5zXjhlGooSireQTNmJaAL3STlwU&random=4178649280&resp=GooglemKTybQhCsO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 23:19:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Oct 2021 23:19:57 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
location
https://www.google.com/pagead/1p-conversion/824070334/?random=1625758074&cv=9&fst=1634771997650&num=1&value=0&label=htU8COfJmd8BEL6h-YgD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgak0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&tiba=2021%20AmRisc%20Group%20-%20Campaign&auid=190374960.1634771997&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=HaRwYbatKLux-gaY96eAAg&cid=CAQSKQCNIrLMF5EJX1UsgIJfMXYDEYkdqn_e45tuKyjP69YkSss5Pp-7NDen&eitems=ChEI8Py-iwYQ_fqxi660oqfZARIdAORs2u7QIatY5zXjhlGooSireQTNmJaAL3STlwU&random=4178649280&resp=GooglemKTybQhCsO
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Z4UBGHYDBFC6TJJ5DLFHXE
d.adroll.com/consent/check/ 		393 B
862 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/Z4UBGHYDBFC6TJJ5DLFHXE?arrfrr=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&_s=6fdcc3137f731ed8f2912e27deedc051&_b=2
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.183.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-183-31.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
4f11269b50104ac76e818666b155a37e452f50643803d18e783db6a744f612e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 23:19:58 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-type
application/javascript
content-length
393
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&a=1800402061&t=timing&_s=6&dl=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&ul=en-us&de=UTF-8&dt=2021%20AmRisc%20Group%20-%20Campaign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20fully%20loaded&utv=fresh&utl=1634771996681&utt=3429&_u=aGDACEABBAAAAG~&jid=&gjid=&cid=1688333489.1634771996&tid=UA-3837893-1&_gid=1227594612.1634771996&z=276873367
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 08:59:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51633
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
7967.json
script.crazyegg.com/pages/data-scripts/0013/ Frame AC01 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0013/7967.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0013/7967.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.147.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6608583fa92c0e2886dae0eba7afc0737de92edc5d079b46b4a221864609e795

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:58 GMT
content-encoding
gzip
cf-cache-status
MISS
cf-ray
6a15f95b2b35410e-PRG
ce-version
11.1.351
content-length
1331
last-modified
Wed, 20 Oct 2021 23:19:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cast_sender.js
www.gstatic.com/eureka/clank/93/ Frame F6A3 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/93/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.163 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f163.1e100.net
Software
sffe /
Resource Hash
66b3a50b1f61027459efda3192f4265a316f43a8d770a7135c956bea688fe4d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 13:57:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33728
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15346
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 17:05:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Thu, 21 Oct 2021 13:57:49 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame B60D 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: 10169194.fls.doubleclick.net
URL: https://10169194.fls.doubleclick.net/ddm/fls/r/dc_pre=CK2ZxaGQ2vMCFUbYEQgdgMoIgg;src=10169194;type=hva1f0;cat=allpa0;ord=4851022385496;gtm=2wgak0;auiddc=190374960.1634771997;~oref=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.96.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://10169194.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 04:12:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
80581
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-P2
X-Amz-Cf-Id
ANzBudq_hkUY4ATFKeHQacF4Wz2fbI6Z0ETeE-3EqfzdwDd6VAchoA==
demconf.jpg
dpm.demdex.net/ Frame 1506
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=82530&dpuuid=2459e3b9-6b31-4119-a099-796e038c5403-6170a41d-5553&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=2459e3b9-6b31-4119-a099-796e038c5403-6170a41d-5553&gdpr=0&gdpr_consent=
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=2459e3b9-6b31-4119-a099-796e038c5403-6170a41d-5553&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.217.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-217-29.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v019-0d891b5f4.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
r3eK4beoS3M=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v019-0920decde.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
kVNl4cQyRHg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=2459e3b9-6b31-4119-a099-796e038c5403-6170a41d-5553&gdpr=0&gdpr_consent=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
check
pixel.tapad.com/idsync/ex/receive/ Frame 1506
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2499&partner_device_id=2459e3b9-6b31-4119-a099-796e038c5403-6170a41d-5553
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=2459e3b9-6b31-4119-a099-796e038c5403-6170a41d-5553
95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=2459e3b9-6b31-4119-a099-796e038c5403-6170a41d-5553
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:58 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=2459e3b9-6b31-4119-a099-796e038c5403-6170a41d-5553
date
Wed, 20 Oct 2021 23:19:57 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
loadm.exelator.com/load/ Frame 1506 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=2459e3b9-6b31-4119-a099-796e038c5403-6170a41d-5553&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:57 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
um
sync.teads.tv/ Frame 1506 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=73&uid=2459e3b9-6b31-4119-a099-796e038c5403-6170a41d-5553&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.168.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-168-12.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 23:19:58 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 20 Oct 2021 23:19:58 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif
tpid=2459e3b9-6b31-4119-a099-796e038c5403-6170a41d-5553
bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/ Frame 1506
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=1389/tp=STSC/tpid=2459e3b9-6b31-4119-a099-796e038c5403-6170a41d-5553
  • https://bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=2459e3b9-6b31-4119-a099-796e038c5403-6170a41d-5553
49 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=2459e3b9-6b31-4119-a099-796e038c5403-6170a41d-5553
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.sitescout.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 23:19:58 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.16.126
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Oct 2021 23:19:58 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=2459e3b9-6b31-4119-a099-796e038c5403-6170a41d-5553
cache-control
no-cache
x-server
10.45.29.236
content-length
0
expires
0
status
fundraise.teamrubiconusa.org/sso/ 		89 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundraise.teamrubiconusa.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery33109619784237449684_1634771997384&_=1634771997385
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
1e4e215ce69f425a60005ced8649df9164ddf449731cab635398ea4769a84b2b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
tracestate
423787@nr=0-1-423787-363751183-78d02da202f12fd1----1634771997922
accept-language
de-DE,de;q=0.9
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI3OGQwMmRhMjAyZjEyZmQxIiwidHIiOiI5MWQ0NzI2NzdiZGJjODZiODAzYjI3ZTgzY2UzNWJjMCIsInRpIjoxNjM0NzcxOTk3OTIyfX0=
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
connect.sid=s%3AjP5e_zcCyMu9pYTWP0iIypb_colAw0c7.TEW6EZwihMPZhJHx41AFcy%2BPewD4H8dYQFM4xvfN%2Ffw; __cf_bm=DjSB6zeZNtc5dOrhBleJQKMigc__yWwHcm8lDrsYChY-1634771995-0-Af1w8w7DNjUMl2QF4B/qaw1OHVpR9ZFC55FzY/VdL1+ifYOopEzQLcGF0BgWSBgTZzjonakz7ClRUbBezyyLLnY=; _ga=GA1.2.1688333489.1634771996; _gid=GA1.2.1227594612.1634771996; _hp2_id.1566116007=%7B%22userId%22%3A%226706181534595456%22%2C%22pageviewId%22%3A%222077651536206359%22%2C%22sessionId%22%3A%222815424183470193%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D; _hp2_ses_props.1566116007=%7B%22ts%22%3A1634771996615%2C%22d%22%3A%22fundraise.teamrubiconusa.org%22%2C%22h%22%3A%22%2Fcampaign%2F2021-amrisc-group%2Fc347349%22%7D; OptanonConsent=landingPath=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&datestamp=Wed+Oct+20+2021+23%3A19%3A56+GMT%2B0000+(GMT)&version=3.6.25&EuOnly=true; _gat_classyTrack=1; _hp2_props.1566116007=%7B%22environment%22%3A%22prod%22%2C%22organization_id%22%3A5643%2C%22payment_processor%22%3A%22WePay%22%2C%22campaign%22%3A347349%2C%22campaign_type%22%3A%22crowdfunding%22%2C%22duplicate_fundraisers%22%3Afalse%2C%22existing_fundraiser%22%3Afalse%7D; _gcl_au=1.1.190374960.1634771997; _dc_gtm_UA-23186019-1=1; CSRF-TOKEN=JRjFUjQd-CxGYvGXYK5_qe32qaZJ4OL7eIuM; _fbp=fb.1.1634771997671.262781396; _uetsid=3d9c351031fc11ecabe9eb0c39ca56d3; _uetvid=3d9c1d5031fc11ecb67d37e092787789
:path
/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery33109619784237449684_1634771997384&_=1634771997385
pragma
no-cache
x-newrelic-id
UAQEVl5UGwAGV1ZQBgMEVg==
traceparent
00-91d472677bdbc86b803b27e83ce35bc0-78d02da202f12fd1-01
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
fundraise.teamrubiconusa.org
referer
https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
:scheme
https
sec-fetch-site
same-origin
:method
GET
X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
tracestate
423787@nr=0-1-423787-363751183-78d02da202f12fd1----1634771997922
traceparent
00-91d472677bdbc86b803b27e83ce35bc0-78d02da202f12fd1-01
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI3OGQwMmRhMjAyZjEyZmQxIiwidHIiOiI5MWQ0NzI2NzdiZGJjODZiODAzYjI3ZTgzY2UzNWJjMCIsInRpIjoxNjM0NzcxOTk3OTIyfX0=
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
X-Requested-With
XMLHttpRequest

