give.salvationarmytexas.org Open in urlscan Pro
2606:4700::6812:7115 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://salarmy-ntx.org/
Effective URL:
https://give.salvationarmytexas.org/give/178322/
Submission: On December 30 via manual (December 30th 2021, 9:33:03 pm UTC) from US — Scanned from DE

Summary HTTP 285 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 71 IPs in 7 countries across 56 domains to perform 285 HTTP transactions. The main IP is 2606:4700::6812:7115, located in United States and belongs to CLOUDFLARENET, US. The main domain is give.salvationarmytexas.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 1st 2021. Valid for: a year.

This is the only time give.salvationarmytexas.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	75.126.104.244 75.126.104.244	36351 (SOFTLAYER) (SOFTLAYER)
14	2606:4700::68... 2606:4700::6812:7115	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2606:4700::68... 2606:4700::6812:843c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.96.109.67 23.96.109.67	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.143.247.24 52.143.247.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.96.119 13.224.96.119	16509 (AMAZON-02) (AMAZON-02)
2	13.224.96.91 13.224.96.91	16509 (AMAZON-02) (AMAZON-02)
19	13.224.96.111 13.224.96.111	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	13.224.96.54 13.224.96.54	16509 (AMAZON-02) (AMAZON-02)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1 3	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
6	52.204.77.146 52.204.77.146	14618 (AMAZON-AES) (AMAZON-AES)
34	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
2	162.247.243.146 162.247.243.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
5	54.194.185.111 54.194.185.111	16509 (AMAZON-02) (AMAZON-02)
5	18.193.171.118 18.193.171.118	16509 (AMAZON-02) (AMAZON-02)
2	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
3	104.94.241.182 104.94.241.182	16625 (AKAMAI-AS) (AKAMAI-AS)
1 9	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2600:9000:219... 2600:9000:2190:fe00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2.16.186.35 2.16.186.35	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
3	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1 7	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
4	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	34.255.232.227 34.255.232.227	16509 (AMAZON-02) (AMAZON-02)
2	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
9 10	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
3 3	54.154.165.122 54.154.165.122	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
1 6	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	34.211.243.235 34.211.243.235	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:400c:c0b::5c	15169 (GOOGLE) (GOOGLE)
4	52.182.214.99 52.182.214.99	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:112:f006... 2620:112:f006:bbbb::16	6336 (TURN-US-ASN) (TURN-US-ASN)
1 3	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1 4	172.67.177.215 172.67.177.215	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42:400... 2a04:4e42:400::396	54113 (FASTLY) (FASTLY)
1	69.16.175.42 69.16.175.42	20446 (HIGHWINDS3) (HIGHWINDS3)
1 3	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	52.54.23.204 52.54.23.204	14618 (AMAZON-AES) (AMAZON-AES)
2	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:219... 2600:9000:2190:e200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	3.221.239.181 3.221.239.181	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba10	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
10	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	35.156.167.229 35.156.167.229	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
26	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba63	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	37.252.172.36 37.252.172.36	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
285	71

1 75.126.104.244 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: f4.68.7e4b.ip4.static.sl-reverse.com

salarmy-ntx.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6812:7115 (United States)

ASN13335 (CLOUDFLARENET, US)

give.salvationarmytexas.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700::6812:843c (United States)

ASN13335 (CLOUDFLARENET, US)

prod-frs.content.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pay.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.96.109.67 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

doublethedonation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.143.247.24 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

htp.tokenex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-119.zrh50.r.cloudfront.net

js.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.96.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-91.zrh50.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 13.224.96.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-111.zrh50.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-54.zrh50.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:234:59:254c:406:2366:268c (United States) 1 redirects

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.204.77.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-77-146.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.194.185.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-185-111.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.193.171.118 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-171-118.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.94.241.182 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-94-241-182.deploy.static.akamaitechnologies.com

www.everestjs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2190:fe00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.186.35 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-35.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.232.227 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-232-227.eu-west-1.compute.amazonaws.com

thesalvationarmy.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

thesalvationarmy.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.194.49 (United States) 9 redirects

ASN54113 (FASTLY, US)

lasteventf-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtd-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.154.165.122 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-165-122.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.211.243.235 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-243-235.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400c:c0b::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.182.214.99 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

g.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f006:bbbb::16 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.177.215 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

getrockerbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: tlb.hwcdn.net

cdn.bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.54.23.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-23-204.compute-1.amazonaws.com

b.videoamp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:e200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.221.239.181 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-239-181.compute-1.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

980170053.privacysandbox.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba10 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

dap-dist.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.167.229 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-167-229.eu-central-1.compute.amazonaws.com

api.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba63 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

salvationarmyusa.dap.akadns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.215 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.36 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	stripe.com js.stripe.com q.stripe.com m.stripe.com r.stripe.com	463 KB
41	google.com 1 redirects www.google.com pay.google.com play.google.com	757 KB
17	gstatic.com fonts.gstatic.com www.gstatic.com	396 KB
16	everesttech.net 13 redirects lasteventf-tm.everesttech.net cm.everesttech.net rtd-tm.everesttech.net pixel.everesttech.net sync-tm.everesttech.net	5 KB
16	classy.org prod-frs.content.classy.org pay.classy.org assets.classy.org	2 MB
14	google-analytics.com www.google-analytics.com	79 KB
14	salvationarmytexas.org give.salvationarmytexas.org	48 KB
12	doubleclick.net 2 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	7 KB
9	bing.com 1 redirects bat.bing.com c.bing.com	23 KB
7	google.de www.google.de	885 B
7	serving-sys.com bs.serving-sys.com secure-ds.serving-sys.com	13 KB
7	twitter.com 1 redirects platform.twitter.com analytics.twitter.com syndication.twitter.com	134 KB
7	heapanalytics.com cdn.heapanalytics.com heapanalytics.com	44 KB
6	clarity.ms 1 redirects g.clarity.ms c.clarity.ms	24 KB
6	demdex.net dpm.demdex.net thesalvationarmy.demdex.net	9 KB
5	googleadservices.com www.googleadservices.com 980170053.privacysandbox.googleadservices.com	44 KB
5	googletagmanager.com www.googletagmanager.com	303 KB
4	getrockerbox.com 1 redirects getrockerbox.com	12 KB
3	adnxs.com 1 redirects secure.adnxs.com ib.adnxs.com	3 KB
3	facebook.com www.facebook.com	382 B
3	bttrack.com cdn.bttrack.com bttrack.com	3 KB
3	quantserve.com 1 redirects pixel.quantserve.com secure.quantserve.com	11 KB
3	t.co t.co	719 B
3	everestjs.net www.everestjs.net	32 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	akadns.net salvationarmyusa.dap.akadns.net	1 KB
2	facebook.net connect.facebook.net	113 KB
2	omtrdc.net thesalvationarmy.sc.omtrdc.net	4 KB
2	stripe.network m.stripe.network	16 KB
2	ads-twitter.com static.ads-twitter.com	11 KB
2	nr-data.net bam-cell.nr-data.net	1 KB
2	jquery.com code.jquery.com	60 KB
2	youtube.com www.youtube.com	50 KB
2	bugsnag.com sessions.bugsnag.com	140 B
2	plaid.com cdn.plaid.com	71 KB
2	braintreegateway.com js.braintreegateway.com api.braintreegateway.com	52 KB
2	doublethedonation.com doublethedonation.com	112 KB
1	pubmatic.com image2.pubmatic.com	544 B
1	openx.net us-u.openx.net	274 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	yahoo.com 1 redirects cms.analytics.yahoo.com	890 B
1	reddit.com alb.reddit.com	125 B
1	akamaized.net dap-dist.akamaized.net	8 KB
1	quantcount.com rules.quantcount.com	2 KB
1	adsrvr.org insight.adsrvr.org	261 B
1	videoamp.com b.videoamp.com	312 B
1	redditstatic.com www.redditstatic.com	8 KB
1	turn.com 1 redirects d.turn.com	402 B
1	googleapis.com fonts.googleapis.com	1 KB
1	newrelic.com js-agent.newrelic.com	17 KB
1	onetrust.com geolocation.onetrust.com	256 B
1	unpkg.com unpkg.com	3 KB
1	tokenex.com htp.tokenex.com	4 KB
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	salarmy-ntx.org 1 redirects salarmy-ntx.org	454 B
285	56