Response headers

cf-ray
6a15f95b1a7d413e-PRG
date
Wed, 20 Oct 2021 23:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/5.6.40
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
p3p
CP="Classy does not have a P3P policy."
cache-control
no-cache
set-cookie
acceptCookies=eyJpdiI6ImR2QXBwXC9qM25jVDR2RUpkT29MOTBBPT0iLCJ2YWx1ZSI6IlpFbm40Q3RZRG11SHd4V0RyVUcwV3c9PSIsIm1hYyI6IjRkZjY5NTg2MDgwODZhOTlhNmI4MzQ1ZDgyZTczZTlkODNkYWVhNWFkNjI0YzExYWZkYjczNmM5MmU3ZjU1ZTcifQ%3D%3D; expires=Thu, 20-Oct-2022 23:19:58 GMT; Max-Age=31536000; path=/; SameSite=None; secure XSRF-TOKEN=eyJpdiI6ImM1QktvR1VNUDV4TzNTQnpxdmNXT1E9PSIsInZhbHVlIjoicmV5UlBTSkFqXC9Ea2pKK2FuT3lBMGV3bUtUS1ZqRXhrTTQrWXk5U0Q4MDdCN1J4VDVuZVNzeEQzWWpFYXpxMjBqSmZrZFwvNUhDXC9Ub2FRS1ozV3E5VWc9PSIsIm1hYyI6ImQ3OWM4NjcyZDU2MzUwYjM1MDY1MDY5OGI5ZmZiZTg5Mjc1ZTQ0MWJkYmVkODEwMDhkY2JmNzU4ZjgxNDQxZmUifQ%3D%3D; expires=Thu, 21-Oct-2021 01:19:58 GMT; Max-Age=7200; path=/; SameSite=None; secure sid=eyJpdiI6IlRcL2I3eEdGOTgrb1lQSTY5YlwvS3BXZz09IiwidmFsdWUiOiJFOE8rSHhmUjRNd0tpZUZwWjNRMFBTMmZpTHBVZ0hRN0w0U3lsdnlGcm1XWjhKSk5BclVFWEJKZmlNN2E4eXRUbHpJcThsbWNLTHZhcnZOaVJpSVFzQT09IiwibWFjIjoiZDg3ZmZiYjA1ZDMyOWE0NDg0MjM5YzVlMzI2OTBkYTkwMzg2NDM1ZDBlNjBhNDg1Zjg5Y2QyYjk3ZjA4NDUxYSJ9; path=/; SameSite=None; secure; httponly
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-xss-protection
1; mode=block
67fe2a1b26
bam-cell.nr-data.net/events/1/ 		24 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/events/1/67fe2a1b26?a=363721230&v=1211.ba193a8&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaU1QLRQRZVwxLCFsEWEBUD1ILflEPAR1bX1ZRWBZUDFdeKwAY&rst=3659&ck=1&ref=https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.146 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://fundraise.teamrubiconusa.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 20 Oct 2021 23:19:58 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://fundraise.teamrubiconusa.org
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
6a15f95b3abcf9da-PRG
Content-Length
24
up
insight.adsrvr.org/track/ Frame 5E6C 		0
182 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=mn7ndva&ref=https%3A%2F%2Ffundraise.teamrubiconusa.org%2F&upid=3y599rv&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.66.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-66-206.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
insight.adsrvr.org
:scheme
https
:path
/track/up?adv=mn7ndva&ref=https%3A%2F%2Ffundraise.teamrubiconusa.org%2F&upid=3y599rv&upv=1.1.0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://10169194.fls.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://10169194.fls.doubleclick.net/