	Domain	Requested by
26	play.google.com	www.gstatic.com
26	r.stripe.com	js.stripe.com
19	js.stripe.com	give.salvationarmytexas.org js.stripe.com
14	www.google-analytics.com	give.salvationarmytexas.org www.gstatic.com
14	give.salvationarmytexas.org	give.salvationarmytexas.org
10	www.gstatic.com	pay.google.com www.gstatic.com
9	prod-frs.content.classy.org	give.salvationarmytexas.org prod-frs.content.classy.org
8	sync-tm.everesttech.net	8 redirects
8	pay.google.com	js.stripe.com pay.google.com give.salvationarmytexas.org www.gstatic.com
8	bat.bing.com	give.salvationarmytexas.org
8	q.stripe.com	give.salvationarmytexas.org
7	www.google.de
7	www.google.com	1 redirects
7	fonts.gstatic.com	fonts.googleapis.com
6	googleads.g.doubleclick.net	1 redirects give.salvationarmytexas.org
6	heapanalytics.com
5	bs.serving-sys.com	give.salvationarmytexas.org
5	dpm.demdex.net	give.salvationarmytexas.org
5	www.googletagmanager.com	give.salvationarmytexas.org
4	getrockerbox.com	1 redirects give.salvationarmytexas.org
4	g.clarity.ms	give.salvationarmytexas.org
4	www.googleadservices.com	give.salvationarmytexas.org
4	pay.classy.org	give.salvationarmytexas.org
3	www.facebook.com
3	pixel.everesttech.net	1 redirects
3	cm.g.doubleclick.net	1 redirects
3	cm.everesttech.net	3 redirects
3	t.co
3	analytics.twitter.com	give.salvationarmytexas.org
3	www.everestjs.net	give.salvationarmytexas.org
3	stats.g.doubleclick.net	give.salvationarmytexas.org
3	assets.classy.org
3	platform.twitter.com	1 redirects give.salvationarmytexas.org
2	sync.search.spotxchange.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	secure.adnxs.com	1 redirects
2	salvationarmyusa.dap.akadns.net	give.salvationarmytexas.org
2	bttrack.com
2	connect.facebook.net	give.salvationarmytexas.org
2	pixel.quantserve.com	1 redirects
2	c.clarity.ms	1 redirects
2	m.stripe.com	m.stripe.network
2	thesalvationarmy.sc.omtrdc.net	give.salvationarmytexas.org
2	secure-ds.serving-sys.com	give.salvationarmytexas.org
2	m.stripe.network	js.stripe.com m.stripe.network
2	static.ads-twitter.com	give.salvationarmytexas.org
2	bam-cell.nr-data.net	give.salvationarmytexas.org
2	code.jquery.com	give.salvationarmytexas.org
2	www.youtube.com	give.salvationarmytexas.org
2	sessions.bugsnag.com	give.salvationarmytexas.org
2	cdn.plaid.com	give.salvationarmytexas.org
2	doublethedonation.com	give.salvationarmytexas.org
1	image2.pubmatic.com
1	us-u.openx.net
1	ib.adnxs.com
1	pixel.rubiconproject.com
1	api.braintreegateway.com	give.salvationarmytexas.org
1	cms.analytics.yahoo.com	1 redirects
1	alb.reddit.com
1	dap-dist.akamaized.net	give.salvationarmytexas.org
1	980170053.privacysandbox.googleadservices.com
1	rules.quantcount.com	give.salvationarmytexas.org
1	insight.adsrvr.org
1	b.videoamp.com
1	rtd-tm.everesttech.net	1 redirects
1	cdn.bttrack.com	give.salvationarmytexas.org
1	www.redditstatic.com	give.salvationarmytexas.org
1	secure.quantserve.com	give.salvationarmytexas.org
1	d.turn.com	1 redirects
1	c.bing.com	1 redirects
1	syndication.twitter.com	platform.twitter.com
1	lasteventf-tm.everesttech.net	give.salvationarmytexas.org
1	thesalvationarmy.demdex.net	give.salvationarmytexas.org
1	fonts.googleapis.com	give.salvationarmytexas.org
1	js-agent.newrelic.com	give.salvationarmytexas.org
1	geolocation.onetrust.com	give.salvationarmytexas.org
1	cdn.heapanalytics.com	give.salvationarmytexas.org
1	js.braintreegateway.com	give.salvationarmytexas.org
1	unpkg.com	give.salvationarmytexas.org
1	htp.tokenex.com	give.salvationarmytexas.org
1	static.cloudflareinsights.com	give.salvationarmytexas.org
1	salarmy-ntx.org	1 redirects
285	82

This site contains links to these domains. Also see Links.

Domain
www.classy.org
classy.org

Subject Issuer	Validity	Valid
give.salvationarmytexas.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
classy.org Cloudflare Inc ECC CA-3	`2021-06-03` - `2022-06-02`	a year	crt.sh
doublethedonation.com Sectigo ECC Domain Validation Secure Server CA	`2020-04-09` - `2022-07-12`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
api.tokenex.com Go Daddy Secure Certificate Authority - G2	`2021-01-26` - `2022-01-26`	a year	crt.sh
checkout.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-07-07` - `2022-08-07`	a year	crt.sh
secure.plaid.com DigiCert SHA2 Extended Validation Server CA	`2020-04-17` - `2022-04-22`	2 years	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-10-21` - `2022-02-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
cdn.heapanalytics.com Amazon	`2021-08-28` - `2022-09-26`	a year	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-05-05`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
pay.classy.org Cloudflare Inc ECC CA-3	`2021-06-08` - `2022-06-07`	a year	crt.sh
heapanalytics.com Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh
*.stripe.com DigiCert SHA2 Secure Server CA	`2021-09-08` - `2022-09-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
bs.serving-sys.com Amazon	`2021-05-10` - `2022-06-08`	a year	crt.sh
www.everestjs.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-02` - `2022-09-02`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
secure-ds.serving-sys.com DigiCert SHA2 Secure Server CA	`2021-04-28` - `2022-05-03`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.sc.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-10-05` - `2022-03-04`	5 months	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-02-02`	3 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-09` - `2022-01-07`	3 months	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-05` - `2022-04-02`	6 months	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh
*.videoamp.com Amazon	`2021-10-06` - `2022-11-04`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.privacysandbox.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-05` - `2022-04-02`	6 months	crt.sh
api.braintreegateway.com DigiCert SHA2 Extended Validation Server CA	`2021-09-24` - `2022-10-25`	a year	crt.sh
salvationarmyusa.dap.akadns.net R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
*.tmogul.com Amazon	`2021-04-01` - `2022-04-30`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://give.salvationarmytexas.org/give/178322/
Frame ID: A4D7A60ACD0DB70D7A3F78FF397E220D
Requests: 164 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-fd3c67f2efa9f22f2ecd16b13f2a7fb3.html
Frame ID: 3102FEE96EC3EC7385C90EA5ED083287
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fgive.salvationarmytexas.org
Frame ID: 6A7CF76A57F6F5E653D0D71C1480C5EA
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 2A27CA5F531423CDF285A59CE2D7A69A
Requests: 6 HTTP requests in this frame

Frame: https://thesalvationarmy.demdex.net/dest5.html?d_nsid=0
Frame ID: 24D3750CFF405B56B03A0A211C4FB5F6
Requests: 14 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-1b1531c8ff86057e4aab7c9e8884087a.html
Frame ID: F47ED64B27817BD41D193AD69FC5A14D
Requests: 30 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-557f2c10b626a503f1b6663b874551da.html
Frame ID: 789E8CD02C5114A93D0A9B7080905119
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-1468014e862144cd57bbff075eeabffb.html
Frame ID: E20270698B77472246A4F1248307395A
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-557f2c10b626a503f1b6663b874551da.html
Frame ID: 2FF98F08E818684C8C6E46E0C831FDEF
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-1468014e862144cd57bbff075eeabffb.html
Frame ID: 17D873979E99D2BC42839234B2776A65
Requests: 4 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 96F01879FDF33D7F2BB5D40F3C66C5DA
Requests: 16 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: C01FD19E6A60756309135FCA48DF2BAD
Requests: 16 HTTP requests in this frame

Frame: https://www.everestjs.net/static/pixel_details.html
Frame ID: 4C59C9C40895BF3C0D7723670EF39E16
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 6D4D838DF4417C53487ABBDE3F5543D9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate to The Salvation Army

Page URL History Show full URLs

http://salarmy-ntx.org/ HTTP 301
https://give.salvationarmytexas.org/give/178322/ Page URL

Detected technologies

Braintree (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.braintreegateway\.com

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

285
Requests

94 %
HTTPS

40 %
IPv6

56
Domains

82
Subdomains

71
IPs

7
Countries

4957 kB
Transfer

14364 kB
Size

76
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.classy.org/terms/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/cookies/
Title: Cookie Statement

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/copyright/
Title: DMCA Policy

Search URL Search Domain Scan URL

URL: https://classy.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://salarmy-ntx.org/ HTTP 301
https://give.salvationarmytexas.org/give/178322/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 101

https://cm.everesttech.net/cm/dd?d_uuid=61942373548019733752449857941414847894 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yc4liAAAAEiwoQP7

Request Chain 133

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=6E0D743F2AD14A0D94803ACE3F9B99BB&RedC=c.clarity.ms&MXFR=3B78F3DC21AA60B2227AE2C125AA6E08 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=6E0D743F2AD14A0D94803ACE3F9B99BB&MUID=07138A1744F665E82E949B0A459D6465

Request Chain 141

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=4452616395914293441

Request Chain 159

https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=pERWE6BADU-_RlRBqk0YEKAWVEC_TFdCoUGoRooy

Request Chain 173

https://rtd-tm.everesttech.net/upi/?sid=BI5HN7C1EL5Auw2BCnPp&cs=1&gtmcb=1030360717 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWM0bGlBQUFBRWl3b1FQNw

Request Chain 184

https://pixel.everesttech.net/8196/gr?ev_gb=0&url=https%3A%2F%2Fwww.everestjs.net%2Fstatic%2Fpixel_details.html%23google%3D__EFGCK__%26gsurfer%3D__EFGSURFER__%26imsId%3D__EFIMSORGID__%26optout%3D__EFOPTOUT__%26throttleCookie%3D__EFSYNC__%26time%3D__EFTIME__ HTTP 302
https://www.everestjs.net/static/pixel_details.html

Request Chain 198

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/980170053/?random=1294943914&cv=9&fst=1640899977342&num=1&value=0&label=x8c1CMjokmsQxeqw0wM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F&tiba=Donate%20to%20The%20Salvation%20Army&auid=1775999282.1640899977&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=iSXOYdXiFe-ox_APq8S_iAc&sscte=1&crd=CNPgGw&eitems=ChEIgM61jgYQruiN_-a1uo_0ARIdAEz7HbCimI2cAS1ir8urIps5zWTnyRvIYbzD2JY HTTP 302
https://www.google.com/pagead/1p-conversion/980170053/?random=1294943914&cv=9&fst=1640899977342&num=1&value=0&label=x8c1CMjokmsQxeqw0wM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F&tiba=Donate%20to%20The%20Salvation%20Army&auid=1775999282.1640899977&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=iSXOYdXiFe-ox_APq8S_iAc&cid=CAQSKQCNIrLMdpwqHsSw06olZqcSYbf1FnYRR6fNosfBZg22wUtxKzGh1xxb&eitems=ChEIgM61jgYQruiN_-a1uo_0ARIdAEz7HbCW1nP3vsdhP-VEFijol3ev3YavRNZCSD8&random=1494407226&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/980170053/?random=1294943914&cv=9&fst=1640899977342&num=1&value=0&label=x8c1CMjokmsQxeqw0wM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F&tiba=Donate%20to%20The%20Salvation%20Army&auid=1775999282.1640899977&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=iSXOYdXiFe-ox_APq8S_iAc&cid=CAQSKQCNIrLMdpwqHsSw06olZqcSYbf1FnYRR6fNosfBZg22wUtxKzGh1xxb&eitems=ChEIgM61jgYQruiN_-a1uo_0ARIdAEz7HbCW1nP3vsdhP-VEFijol3ev3YavRNZCSD8&random=1494407226&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hDuL9wDAeAwQPT3x_hKteemupqeABEPIik-bW-YhEJ4bO4ZCokREzmsV99aC30eJPYAdekcBaIEJC35krdFWoJx

Request Chain 199

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=61942373548019733752449857941414847894&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-yesvRT1E2pFWuGakaIN34TkT1KmRuPlvbZQ-~A

Request Chain 248

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWM0bGlBQUFBRWl3b1FQNw==

Request Chain 258

https://getrockerbox.com/rb?url=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url%26c_src%3D22ddjmadmtdtdgdurl%26c_src2%3Dtsm_22_direct_mail_cultivation_url&action=view&source=salvation_army&rb_source=salvation_army&script_version=xyz.js&sessionId=86c89954-2401-4dbb-9789-13a3c4160765&an_seg=9705236&type=imp&customer_id=undefined&uid=rbos-0919670a-6dea-41fa-ae38-29609f2d7c9d HTTP 302
https://secure.adnxs.com/seg?add=9705236 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9705236

Request Chain 266

https://cm.everesttech.net/cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&url=/1x1&google_hm=WWM0bGlBQUFBRWl3b1FQNw HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_gid=CAESEOaIbBngHzQhjuXKhA5oH74&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 270

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yc4liAAAAEiwoQP7&expires=90

Request Chain 271

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yc4liAAAAEiwoQP7 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yc4liAAAAEiwoQP7&C=1

Request Chain 274

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=Yc4liAAAAEiwoQP7

Request Chain 275

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yc4liAAAAEiwoQP7

Request Chain 276

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yc4liAAAAEiwoQP7

Request Chain 277

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yc4liAAAAEiwoQP7&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yc4liAAAAEiwoQP7&img=1&__user_check__=1&sync_id=0ecb043a-69b8-11ec-857e-14bc9e680106

Request Chain 279

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yc4liAAAAEiwoQP7&t=2592000&o=0

285 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
give.salvationarmytexas.org/give/178322/
Redirect Chain

http://salarmy-ntx.org/
https://give.salvationarmytexas.org/give/178322/

85 KB
25 KB

908ms
813ms

Document
text/html

2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3079c3611d92e526a45f17e00c8c32c288f5f44a5c808750f947e9931f286533