Response headers

date
Wed, 20 Oct 2021 23:19:58 GMT
content-type
text/html
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
CEPSF3FKHVADTJGZZMJFTZ.js
s.adroll.com/pixel/Z4UBGHYDBFC6TJJ5DLFHXE/WEAB5TK2TFCZ7FF4SQWSLI/
Redirect Chain
  • https://d.adroll.com/pixel/Z4UBGHYDBFC6TJJ5DLFHXE/WEAB5TK2TFCZ7FF4SQWSLI?adroll_fpc=59283201cd8b2c16a044866dc0a3b1e8-1634771998061&arrfrr=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F202...
  • https://s.adroll.com/pixel/Z4UBGHYDBFC6TJJ5DLFHXE/WEAB5TK2TFCZ7FF4SQWSLI/CEPSF3FKHVADTJGZZMJFTZ.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/pixel/Z4UBGHYDBFC6TJJ5DLFHXE/WEAB5TK2TFCZ7FF4SQWSLI/CEPSF3FKHVADTJGZZMJFTZ.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21b62152a0ec95f2e0c82220edc625ceeb8167d1c36f60c3dc505358d549d9f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Amz-Version-Id
c3UZoqThjz5lQYWMyeRYc9Yng.ZDIS6F
Content-Encoding
gzip
Etag
W/"db0f8940fe18d0596f39b8f03e4e1dc6"
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Access-Control-Max-Age
600
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Tue, 08 Dec 2020 23:09:22 GMT
Server
AmazonS3
Date
Wed, 20 Oct 2021 23:19:59 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Via
1.1 ad3c90e13b86d72e2a5e6bf65eab3451.cloudfront.net (CloudFront)
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
sHXW1hd2Mj139QE3Rz17eRaOp4NOhTIs606soznGtDGNmSODkYifWw==

Redirect headers

pragma
no-cache
x-conversion-value
0.00
server
nginx/1.20.0
x-rule
*
date
Wed, 20 Oct 2021 23:19:58 GMT
x-segment-eid
CEPSF3FKHVADTJGZZMJFTZ
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://s.adroll.com/pixel/Z4UBGHYDBFC6TJJ5DLFHXE/WEAB5TK2TFCZ7FF4SQWSLI/CEPSF3FKHVADTJGZZMJFTZ.js
cache-control
no-store, no-cache, must-revalidate
x-segment-display-name
Visitors to Unsegmented Pages
x-pixel-eid
WEAB5TK2TFCZ7FF4SQWSLI
x-segment-name
*
x-advertisable-eid
Z4UBGHYDBFC6TJJ5DLFHXE
content-length
0
x-conversion-currency
11.1.351.js
script.crazyegg.com/pages/versioned/common-scripts/ 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/11.1.351.js
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.147.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daab314890951d408604603cdd77b31b63ae2ca9cc3c313673ce259c1575f695

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Oct 2021 23:19:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 04 Oct 2021 04:51:34 GMT
server
cloudflare
age
552028
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
cf-ray
6a15f95c3b1e4120-PRG
content-length
22342
7967.json
script.crazyegg.com/pages/sampling-data-scripts/0013/ Frame AC01 		172 B
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/sampling-data-scripts/0013/7967.json?t=454103
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.351.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.147.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42cc01b80ce7a5d6d817d639ea289569d737467ad7b57e7be1fae52aa5a43e9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:58 GMT
content-encoding
gzip
cf-cache-status
MISS
cf-ray
6a15f95c6bf2410e-PRG
ce-version
11.1.351
content-length
153
last-modified
Wed, 20 Oct 2021 23:19:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
/
www.facebook.com/tr/ Frame 41A9 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.35 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
2014
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://fundraise.teamrubiconusa.org
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fundraise.teamrubiconusa.org/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
Origin
https://fundraise.teamrubiconusa.org
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/

Response headers

content-type
text/plain
access-control-allow-origin
https://fundraise.teamrubiconusa.org
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
date
Wed, 20 Oct 2021 23:19:58 GMT
clock
tracking.crazyegg.com/ Frame AC01 		29 B
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/clock?t=1634771998316
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.351.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.212.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-212-247.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
2bc804f15ba0e4bc18c6edfdc0f9c1942b890e8440016c39c08b2b4959c82374