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 30 Dec 2021 21:32:55 GMT
content-type: text/html; charset=utf-8
cf-ray: 6c5e62292abbdfcb-FRA
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'self';
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
vary: Accept-Encoding
server: cloudflare
content-encoding: br

Redirect headers

Server: nginx
Date: Thu, 30 Dec 2021 21:32:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://give.salvationarmytexas.org/give/178322/#!/donation/checkout?c_src=22ddjmadmtdtdgdurl&c_src2=tsm_22_direct_mail_cultivation_url&utm_source=tsm-727&utm_medium=22ddjmadmtdtdgdurl&utm_campaign=direct_mail_cultivation_url
Strict-Transport-Security: max-age=0;

GET
H2 200 main.css
prod-frs.content.classy.org/prod/15674/static/frs/ 1 MB
137 KB 109ms
51ms Stylesheet
text/css 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15674/static/frs/main.css

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee0a9c05670b10b0bb3b2bf17fc7826884a3e8ac95980eb24f4a20640a139183

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:55 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 56320
cf-polished: origSize=1082318
x-amz-request-id: XDX3RWB7JWZTG57W
x-amz-id-2: H/xd+mKMPJPn3+Q/Q8/1Y1OrLi65EnubPlkYBykU5hYHMPAQL0quDtNzLg8NLzd00s4LJgW4hSE=
last-modified: Thu, 16 Dec 2021 19:36:59 GMT
server: cloudflare
etag: W/"4ee16dcd7646cabfc7ecf197dafb0289"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: text/css
cache-control: max-age=86400
cf-ray: 6c5e622ecf105a31-MXP
cf-bgj: minify

GET
H2 200 ddplugin.css
doublethedonation.com/api/css/ 153 KB
20 KB 400ms
176ms Stylesheet
text/css 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/css/ddplugin.css
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 34d4b0d52609d6fe3b7a0b1ade615a14d99b59b85c35a078c7839e33695a893b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:55 GMT
content-encoding: br
last-modified: Thu, 30 Dec 2021 07:11:11 GMT
server: nginx
etag: "61cd5b8f-5027"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=600;
content-length: 20519

GET
H2 200 rocket-loader.min.js Show response
give.salvationarmytexas.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 12ms
11ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmytexas.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/give/178322/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 26 Dec 2021 13:15:20 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"61c86ae8-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=172800, public
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 6c5e622edaf6dfcb-FRA
expires: Sat, 01 Jan 2022 21:32:55 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 117ms
70ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://give.salvationarmytexas.org/
Origin: https://give.salvationarmytexas.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:55 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6c5e622f285d0f6e-MXP

GET
H2 200 onetrustConsent-1539020710655.js Show response
prod-frs.content.classy.org/prod/15674/static/onetrust/ 50 KB
12 KB 97ms
97ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15674/static/onetrust/onetrustConsent-1539020710655.js

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

987371454c1ad11929a412bd48f8ca28d2a951425e60023e9b1031575980ac9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:55 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 54849
cf-polished: origSize=54583
x-amz-request-id: 9YGBABKKGMN4MXS8
x-amz-id-2: AnPrIYoOCxhhs7kG0AZhPF9/QE7A3lTZ2Q8zaCOczydgvj9HztSgpVybH7TqUhcWT3CEkg3Ypx8=
last-modified: Thu, 16 Dec 2021 19:36:59 GMT
server: cloudflare
etag: W/"64c3a4446a1c238c4df7f2db78163772"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 6c5e622effa45a31-MXP
cf-bgj: minify

GET
H2 200 iframe-v3.min.js Show response
htp.tokenex.com/iframe/ 15 KB
4 KB 511ms
127ms Script
application/javascript 52.143.247.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://htp.tokenex.com/iframe/iframe-v3.min.js

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1a544948c37c00bcd158a239f83ac9ef3f957645e777a565658f1a56b64f1c99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 Dec 2021 17:36:46 GMT
etag: "04bd75148fbd71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
date: Thu, 30 Dec 2021 21:32:55 GMT
accept-ranges: bytes
content-length: 3909
x-xss-protection: 1; mode=block

GET
H2 200 paypal-js.legacy.min.js Show response
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ 7 KB
3 KB 45ms
18ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:55 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5608194
fly-request-id: 01FJZFRMM9DBHPG2M766J8W1NQ
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6c5e622f1bea8bf7-FRA

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/15674/static/frs/donation/ 178 KB
36 KB 50ms
49ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15674/static/frs/donation/module.min.js

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7ca4fdc744278dca4f10f103e639def71c36a757c20ce7db24f7405408319ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 Dec 2021 19:36:59 GMT
server: cloudflare
age: 55826
etag: W/"96d1751b8be0d9141feef15c22ca1359"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 6c5e622effa95a31-MXP
x-amz-request-id: 9YGD0SYDQMQC813E
x-amz-id-2: 8jp3iM89FlpZsuFgOmdoLTphVriAd+THMgaQsQnDCVMNy0xuUpEmdv0xOOchWDTJs6fbXvZXOzQ=

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/15674/static/global/ 2 MB
339 KB 72ms
71ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15674/static/global/module.min.js

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f9856a3de4b4645d93b0b361242ec5f29b8052a6eb1b75bb11032f62e237b9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 Dec 2021 19:36:59 GMT
server: cloudflare
age: 54849
etag: W/"d7ede139964518dd4373679aa33a54ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 6c5e622effae5a31-MXP
x-amz-request-id: 9YGAZS73TS4SJC7Y
x-amz-id-2: kjEOMFiDyitNR6AxYnS7ef2NFxcEq9ZmONecAErWt+/e7tOWSfjL6jyz9r4rVVlLvEcii5qSVGc=

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/15674/static/global/ 1 MB
430 KB 58ms
57ms Script
application/javascript 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15674/static/global/libs.min.js

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 Dec 2021 19:36:59 GMT
server: cloudflare
age: 54849
etag: W/"772e1301b871cc2545926cb86ee5965f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 6c5e622effaf5a31-MXP
x-amz-request-id: 0J3A3KFRG97ZRVY7
x-amz-id-2: c8Ro+C7GCkZcM/OAK7vhihJu9zavQwhpUFVvXvx9hY13wYgIbkBHWS8P5hnsOe80eQ3Sb5xLmjk=

GET
H2 200 braintree.js Show response
js.braintreegateway.com/v2/ 175 KB
50 KB 92ms
20ms Script
application/javascript 13.224.96.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/v2/braintree.js

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-119.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

2f57fab97c15bf3519176fcd494f12d36d24ca3d761a787a1e66a1058bc6b30f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:11:07 GMT
content-encoding: gzip
last-modified: Tue, 30 Nov 2021 17:02:57 GMT
server: nginx
age: 1308
etag: W/"61a65941-2bc3c"
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: sgvbLrObR4VP-C87_JxDWVAUKFfDsc2TLz5H0wX5BIptc8HR47nLqw==
expires: Fri, 31 Dec 2021 21:11:07 GMT

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 86 KB
29 KB 140ms
50ms Script
application/javascript 13.224.96.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-91.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2f7ce78d07ff49132deb4fdd5b024e3a9bf9645215e0df7cc03dce96de79349

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: lQ3U1_5aIADlPHTY_fsybYncxaU8Mn3W
content-encoding: gzip
etag: W/"a3e02facb07cf9749e1ab6253bbbf04a"
age: 1971
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-request-id: 007HRXGGE8EJB4WZ
x-amz-id-2: 1aw4XnVglH2Sii7Ki3ujCzKLFClgu40lFnsmvjU3rarPfDOIbkcWgYXLfLEVHw9Try+niWo2N00=
last-modified: Wed, 22 Dec 2021 20:18:54 GMT
server: AmazonS3
date: Thu, 30 Dec 2021 21:00:04 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: eO54mLljXQAQNZrfauB_MB4oPRuwitIN6ctmBEMKGHq66JH1OC9bfg==

GET
H2 200 / Show response
js.stripe.com/v3/ 270 KB
71 KB 90ms
18ms Script
application/javascript 13.224.96.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-111.zrh50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

53f1b855b8410cd0863b08b6c402042c595edd9a0e0b2198ed7b46c45a2d3a1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 18
x-cache: Hit from cloudfront
date: Thu, 30 Dec 2021 21:32:38 GMT
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified: Thu, 23 Dec 2021 19:06:35 GMT
server: Cloudfront
etag: W/"8c1b7e1e299912c367c5a69fbb55d6d1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: E6KlJCOizrsmSTdnq5zl4xjNdvoQRHTpWuIhe2vVD2AyTiAHgOseCQ==

GET
H2 200 ddplugin.js Show response
doublethedonation.com/api/js/ 454 KB
92 KB 312ms
179ms Script
text/javascript 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/js/ddplugin.js
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.96.109.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 6534fd120d9fbe3d09a439533c9a8bdae6c6e55916d9d9ab8586332adb8a6bee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:55 GMT
content-encoding: br
last-modified: Thu, 30 Dec 2021 07:11:10 GMT
server: nginx
etag: "61cd5b8e-16e31"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=600;
content-length: 93745

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1910
date: Thu, 30 Dec 2021 21:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 30 Dec 2021 23:01:06 GMT

GET
H2 200 heap-1566116007.js Show response
cdn.heapanalytics.com/js/ 108 KB
43 KB 87ms
23ms Script
application/javascript 13.224.96.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-1566116007.js

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-54.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

7eb91025829b2108cc4d406f5b86a01eb0442d60396b3a30a838cc98c62aad12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:15 GMT
content-encoding: gzip
server: nginx
age: 41
etag: W/"1aef2-2AH/Id7OyNsCw07TZXQx7w"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: ZRH50-C1
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: NpbIdBF5aYY8KZAjSdBhdCcsofYYbd18EH8LPyDghf-zkcKoLt7B5Q==

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 167ms
144ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin: https://give.salvationarmytexas.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Thu, 30 Dec 2021 21:32:56 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
140 B 144ms
144ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1.0
Referer: https://give.salvationarmytexas.org/
Bugsnag-Sent-At: 2021-12-30T21:32:56.129Z
Accept-Language: de-DE,de;q=0.9
Bugsnag-Api-Key: ed2f4223afa43ef4870a151ab82d1ac6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 30 Dec 2021 21:32:56 GMT
via: 1.1 google
bugsnag-session-uuid: 2c7134ab-f744-45ee-ad0b-e591b33c904a
alt-svc: clear
content-length: 21
content-type: application/json

GET
H2 200 optanon.css
prod-frs.content.classy.org/prod/15674/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/ 22 KB
6 KB 48ms
48ms Stylesheet
text/css 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15674/static/onetrust/skins/3.6.25/default_flat_bottom_two_button_white/v2/css/optanon.css

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adf4afee15d307888f52c5c1b8649ba2ef593e9a04e1400b63f80774c0d20176

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 54848
cf-polished: origSize=22581
x-amz-request-id: ZV6YAZQ97MZ26Z2P
x-amz-id-2: vIF/R94LG8Ss06Dp1rav1WmffMQvYa4uWTfqdDfa3Kz7qVIaoeLlU5+CILDHav0vmu+MdsuJXQs=
last-modified: Thu, 16 Dec 2021 19:36:59 GMT
server: cloudflare
etag: W/"5ec3a032a0370bd8e3f63adf430b4617"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: text/css
cache-control: max-age=86400
cf-ray: 6c5e62330c1d5a31-MXP
cf-bgj: minify

GET
H2 200 EU Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/ 32 B
256 B 57ms
29ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery321008273480121196553_1640899976060&_=1640899976061

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6c5e62332e72697f-FRA
content-length: 32

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 542 KB
137 KB 83ms
57ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PMXWH57

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d52001fc076a64ba1009efd891be4999161fe0bac0ae2e73f201353dc2bb3a31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139321
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 30 Dec 2021 21:32:56 GMT

GET
H2 200 sdk.js Show response
give.salvationarmytexas.org/sso/ 11 KB
3 KB 54ms
54ms Script
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmytexas.org/sso/sdk.js

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.40

Resource Hash

ecb1e4593e72c3d2ae1f92066a14f086ced378dad2abe1dd55be7b1f0d21e8a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/give/178322/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 979
x-powered-by: PHP/5.6.40
cf-bgj: minify
last-modified: Thu, 30 Dec 2021 21:16:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: max-age=1200
cf-polished: origSize=20773
cf-ray: 6c5e6232fbecdfcb-FRA
expires: Thu, 30 Dec 2021 21:36:37 GMT

GET
H2 200 link-dynamic-loader.js
cdn.plaid.com/link/2.0.1228/ 0
41 KB 13ms
12ms Other
application/javascript 13.224.96.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/2.0.1228/link-dynamic-loader.js
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-91.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 15:55:29 GMT
content-encoding: gzip
age: 20248
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 22 Dec 2021 20:18:54 GMT
server: AmazonS3
etag: W/"7d4d0b584159476d9f5e332df85ea451"
vary: Accept-Encoding
x-amz-version-id: EMzzqMrGKn_GZRRIcDQiq8gfmfXMhFti
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
cache-control: max-age=10800
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: Fij4s2JdkEx4VmlszS0foCrWhsNki6h3n109IXs5PDQoFSF_csrAsQ==

GET
H2 200 m-outer-fd3c67f2efa9f22f2ecd16b13f2a7fb3.html Show response
js.stripe.com/v3/ Frame 3102 240 B
956 B 13ms
13ms Document
text/html 13.224.96.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-fd3c67f2efa9f22f2ecd16b13f2a7fb3.html

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-111.zrh50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f5b3f1b9deff0b138c2506741a71c40f93ac85a02d45f017eac6fb92b3ff5b50

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/

Response headers

content-type: text/html; charset=utf-8
content-length: 240
last-modified: Thu, 23 Dec 2021 18:50:06 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Thu, 30 Dec 2021 21:32:30 GMT
cache-control: max-age=60
etag: "fd3c67f2efa9f22f2ecd16b13f2a7fb3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 39d1-YdoFxYEqM7pjWUcU3d1jYIGgdbdY1oe11tG4iN9lZx4R79U_g==
age: 26

GET
H2 200 nr-spa-1212.min.js Show response
js-agent.newrelic.com/ 44 KB
17 KB 33ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1212.min.js
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ebfe453394ff1be6ef75d380ab7c5535aea0b51832d045f0d5d0ef7e6535969c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: wY72Ah.NJX5KzzqRFK3uhSo3Jh07tDe4
content-encoding: gzip
etag: "8bd93bf0ecb2f4e971a2055a41402bb6"
x-amz-request-id: ANVX8WPYJ9NM99FD
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 16636
x-amz-id-2: //pISD16Bm7/1PDlW0ghswvgTyyOyXNw/emHSr2czJPEUE1eLcqp61M3L9P610qmdidTDtCabTk=
x-served-by: cache-hhn4031-HHN
last-modified: Thu, 04 Nov 2021 21:16:16 GMT
server: AmazonS3
x-timer: S1640899976.207930,VS0,VE0
date: Thu, 30 Dec 2021 21:32:56 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 7170

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 241ms
38ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CDF) /
Resource Hash: 97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 21:32:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 21:35:27 GMT
Server: ECS (mil/6CDF)
Age: 1059
Etag: "50ec7e701ed018305368886c39cac301+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29126

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
1 KB 48ms
24ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8002dace9aa6d2f5a60968e10897ec4b45e698b2851a22320a6cb5f7df42c67c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
expires: Thu, 30 Dec 2021 21:32:56 GMT

POST
H2 200 rum Show response
give.salvationarmytexas.org/cdn-cgi/ 0
198 B 15ms
14ms XHR
text/plain 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmytexas.org/cdn-cgi/rum?