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 20 Oct 2021 23:19:58 GMT
cache-control
no-store
server
awselb/2.0
content-length
29
content-type
text/plain
h
heapanalytics.com/ 		37 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=1566116007&u=6706181534595456&v=2077651536206359&s=2815424183470193&b=web&tv=4.0&sp=ts&sp=1634771996615&sp=d&sp=fundraise.teamrubiconusa.org&sp=h&sp=%2Fcampaign%2F2021-amrisc-group%2Fc347349&pp=d&pp=fundraise.teamrubiconusa.org&pp=h&pp=%2Fcampaign%2F2021-amrisc-group%2Fc347349&pp=t&pp=2021%20AmRisc%20Group&pp=ts&pp=1634771996615&id0=6647916304176603&k0=environment&k0=prod&k0=organization_id&k0=5643&k0=payment_processor&k0=WePay&k0=campaign&k0=347349&k0=campaign_type&k0=crowdfunding&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=page&k0=%2Fcampaign%2F2021-amrisc-group%2Fc347349&k0=title&k0=2021%20AmRisc%20Group%20-%20Campaign&k0=userAgent&k0=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36&k0=environment&k0=prod&k0=is_public&k0=true&t0=Page%20View&ts0=1634771998375&st=1634771998376
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.143.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-143-234.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 23:19:58 GMT
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1589848707967354&ev=ViewContent&dl=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&rl=&if=false&ts=1634771998378&cd[content_name]=2021%20AmRisc%20Group%20-%20Campaign&cd[content_url]=%2Fcampaign%2F2021-amrisc-group%2Fc347349&sw=1600&sh=1200&v=2.9.47&r=stable&ec=2&o=30&fbp=fb.1.1634771997671.262781396&it=1634771997093&coo=false&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.35 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:58 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Wed, 20 Oct 2021 23:19:58 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1800402061&t=pageview&_s=1&dl=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&dp=%2Fcampaign%2F2021-amrisc-group%2Fc347349&ul=en-us&de=UTF-8&dt=2021%20AmRisc%20Group%20-%20Campaign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAAG~&jid=1177421780&gjid=861619246&cid=1688333489.1634771996&tid=UA-23186019-1&_gid=1227594612.1634771996&_r=1&_slc=1&z=1884698685
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fundraise.teamrubiconusa.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 23:19:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fundraise.teamrubiconusa.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&a=1800402061&t=pageview&_s=7&dl=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&dp=%2Fcampaign%2F2021-amrisc-group%2Fc347349&ul=en-us&de=UTF-8&dt=2021%20AmRisc%20Group%20-%20Campaign&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAAG~&jid=&gjid=&cid=1688333489.1634771996&tid=UA-3837893-1&_gid=1227594612.1634771996&z=494169496
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 08:59:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51634
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-23186019-1&cid=1688333489.1634771996&jid=1177421780&gjid=861619246&_gid=1227594612.1634771996&_u=aGDACEABBAAAAG~&z=890461568
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.5.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wg-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fundraise.teamrubiconusa.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 20 Oct 2021 23:19:58 GMT
content-type
text/plain
access-control-allow-origin
https://fundraise.teamrubiconusa.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-23186019-1&cid=1688333489.1634771996&jid=1177421780&_u=aGDACEABBAAAAG~&z=1891906796
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 23:19:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8acc4081-50a4-4471-a749-ad14e27e3c18
https://fundraise.teamrubiconusa.org/ 		218 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://fundraise.teamrubiconusa.org/8acc4081-50a4-4471-a749-ad14e27e3c18
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d5916e8ec7e52ac38c27502c20b1faf6303c163776ad63cc89543a56b03dbedc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
218
Content-Type
text/javascript
974050669389411
connect.facebook.net/signals/config/ 		489 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/974050669389411?v=2.9.47&r=stable
Requested by
Host: fundraise.teamrubiconusa.org
URL: https://fundraise.teamrubiconusa.org/campaign/2021-amrisc-group/c347349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.19 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
588f9686e38e8046be922ab3c73172fbe52b74b1e76de32eefd6e31d10c778c5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
/NGoSdeJWw0Dam7WXA59OLm454l5ySo3wwyb1xaLrGvIwV7/afRdh7r7jN6UfHj1m++p8lazzog030pzP43Jxw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 20 Oct 2021 23:19:58 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
v1
ads.yahoo.com/cms/
Redirect Chain
  • https://d.adroll.com/cm/r/out?adroll_fpc=59283201cd8b2c16a044866dc0a3b1e8-1634771998061&arrfrr=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&xid_ch=f&advertisa...
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
0
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.22 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e1.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:58 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

location
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma
no-cache
date
Wed, 20 Oct 2021 23:19:58 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.20.0
content-length
165
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
sync
x.bidswitch.net/ul_cb/
Redirect Chain
  • https://d.adroll.com/cm/b/out?adroll_fpc=59283201cd8b2c16a044866dc0a3b1e8-1634771998061&arrfrr=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&xid_ch=f&advertisa...
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=YTNkMjE1ODU3ODliZWIwZTI2ZWQyNGM0NGY3M2FjNzQ
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTNkMjE1ODU3ODliZWIwZTI2ZWQyNGM0NGY3M2FjNzQ
43 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTNkMjE1ODU3ODliZWIwZTI2ZWQyNGM0NGY3M2FjNzQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.4.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-4-47.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 23:19:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTNkMjE1ODU3ODliZWIwZTI2ZWQyNGM0NGY3M2FjNzQ
Date
Wed, 20 Oct 2021 23:19:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
bounce
ib.adnxs.com/
Redirect Chain
  • https://d.adroll.com/cm/x/out?adroll_fpc=59283201cd8b2c16a044866dc0a3b1e8-1634771998061&arrfrr=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&xid_ch=f&advertisa...
  • https://ib.adnxs.com/setuid?entity=172&code=YTNkMjE1ODU3ODliZWIwZTI2ZWQyNGM0NGY3M2FjNzQ
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYTNkMjE1ODU3ODliZWIwZTI2ZWQyNGM0NGY3M2FjNzQ
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYTNkMjE1ODU3ODliZWIwZTI2ZWQyNGM0NGY3M2FjNzQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Oct 2021 23:19:58 GMT
X-Proxy-Origin
216.131.114.235; 216.131.114.235; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
6daddedb-987a-470a-ac4b-e62985a67ac0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 20 Oct 2021 23:19:58 GMT
X-Proxy-Origin
216.131.114.235; 216.131.114.235; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
1c87430e-76dc-41db-aafd-b29d98e0712d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYTNkMjE1ODU3ODliZWIwZTI2ZWQyNGM0NGY3M2FjNzQ
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
out
d.adroll.com/cm/l/ 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/l/out?adroll_fpc=59283201cd8b2c16a044866dc0a3b1e8-1634771998061&arrfrr=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&xid_ch=f&advertisable=Z4UBGHYDBFC6TJJ5DLFHXE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.183.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-183-31.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:58 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.20.0
content-length
42
vary
Cookie
content-type
image/gif
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://d.adroll.com/cm/o/out?adroll_fpc=59283201cd8b2c16a044866dc0a3b1e8-1634771998061&arrfrr=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&xid_ch=f&advertisa...
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=a3d21585789beb0e26ed24c44f73ac74
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a3d21585789beb0e26ed24c44f73ac74
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a3d21585789beb0e26ed24c44f73ac74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 23:19:58 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a3d21585789beb0e26ed24c44f73ac74
date
Wed, 20 Oct 2021 23:19:58 GMT
via
1.1 google
server
OXGW/16.217.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
in
d.adroll.com/cm/g/
Redirect Chain
  • https://d.adroll.com/cm/g/out?adroll_fpc=59283201cd8b2c16a044866dc0a3b1e8-1634771998061&arrfrr=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&xid_ch=f&advertisa...
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=o9IVhXib6w4m7STET3OsdA
  • https://d.adroll.com/cm/g/in
42 B
537 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/g/in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.183.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-183-31.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Oct 2021 23:19:58 GMT
server
nginx/1.20.0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
content-length
42
x-result
g.-1.-1.-1