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-04219b8289c82055----1640899976343
traceparent: 00-862f70f7bbe30e0847c5d960f88f2960-04219b8289c82055-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIwNDIxOWI4Mjg5YzgyMDU1IiwidHIiOiI4NjJmNzBmN2JiZTMwZTA4NDdjNWQ5NjBmODhmMjk2MCIsInRpIjoxNjQwODk5OTc2MzQzfX0=
content-type: application/json
Referer: https://give.salvationarmytexas.org/give/178322/

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://give.salvationarmytexas.org
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6c5e62342db2dfcb-FRA
vary: Origin

GET
H2 200 tax-entities Show response
give.salvationarmytexas.org/frs-api/organizations/50874/ 397 B
312 B 493ms
493ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmytexas.org/frs-api/organizations/50874/tax-entities

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f44a97478cf822c45505352a029fffc8d4fedcb4e8564b73c92559f460cb2dc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: 3QNDTYB9-ssBwfGgBA_n2Xi6Xwtx42UdXioU
tracestate: 423787@nr=0-1-423787-363751183-2dca93b2b7e6f560----1640899976345
traceparent: 00-1f4c20012a0a3e28fae47e778d835980-2dca93b2b7e6f560-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIyZGNhOTNiMmI3ZTZmNTYwIiwidHIiOiIxZjRjMjAwMTJhMGEzZTI4ZmFlNDdlNzc4ZDgzNTk4MCIsInRpIjoxNjQwODk5OTc2MzQ1fX0=
Accept: application/json, text/plain, */*
csrf-token: 3QNDTYB9-ssBwfGgBA_n2Xi6Xwtx42UdXioU
Referer: https://give.salvationarmytexas.org/give/178322/

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"18d-KlvZKgzQ+M+XPsQG6cw3hUcgKD8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 6c5e62342db5dfcb-FRA
vary: Accept-Encoding

GET
H2 200 channels Show response
give.salvationarmytexas.org/frs-api/campaigns/178322/ 786 B
476 B 479ms
479ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmytexas.org/frs-api/campaigns/178322/channels?filter=channel_name%3DDoubletheDonation

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7dedbe3f7c471c182fc6fe56914988b29be598193ad9ce2f1e4edd9c506d952

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: 3QNDTYB9-ssBwfGgBA_n2Xi6Xwtx42UdXioU
tracestate: 423787@nr=0-1-423787-363751183-9e17a29da3edbe91----1640899976373
traceparent: 00-5a140da6f8f51a94b49e02fae9cddf50-9e17a29da3edbe91-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI5ZTE3YTI5ZGEzZWRiZTkxIiwidHIiOiI1YTE0MGRhNmY4ZjUxYTk0YjQ5ZTAyZmFlOWNkZGY1MCIsInRpIjoxNjQwODk5OTc2MzczfX0=
Accept: application/json, text/plain, */*
csrf-token: 3QNDTYB9-ssBwfGgBA_n2Xi6Xwtx42UdXioU
Referer: https://give.salvationarmytexas.org/give/178322/

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"312-hSrGQqeI3WzHIWKImgIqhJs3NcA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 6c5e62345df8dfcb-FRA
vary: Accept-Encoding

GET
H2 200 ach-account-routing Show response
give.salvationarmytexas.org/frs-api/organizations/50874/ 33 B
464 B 453ms
453ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmytexas.org/frs-api/organizations/50874/ach-account-routing

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: 3QNDTYB9-ssBwfGgBA_n2Xi6Xwtx42UdXioU
tracestate: 423787@nr=0-1-423787-363751183-9cbdd81bd33b716a----1640899976374
traceparent: 00-24ac2840648de96c17e33758badff2d0-9cbdd81bd33b716a-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI5Y2JkZDgxYmQzM2I3MTZhIiwidHIiOiIyNGFjMjg0MDY0OGRlOTZjMTdlMzM3NThiYWRmZjJkMCIsInRpIjoxNjQwODk5OTc2Mzc0fX0=
Accept: application/json, text/plain, */*
csrf-token: 3QNDTYB9-ssBwfGgBA_n2Xi6Xwtx42UdXioU
Referer: https://give.salvationarmytexas.org/give/178322/

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"21-x2mDQC0vzbrt0ZWFDFk/7jYh9jg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
content-security-policy-report-only: script-src 'none'; report-uri /cdn-cgi/script_monitor/report?m=nflHdePy4lJf3LOD5bhjzNeBA5pmQ1Syo8wr_hgzFxQ-1640899976-0-AVyFBbkGSTt64Z1UtiWtpBmxFgR0tkrBkYKjozEhyz7e7Sx_k6Ja7MfZfytNPSXDbw
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 6c5e62345dfddfcb-FRA
vary: Accept-Encoding
content-length: 33

GET
H2 200 braintree Show response
pay.classy.org/token/ 3 KB
3 KB 1028ms
969ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/braintree?applicationId=8265&currency=EUR

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb7b01186b504d95cdf94c25112f03ff3c412ccea15a8374e333b99e51a383b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.salvationarmytexas.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
via: 1.1 a7750b04e96e89c0816616ed8cc70afc.cloudfront.net (CloudFront)
x-classypay-version: 1
cf-cache-status: DYNAMIC
x-amz-cf-pop: MXP64-C3
x-cache: Miss from cloudfront
x-classypay-requestid: fdf9ff3f-6677-4cc8-b8ce-9882846147f0
content-encoding: br
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 6c5e62350f2b374e-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: Lu5vgMgRAlIye03m8ilWRcVaWmsn9MIFQgPj8L1AMgrrLAKSRaSsjw==

GET
H2 200 plaid Show response
pay.classy.org/token/ 88 B
805 B 270ms
212ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=8265&currency=EUR

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.salvationarmytexas.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
via: 1.1 5427b6f9e99013a38c36e041a855ef66.cloudfront.net (CloudFront)
x-classypay-version: 1
cf-cache-status: DYNAMIC
x-amz-cf-pop: MXP64-C3
x-cache: Miss from cloudfront
x-classypay-requestid: 1e0515e6-bce2-4b8e-a34e-c1a9d7fff81d
content-encoding: br
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 6c5e62350f30374e-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: JVdiaIn0mEWOjDwu8xJNmd_DoGxhgwfvuB1ZUJLYnYYHJ9nLN-xFSg==

GET
H2 200 currency-conversions Show response
give.salvationarmytexas.org/frs-api/i18n/ 75 B
203 B 471ms
471ms XHR
application/json 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmytexas.org/frs-api/i18n/currency-conversions?amount=1&from=USD&to=EUR

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e9b5af3fbf4708d26a0b848da3e5c065451bef0fb984d88544319c94dbcc89f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: 3QNDTYB9-ssBwfGgBA_n2Xi6Xwtx42UdXioU
tracestate: 423787@nr=0-1-423787-363751183-65c7bc651ae97110----1640899976448
traceparent: 00-6061984ff7941cd4498104bf9e6a4460-65c7bc651ae97110-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI2NWM3YmM2NTFhZTk3MTEwIiwidHIiOiI2MDYxOTg0ZmY3OTQxY2Q0NDk4MTA0YmY5ZTZhNDQ2MCIsInRpIjoxNjQwODk5OTc2NDQ4fX0=
Accept: application/json, text/plain, */*
csrf-token: 3QNDTYB9-ssBwfGgBA_n2Xi6Xwtx42UdXioU
Referer: https://give.salvationarmytexas.org/give/178322/

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"4b-khjYYAxppQBYhJTdWl+sSICQdXc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 6c5e6234deecdfcb-FRA
vary: Accept-Encoding

GET
H2 200 user-icon.png
give.salvationarmytexas.org/static/global/images/ 2 KB
2 KB 70ms
69ms Image
image/webp 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.salvationarmytexas.org/static/global/images/user-icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/give/178322/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 792020
cf-polished: origFmt=png, origSize=4588
content-security-policy-report-only: script-src 'none'; report-uri /cdn-cgi/script_monitor/report?m=S69u.1kKTCyg39NUaT1AFDjYGFfCnIt8farVBTlvfe0-1640899976-0-AcQcvceTAwZl5NMIQlMS-o5P1sF1sdQ-_4pXRU9D9CYFnOnvqk_rIVwZ_OSNgwAksQ
content-disposition: inline; filename="user-icon.webp"
cf-bgj: imgq:85,h2pri
content-length: 2024
last-modified: Thu, 16 Dec 2021 19:32:12 GMT
server: cloudflare
etag: "61bb943c-11ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6c5e6234df00dfcb-FRA
expires: Wed, 21 Dec 2022 17:32:36 GMT

GET
H2 200 3d95b3ec-22e9-11e8-a959-065f5d119f96.png
assets.classy.org/5866174/ 19 KB
19 KB 170ms
152ms Image
image/png 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/5866174/3d95b3ec-22e9-11e8-a959-065f5d119f96.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89c510cebaefcff2ea9b12904b0e0be9657f047b339b36b1b0862d4fcf7237d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
via: 1.1 d64f2c2143842e4fb6820056f2f13c48.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
x-amz-cf-pop: MXP64-C1
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 19064
last-modified: Thu, 08 Mar 2018 15:56:20 GMT
server: cloudflare
etag: "9fda04776c236c99d281ba3e4c0e4274"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/png
cache-control: public,max-age=31536000
x-amz-version-id: 5iwK6XlT7aoUxhuK_oBgkpiI9StJ2_jM
accept-ranges: bytes
cf-ray: 6c5e62350a6d5a31-MXP
x-amz-cf-id: Vm__6wGDzOt7YdH95uzVzqpxCF5rM21GpcQ7orbP6_rWy8aPYItJTA==

GET
H2 200 2f83a6b4-2178-11e8-9943-06ca153bb396.png
assets.classy.org/6635280/ 7 KB
7 KB 151ms
134ms Image
image/png 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/6635280/2f83a6b4-2178-11e8-9943-06ca153bb396.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c00d6640ab679b65955cadca59c8424bbe5da2fd592c16234160eea11ae7f39b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
via: 1.1 c60d08323363c4861c206b74cb68eeb1.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
x-amz-cf-pop: MXP64-C1
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 7022
last-modified: Tue, 06 Mar 2018 19:54:33 GMT
server: cloudflare
etag: "879994abde10ae4b2474aa00811c97f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/png
cache-control: public,max-age=31536000
x-amz-version-id: zJ_D43sQ_auB1Nlz2lzuuicFO9bpS9h2
accept-ranges: bytes
cf-ray: 6c5e62350a725a31-MXP
x-amz-cf-id: _yxTLeVtLhkDhFr2E208gDP1Cze4SMWwwSClUTTc1uNKiwflFksBoA==

GET
H2 200 logo-paypal.svg
give.salvationarmytexas.org/static/global/images/payments/ 4 KB
3 KB 454ms
453ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.salvationarmytexas.org/static/global/images/payments/logo-paypal.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

655fc56e3d81e573cdddfd666426b797ac6031526d792ab9f4622894f7fa9031

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/give/178322/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 16 Dec 2021 19:32:12 GMT
server: cloudflare
etag: W/"61bb943c-1042"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 6c5e6234df04dfcb-FRA
expires: Fri, 30 Dec 2022 21:32:56 GMT

GET
H2 200 b1c824ac-221c-11e8-9a62-06ca153bb396.jpg
assets.classy.org/5866174/ 907 KB
908 KB 179ms
162ms Image
image/jpeg 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/5866174/b1c824ac-221c-11e8-9a62-06ca153bb396.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed0b0074242c433985117b90a741b484bb7ba9924f4f48319c9970bd8fbd74ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
via: 1.1 30d508255f72fdd1189d1f581ac8dad9.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
x-amz-cf-pop: MXP64-C1
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 928908
last-modified: Wed, 07 Mar 2018 15:32:10 GMT
server: cloudflare
etag: "398ef03406a2c8002c0202feae230050"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/jpeg
cache-control: public,max-age=31536000
x-amz-version-id: 483gKKE2V3kaakhbcRZ5ORM7O1Jfz7ra
accept-ranges: bytes
cf-ray: 6c5e62350a755a31-MXP
x-amz-cf-id: FLMlXpWjeFCciCUbheekbJ0ELcPlZoqKfesZVMuDzOxwcA7IiR0PyQ==

GET
H2 200 dropdown-caret.png
prod-frs.content.classy.org/prod/15674/static/global/images/ 394 B
812 B 43ms
43ms Image
image/webp 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/15674/static/global/images/dropdown-caret.png

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/15674/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prod-frs.content.classy.org/prod/15674/static/frs/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
vary: Accept
cf-cache-status: HIT
age: 53326
cf-polished: origFmt=png, origSize=547
cf-ray: 6c5e6234ea195a31-MXP
content-disposition: inline; filename="dropdown-caret.webp"
content-length: 394
x-amz-id-2: IoEsrfymtVh8lVOchWU8ONNYhmwoaZBElqVMeXe6rLyI1e3mG/CcJw9kZOevPi3yXpL2Vir0Wo8=
last-modified: Thu, 16 Dec 2021 19:36:59 GMT
server: cloudflare
etag: "43da60879cfe0801ed7fc830a628885c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-amz-request-id: YQ030X79H7GQS3EF
cache-control: max-age=86400
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 ClassyIcons.woff
prod-frs.content.classy.org/prod/15674/static/global/fonts/ 42 KB
43 KB 751ms
708ms Font
application/x-font-woff 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15674/static/global/fonts/ClassyIcons.woff

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/15674/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8df3554bf3a552f23abecd026e0928042dbdde79235cb09eb30b908ce279a7b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/15674/static/frs/main.css
Origin: https://give.salvationarmytexas.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
x-amz-request-id: DY9ABR4H7QECS98K
strict-transport-security: max-age=15552000; includeSubDomains
content-length: 43184
x-amz-id-2: Ys/Nzt9SHrLVDnDKHnEXao50whKsgQyXcKRLwhD0cqiSsOU74Q1uFsjmiuZQvzpTgo6lIDrQy10=
last-modified: Thu, 16 Dec 2021 19:36:59 GMT
server: cloudflare
etag: "68a5245a85f26e0e8a37d95d6369dde2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6c5e62353c233753-MXP

GET
H2 200 fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/15674/static/fonts/ 65 KB
66 KB 711ms
669ms Font
binary/octet-stream 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/15674/static/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/15674/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/15674/static/frs/main.css
Origin: https://give.salvationarmytexas.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
x-amz-request-id: DY925FN32DGNSGH1
strict-transport-security: max-age=15552000; includeSubDomains
content-length: 66624
x-amz-id-2: l07Bzc0tva7aiT3f1VrbvyNOQ2V+PLwc5Tfz4K9IN3/5wAwzjHNrTEUgSeYCfdpgfC3LFTppSLs=
last-modified: Thu, 16 Dec 2021 19:36:59 GMT
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6c5e62353c343753-MXP