Redirect headers

pragma
no-cache
date
Wed, 20 Oct 2021 23:19:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://d.adroll.com/cm/g/in
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
225
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=974050669389411&ev=PageView&dl=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&rl=&if=false&ts=1634771998888&cd[segment_eid]=CEPSF3FKHVADTJGZZMJFTZ&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=29&fbp=fb.1.1634771997671.262781396&it=1634771997093&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.35 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fundraise.teamrubiconusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:19:58 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Wed, 20 Oct 2021 23:19:58 GMT
log_event
www.youtube.com/youtubei/v1/ Frame F6A3 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9e457a67/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/x9dDze9MHZs?wmode=opaque
X-YouTube-Client-Version
1.20211017.0.0
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgthazVSTHFsUndtMCicyMKLBg%3D%3D
X-YouTube-Ad-Signals
dt=1634771997187&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C767%2C427&vis=1&wgl=true&ca_type=image&bid=ANyPxKr_dPlqLPc8Z2QoHu6yjaDWkqqzn2jvOwmkDa8D5CZQ5F0cOV8ypvJCi-iUKErBIG22Xhdaeyc2FrplxLnmBqA4fxLSgQ

Response headers

date
Wed, 20 Oct 2021 23:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

213 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect boolean| originAgentCluster object| __cfQR object| __cfBeacon object| NREUM object| newrelic function| __nr_require object| SC object| analyticsCallbacks function| triggerGaCallbacks boolean| gaDebug function| loadGA function| initializeGA string| GoogleAnalyticsObject function| ga string| heapId object| heap object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| factory object| uiroutermetatags object| ngFileUpload object| _gsScope object| Modernizr object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| $ function| jQuery function| _ object| angular object| WebFont function| FastClick function| EvEmitter function| imagesLoaded string| output function| TimeSpan function| TimePeriod function| DeepDiff function| moment function| Spinner function| Picker object| ProgressBar object| Chartist function| getSlug function| createSlug object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| UAParser function| tinycolor object| Vimeo function| aesConvert function| bugsnag string| bugsnagTokenClient object| bugsnagClient string| scriptPath undefined| scripts undefined| a undefined| c object| OneTrust object| Optanon string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| jsonFeed function| OptanonWrapper object| adwordsCallbacks function| triggerAdwordsCallbacks boolean| __cfRLUnblockHandlers object| params string| ClassyObjectName object| Classy object| __webpackStripeJSv3Jsonp function| Stripe object| Plaid function| paypalLoadScript function| paypalLoadCustomScript object| TokenEx function| GooglemKTybQhCsO function| google_trackConversion object| cartActions boolean| DEBUG_SYNC object| twttr function| onYouTubeIframeAPIReady boolean| prerenderReady function| fbq function| _fbq object| google_tag_manager object| __twttrll object| __twttr object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded string| _linkedin_data_partner_id function| twq object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions function| UET function| UET_init function| UET_push function| lintrk boolean| _already_called_lintrk object| GooglebQhCsO string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks undefined| adroll_tpc_callback object| JSON3 object| uetq object| cntrUpTag object| __adroll_consent_data object| adroll_exp_list boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_DATA_URL function| iFrameResize boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country number| adroll_xavier_called number| __adroll_xid_ch object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| CE2BH function| CE_URL_FINGERPRINT string| adroll_seg_eid

59 Cookies

Domain/Path Name / Value
fundraise.teamrubiconusa.org/ Name: connect.sid
Value: s%3AjP5e_zcCyMu9pYTWP0iIypb_colAw0c7.TEW6EZwihMPZhJHx41AFcy%2BPewD4H8dYQFM4xvfN%2Ffw
.fundraise.teamrubiconusa.org/ Name: __cf_bm
Value: DjSB6zeZNtc5dOrhBleJQKMigc__yWwHcm8lDrsYChY-1634771995-0-Af1w8w7DNjUMl2QF4B/qaw1OHVpR9ZFC55FzY/VdL1+ifYOopEzQLcGF0BgWSBgTZzjonakz7ClRUbBezyyLLnY=
.classy.org/ Name: __cf_bm
Value: 61wEROscin_PW4VoOndK3Bn8BsXbLe2FDW1LYNKWAC4-1634771996-0-ARxDnLGWslGcIyEkQ+2aBu5kt2aQeC2I3CaAMail5NpVxEvlZhCyUQfwi9U1UzCIQ5QqWrN6HOJBGHCSy7zIfZ4=
.teamrubiconusa.org/ Name: _ga
Value: GA1.2.1688333489.1634771996
.teamrubiconusa.org/ Name: _gid
Value: GA1.2.1227594612.1634771996
.teamrubiconusa.org/ Name: _hp2_id.1566116007
Value: %7B%22userId%22%3A%226706181534595456%22%2C%22pageviewId%22%3A%222077651536206359%22%2C%22sessionId%22%3A%222815424183470193%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.youtube.com/ Name: YSC
Value: 959tze3j1Tk
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: ak5RLqlRwm0
.teamrubiconusa.org/ Name: _hp2_ses_props.1566116007
Value: %7B%22ts%22%3A1634771996615%2C%22d%22%3A%22fundraise.teamrubiconusa.org%22%2C%22h%22%3A%22%2Fcampaign%2F2021-amrisc-group%2Fc347349%22%7D
.fundraise.teamrubiconusa.org/ Name: OptanonConsent
Value: landingPath=https%3A%2F%2Ffundraise.teamrubiconusa.org%2Fcampaign%2F2021-amrisc-group%2Fc347349&datestamp=Wed+Oct+20+2021+23%3A19%3A56+GMT%2B0000+(GMT)&version=3.6.25&EuOnly=true
.teamrubiconusa.org/ Name: _gat_classyTrack
Value: 1
.teamrubiconusa.org/ Name: _hp2_props.1566116007
Value: %7B%22environment%22%3A%22prod%22%2C%22organization_id%22%3A5643%2C%22payment_processor%22%3A%22WePay%22%2C%22campaign%22%3A347349%2C%22campaign_type%22%3A%22crowdfunding%22%2C%22duplicate_fundraisers%22%3Afalse%2C%22existing_fundraiser%22%3Afalse%7D
.teamrubiconusa.org/ Name: _gcl_au
Value: 1.1.190374960.1634771997
.teamrubiconusa.org/ Name: _dc_gtm_UA-23186019-1
Value: 1
fundraise.teamrubiconusa.org/ Name: CSRF-TOKEN
Value: JRjFUjQd-CxGYvGXYK5_qe32qaZJ4OL7eIuM
.bing.com/ Name: MUID
Value: 3E8CD0B01B5F6FA637D6C0661A1D6EC0
.doubleclick.net/ Name: IDE
Value: AHWqTUm-6ivwkgQvOoxhOvMJwUlqCGgxw2ttBfbgRZLD-QScAGJf2slOSmaBbSBZ
.teamrubiconusa.org/ Name: _fbp
Value: fb.1.1634771997671.262781396
.teamrubiconusa.org/ Name: _uetsid
Value: 3d9c351031fc11ecabe9eb0c39ca56d3
.teamrubiconusa.org/ Name: _uetvid
Value: 3d9c1d5031fc11ecb67d37e092787789
.sitescout.com/ Name: ssi
Value: 2459e3b9-6b31-4119-a099-796e038c5403#1634771997792
.sitescout.com/ Name: _ssuma
Value: eyIzNCI6MTYzNDc3MTk5NzgzMCwiMiI6MTYzNDc3MTk5NzgzMCwiNCI6MTYzNDc3MTk5NzgzMCwiMzkiOjE2MzQ3NzE5OTc4MzAsIjciOjE2MzQ3NzE5OTc4MzB9
.twitter.com/ Name: personalization_id
Value: "v1_rtEYbcxb27uRZ48AEodKpg=="
.nr-data.net/ Name: JSESSIONID
Value: d61f3ef342822198
.tapad.com/ Name: TapAd_TS
Value: 1634771997982
.tapad.com/ Name: TapAd_DID
Value: 073d87cc-12ec-4d77-9d71-799a2ca2d27a
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.fundraise.teamrubiconusa.org/ Name: __adroll_fpc
Value: 59283201cd8b2c16a044866dc0a3b1e8-1634771998061
.demdex.net/ Name: demdex
Value: 48457157136261613030237623513362089436
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 9c7745050777c354523270a6200af915
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQsEw2NzcxNTA1MDc3TzY2NTE1MjYyN0g0MzIwSEyzNDRlAILEgiVyIBoKACKdCSI%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBILFgiB6SgAAAUCgGU"
.dpm.demdex.net/ Name: dpm
Value: 48457157136261613030237623513362089436
.linkedin.com/ Name: UserMatchHistory
Value: AQKxuFf9RgqALgAAAXygARWA2UEXkxKi_iqoOwRAfmKwJgMVOSJNVA-3b5u7AQp8yAKx6_S7Qc23qA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQL55hA1DTvjqgAAAXygARWAnysX8xynRgHz7GdGX46gZPr841rKjQTm0DDUeY8F4-NgZa1fNWf64OfIJzwkTg
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&c3ee5113-d4a9-46bd-8614-0988064edb4f"
.linkedin.com/ Name: lidc
Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2245:u=1:x=1:i=1634771998:t=1634858398:v=2:sig=AQGP7hSRAFDOSPhCjbLyrA_OTgShsHNE"
m.stripe.com/ Name: m
Value: 988022a9-8285-42cc-9c0a-09ec0e0673bc433003
.fundraise.teamrubiconusa.org/ Name: __stripe_mid
Value: 417bb5ee-bc15-4180-bf7b-2edaadc3c4180e24a5
.fundraise.teamrubiconusa.org/ Name: __stripe_sid
Value: cb4ce050-20c5-4d90-8b98-ff8ff78031e5645a86
fundraise.teamrubiconusa.org/ Name: acceptCookies
Value: eyJpdiI6ImR2QXBwXC9qM25jVDR2RUpkT29MOTBBPT0iLCJ2YWx1ZSI6IlpFbm40Q3RZRG11SHd4V0RyVUcwV3c9PSIsIm1hYyI6IjRkZjY5NTg2MDgwODZhOTlhNmI4MzQ1ZDgyZTczZTlkODNkYWVhNWFkNjI0YzExYWZkYjczNmM5MmU3ZjU1ZTcifQ%3D%3D
fundraise.teamrubiconusa.org/ Name: XSRF-TOKEN
Value: eyJpdiI6ImM1QktvR1VNUDV4TzNTQnpxdmNXT1E9PSIsInZhbHVlIjoicmV5UlBTSkFqXC9Ea2pKK2FuT3lBMGV3bUtUS1ZqRXhrTTQrWXk5U0Q4MDdCN1J4VDVuZVNzeEQzWWpFYXpxMjBqSmZrZFwvNUhDXC9Ub2FRS1ozV3E5VWc9PSIsIm1hYyI6ImQ3OWM4NjcyZDU2MzUwYjM1MDY1MDY5OGI5ZmZiZTg5Mjc1ZTQ0MWJkYmVkODEwMDhkY2JmNzU4ZjgxNDQxZmUifQ%3D%3D
fundraise.teamrubiconusa.org/ Name: sid
Value: eyJpdiI6IlRcL2I3eEdGOTgrb1lQSTY5YlwvS3BXZz09IiwidmFsdWUiOiJFOE8rSHhmUjRNd0tpZUZwWjNRMFBTMmZpTHBVZ0hRN0w0U3lsdnlGcm1XWjhKSk5BclVFWEJKZmlNN2E4eXRUbHpJcThsbWNLTHZhcnZOaVJpSVFzQT09IiwibWFjIjoiZDg3ZmZiYjA1ZDMyOWE0NDg0MjM5YzVlMzI2OTBkYTkwMzg2NDM1ZDBlNjBhNDg1Zjg5Y2QyYjk3ZjA4NDUxYSJ9
.teamrubiconusa.org/ Name: _gat_clientTrack
Value: 1
.teamrubiconusa.org/ Name: _ce.s
Value: v11.rlc~1634771998451
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&202110202319581f86e548-9ade-4410-8bd5-a9adf6c1927dAQFloMWvLUwm8s3kNd0QtzXxjjVG9Kdy"
.fundraise.teamrubiconusa.org/ Name: __ar_v4
Value: %7CZ4UBGHYDBFC6TJJ5DLFHXE%3A20211019%3A1%7CWEAB5TK2TFCZ7FF4SQWSLI%3A20211019%3A1%7CCEPSF3FKHVADTJGZZMJFTZ%3A20211019%3A1
.yahoo.com/ Name: A3
Value: d=AQABBB6kcGECEEIPmlGLKR12YCcUK_MVpfIFEgEBAQH1cWF6YQAAAAAA_eMAAA&S=AQAAAhyss98IRl9dMytSeLI8S-0
.bidswitch.net/ Name: tuuid
Value: b3cbe432-2eb5-4503-b298-ee921e861451
.bidswitch.net/ Name: c
Value: 1634771998
.bidswitch.net/ Name: tuuid_lu
Value: 1634771998
.adnxs.com/ Name: uuid2
Value: 5120013260268946164
.adnxs.com/ Name: anj
Value: dTM7k!M4/rD>6NRF']wIg2GTy9P2d:!@wnfH1Ya.O4]7Q=37tM3EEK2jc65#jGe^+0Wr:0_XOdYioUa1^lYpVkB/bvig-3r2c*AM>ln1>9jzTp%nugO%v4VB%nqUl+HvOu
.openx.net/ Name: i
Value: 89d2c78b-9bfb-4814-87e8-2ab21952da14|1634771998
d.adroll.com/ Name: __adroll
Value: a3d21585789beb0e26ed24c44f73ac74-g_1634771998-a_1634771998
.adroll.com/ Name: __adroll_shared
Value: a3d21585789beb0e26ed24c44f73ac74-g_1634771998-a_1634771998

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10169194.fls.doubleclick.net
ads.yahoo.com
adservice.google.com
analytics.twitter.com
assets.classy.org
bam-cell.nr-data.net
bat.bing.com
bcp.crwdcntrl.net
cdn.heapanalytics.com
cdn.plaid.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
d.adroll.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
fundraise.teamrubiconusa.org
geolocation.onetrust.com
googleads.g.doubleclick.net
heapanalytics.com
htp.tokenex.com
i.ytimg.com
ib.adnxs.com
insight.adsrvr.org
js-agent.newrelic.com
js.adsrvr.org
js.stripe.com
loadm.exelator.com
m.stripe.com
m.stripe.network
pixel.sitescout.com
pixel.tapad.com
platform.twitter.com
prod-frs.content.classy.org
px.ads.linkedin.com
q.stripe.com
s.adroll.com
script.crazyegg.com
sessions.bugsnag.com
snap.licdn.com
static.ads-twitter.com
static.cloudflareinsights.com
static.doubleclick.net
stats.g.doubleclick.net
sync.teads.tv
syndication.twitter.com
t.co
tracking.crazyegg.com
unpkg.com
up.pixel.ad
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
104.16.122.175
104.16.95.65
104.18.113.21
104.19.147.8
104.20.184.68
104.244.42.131
104.244.42.136
104.244.42.197
104.26.4.195
108.174.11.37
13.107.21.200
13.107.42.14
13.32.121.41
13.32.121.61
142.250.184.193
142.250.184.227
142.250.185.194
142.250.185.74
142.250.185.98
142.250.186.110
142.250.186.134
142.250.186.164
142.250.186.166
142.250.186.54
142.250.186.98
142.251.5.156
151.101.128.176
151.101.66.137
157.240.20.35
162.247.243.146
172.217.23.98
178.79.242.181
18.194.4.47
18.66.139.90
18.66.96.113
185.60.216.19
199.232.136.157
2.16.186.17
216.58.212.136
216.58.212.142
216.58.212.163
23.53.168.12
34.208.187.153
34.249.212.247
34.254.143.3
35.190.88.7
35.227.248.159
35.244.159.8
37.252.173.22
52.143.247.24
52.18.183.31
52.222.236.120
52.30.14.23
54.186.23.98
54.195.66.206
54.211.143.234
54.77.217.29
66.155.71.25
69.16.175.10
87.248.118.22
93.184.220.66
007ae39c614f532fd0efffce182882893814be75637bd67a6eaeed98ab364402
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d
00a838051c95fd70f609e56b14160f3b11f9cc925ebf863b6b6d05aa05f18410
08f0fe032e34e91da94ef30e71fa97c745d2984236dcceecc3efd09ee8584455
090ba9a772e496a7dc14c845da96ee03f4152d0cf614234693f242b7a8581051
0b52dc3851559db81b5517ed0d7f0ae732f1f758f09834c62d09c02189ca2155
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f
19ccb6ce6df742c30fa21ce2c12d71a7d19d4b1e2882843466483417a89f50dc
1bcb13711bab5b4c9df8e4c907847f17a51896d50882452471ca5fdb844f3861
1e4e215ce69f425a60005ced8649df9164ddf449731cab635398ea4769a84b2b
21b62152a0ec95f2e0c82220edc625ceeb8167d1c36f60c3dc505358d549d9f5
26c6b25b787716ce5715e1a235cafb2f5abe07d734e75b605c2903361f9c2a3d
272d71624a8d4634901f0260580882a059268ff037cc12302b283a9710756c2a
29037e0d6a205c878cecf2015f50694ed9eff17eb2b1965be8cf68321180f006
29b93a0c7ce944834a9841b7ed98b20f1c19e871ff4f3361db76a026f46d6a06
2a420d3aaef8542c2952614ab83b697fcb3d1c57c7728b3565876611b5f06ef7
2bc804f15ba0e4bc18c6edfdc0f9c1942b890e8440016c39c08b2b4959c82374
2c224dfa203e28003da563e5269c9d67724e053ab7c87b2581b1b6ed22b05499
2ce9873a802fd282709b6041f6ca3a951cbc4c1461b72359cbf2616068ce22b1
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33ee267763985a483e766006308c74e6afa3d561ac5b23ac58b7ef2a2e55eacc
35501bfd5f2a8d2d8fb04695bc80793b9aa7160ded872a9f89cc094b140f8702
3e1808a9ace7385d348932f3772b932fae013838a7eccf665e0c3beb2373050c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
42cc01b80ce7a5d6d817d639ea289569d737467ad7b57e7be1fae52aa5a43e9b
48e76017a2ab32ab6c81dd6a2042fae71c48dc4d7103f8691078eb880936b742
4965a9c714847066b8c92c673664b902476aaf9fb05274ff176bc7b9b827b0fc
4a5f523e05c66d06ba8558f2194b6ef49f6a91067d4fd2e8d708ad7c08dfcb6c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
4d0e258dcda358e9419321d52004d0f9e6591741330888d161fad9aa130bdaef
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f11269b50104ac76e818666b155a37e452f50643803d18e783db6a744f612e2
5086b34a1e9d368fcf3c5ef99cddc58a9ca924649f90bccde0ac0a20f327f9bf
530e3f33e17909e02cee7845dcf74603c7718de027f0272b49002e3a770e7b84
539877722caad874241ab2ec930b7b4aaa5327a34984b64ad813f8a2998bb862
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f241485358d041b05b92ffc679d2834646109abc68ceed3224a879606ff20a
588f9686e38e8046be922ab3c73172fbe52b74b1e76de32eefd6e31d10c778c5
5a04f8a72a6b2a08a9dffa33e2e849498e5eb0aa656a970e40b511432952e411
5bdf1120c4df8c868092d0bcb7f2540a85456fd94cd1e1a5570c9b63906b1a5b
5d0e62c621759b2a9d49339fdd9f839f2ad22bec6546ea8b815ec3626153e245
5d669e60bbf217eac8e404ebcee116943199b648ca66738bec99eefde5595ff5
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
6608583fa92c0e2886dae0eba7afc0737de92edc5d079b46b4a221864609e795
66b3a50b1f61027459efda3192f4265a316f43a8d770a7135c956bea688fe4d8
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a26877ebb6d06d125804163f8a0abbaa73ced60d5d50745cb711097e4736d12
6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
748263421051d77fd35874dbc3018a789e570c4bd13508793c5a99f8ccb363da
7640145bdeb4bec3be6ef54494a65e2a40e4b6db970390aaefb78827d236e2c1
7643ad0ac825156d7d26136a9222a83679e312cc229ec3d99ca09942ef0722de
810c4ec2fd4b4ac9ca638fbebd651512e2d13a6e4f1aecb461d43ce06f391130
81f85c33161d71564501c0c929e8140c24afcd6a84d832360b29f048776d7527
82d645f3da180b52feaa6cd094e7e21c3b6e118da131f86c3dbe68c55f911d93
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
850ca068d16c21dec87ee0471d778318cf731b9e30cc785d810c9d0d9efc6c56
865793dc03e2dd0fefc37d83996ffd50b15eb1a105a20d43a10b0e2c4f9007f9
8b27e208e15914f60d058ddd9be57ed97ff79bd6bdcd2b05673a3435848ac0a8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e056665b6191b144545413483d1e965b2ef638048776dc160cfcd455de1d6c
a6e714bc9cd18f90849ed08181db9521c253af36c30dae526f6538a8b95ca958
a728f23ae512668f87d868b76ec44f5117c840fc4ac3809fa66ecf2ccb54d97e
a94e60203c4a1d8371c22e4410baf6dbec30875599730d8ca8a22adaf23518d0
aa4eefb57c2cce66ead4ecaaec4c3c9a0b544bdd569397fa3b98da9e4ff263a3
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf
b0ff891a8c7587a10b68df6f45fe52608018fb4a30a8fc22b62a9234e68a1093
b16d1466b18311b381e28bb2c1eebd8160ae5841105c9122d639f16d69f9d7cb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcdc7148d1f31a3d06cff6b52d1064cb1a0dca292ccd80e3d8c52b1bf5330440
c19c6489c0f9a438c484ad093dcda9a5a8c109e34c98543e34a8ee24d840cebe
c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
caa7a591a041f24db59c7672e3b467f25e4ab1cbd245ef2203b01f0a30c8976e
cc351c64e8551e12883742e11330d8a84d5ac09db2fda4eba4059c9cc2765866
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d5916e8ec7e52ac38c27502c20b1faf6303c163776ad63cc89543a56b03dbedc
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d891455e32c9a425e36e190047b1f58abeb7e3709eff687134ddea7ac9cfdd3b
daab314890951d408604603cdd77b31b63ae2ca9cc3c313673ce259c1575f695
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dc8579028e6c99023b053237372924e8d9b433250c9bab706f4995ef6d3a4c44
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb41550860402d628b812596cc9236c1774280adf0a300ad560217b468720173
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f7d07a13b2bdaede49433096be134e6b5e91f16663d92060b6420677a2644e0d
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fec6b9e641991989f89069723bdab21ca46250cae7bf36dbc7bf856975683730
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995