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 309ms
102ms Image
image/gif 52.204.77.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=7301909825941009&v=7298666570085063&s=4974540066417987&b=web&tv=4.0&z=0&g=%23!%2Fdonation%2Fcheckout%3Fc_src%3D22ddjmadmtdtdgdurl%26c_src2%3Dtsm_22_direct_mail_cultivation_url%26utm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url&h=%2Fgive%2F178322%2F&d=give.salvationarmytexas.org&t=Donate%20to%20The%20Salvation%20Army&ts=1640899976499&pr=%2Fgive%2F178322%2F&st=1640899976502

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.204.77.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-204-77-146.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:56 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

POST
H2 200 rum Show response
give.salvationarmytexas.org/cdn-cgi/ 0
77 B 12ms
11ms XHR
text/plain 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmytexas.org/cdn-cgi/rum?

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-6f2bfb7752fb24cb----1640899976504
traceparent: 00-38cbf49905d487a5e331af7432939230-6f2bfb7752fb24cb-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI2ZjJiZmI3NzUyZmIyNGNiIiwidHIiOiIzOGNiZjQ5OTA1ZDQ4N2E1ZTMzMWFmNzQzMjkzOTIzMCIsInRpIjoxNjQwODk5OTc2NTA0fX0=
content-type: application/json
Referer: https://give.salvationarmytexas.org/give/178322/

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://give.salvationarmytexas.org
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6c5e62352faddfcb-FRA
vary: Origin

POST
H2 200 csp-report
q.stripe.com/ Frame 3102 0
348 B 508ms
178ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 20
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 45ms
17ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8ca5b0e248255ce9e81e10a3970a2d627dc55a03f5807b04560281a17720b8e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 21:32:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 30 Dec 2021 21:32:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Dec 2021 21:32:56 GMT

GET
H2 200 stripe Show response
pay.classy.org/token/ 99 B
649 B 359ms
359ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/stripe?applicationId=8265&currency=EUR

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddc654f4476e968fb501249f1c3156024f9d8ccb528bc2936de119bfa4beeee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.salvationarmytexas.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
via: 1.1 f6f860dfc55b1909ca7a53c7e5987f4b.cloudfront.net (CloudFront)
x-classypay-version: 1
cf-cache-status: DYNAMIC
x-amz-cf-pop: MXP64-C3
content-security-policy-report-only: script-src 'none'; report-uri /cdn-cgi/script_monitor/report?m=QYlQE9T72PskiQ.dE1vOUkRE55k.kqj2Q3xj5HQF6Ag-1640899976-0-AWMKO7sFZ7v5Ilf73yHINxzZamQaOj_IJWgsvXgssY7f0YTxQdo7ehmrxaA0FCRZ0g
x-cache: Miss from cloudfront
x-classypay-requestid: b79bcb07-57c1-4a50-af4f-62e3443bccca
content-encoding: br
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 6c5e62354fe3374e-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: loBuMMNvtuj7YHqjR2s3CADi8-SP8JGuPM8_jxp1jfRRPKqZD8cIqQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
155 B 15ms
14ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=736156212&t=timing&_s=1&dl=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F%23utm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Salvation%20Army&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20latency&utv=fresh&utl=1640899976224&utt=445&_u=aGDACEABBAAAAC~&jid=2000295222&gjid=44316816&cid=1659302148.1640899976&tid=UA-3837893-1&_gid=1394818032.1640899976&_r=1&_slc=1&cd1=50874&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=178322&cd6=campaign&cd11=recurring%20optimization&z=942078459

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.salvationarmytexas.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.salvationarmytexas.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 8ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=736156212&t=timing&_s=2&dl=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F%23utm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Salvation%20Army&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20first%20byte&utv=fresh&utl=1640899976224&utt=1258&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1659302148.1640899976&tid=UA-3837893-1&_gid=1394818032.1640899976&cd1=50874&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=178322&cd6=campaign&cd11=recurring%20optimization&z=128872398

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 02:10:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69752
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 8ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=736156212&t=timing&_s=3&dl=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F%23utm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Salvation%20Army&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20last%20byte&utv=fresh&utl=1640899976224&utt=1354&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1659302148.1640899976&tid=UA-3837893-1&_gid=1394818032.1640899976&cd1=50874&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=178322&cd6=campaign&cd11=recurring%20optimization&z=1184596437

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 02:10:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69752
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 8ms
8ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=736156212&t=timing&_s=4&dl=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F%23utm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Salvation%20Army&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20document%20ready&utv=fresh&utl=1640899976224&utt=1704&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1659302148.1640899976&tid=UA-3837893-1&_gid=1394818032.1640899976&cd1=50874&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=178322&cd6=campaign&cd11=recurring%20optimization&z=1032978982

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 02:10:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69752
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 9ms
8ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=736156212&t=timing&_s=5&dl=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F%23utm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Salvation%20Army&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20view%20rendered&utv=fresh&utl=1640899976224&utt=2381&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1659302148.1640899976&tid=UA-3837893-1&_gid=1394818032.1640899976&cd1=50874&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=178322&cd6=campaign&cd11=recurring%20optimization&z=44592259

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 02:10:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69752
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 h
heapanalytics.com/ 37 B
259 B 268ms
98ms Image
image/gif 52.204.77.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=7301909825941009&v=5584865395564415&s=4974540066417987&b=web&tv=4.0&z=2&g=%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url%26c_src%3D22ddjmadmtdtdgdurl%26c_src2%3Dtsm_22_direct_mail_cultivation_url&h=%2Fgive%2F178322%2F&d=give.salvationarmytexas.org&t=Donate%20to%20The%20Salvation%20Army&ts=1640899976539&pr=%2Fgive%2F178322%2F&sp=z&sp=0&sp=ts&sp=1640899976499&sp=d&sp=give.salvationarmytexas.org&sp=h&sp=%2Fgive%2F178322%2F&sp=t&sp=Donate%20to%20The%20Salvation%20Army&sp=g&sp=%23!%2Fdonation%2Fcheckout%3Fc_src%3D22ddjmadmtdtdgdurl%26c_src2%3Dtsm_22_direct_mail_cultivation_url%26utm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url&st=1640899976539

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.204.77.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-204-77-146.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:56 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 telemetry
heapanalytics.com/api/ 37 B
258 B 257ms
99ms Image
image/gif 52.204.77.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/telemetry?a=1566116007&te=type&te=data&te=cm&te=eventPropertiesTelemetry%20-%20added%20new%20properties&te=val&te=8&st=1640899976550&hv=4.15.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.204.77.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-204-77-146.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:56 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 m-outer-35486fb0f96ff904df60da905ccd0cda.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3102 1 KB
1 KB 16ms
15ms Script
application/javascript 13.224.96.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-35486fb0f96ff904df60da905ccd0cda.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-fd3c67f2efa9f22f2ecd16b13f2a7fb3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-111.zrh50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-fd3c67f2efa9f22f2ecd16b13f2a7fb3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 29
x-cache: Hit from cloudfront
date: Thu, 30 Dec 2021 21:32:28 GMT
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified: Thu, 23 Dec 2021 18:49:59 GMT
server: Cloudfront
etag: W/"5213886b88cd72e6d0aebc89868e5d13"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: 7HW58D-nMHZqOExgBLRCsaHzeq_squmdwOWR4-f4nmkvKQ2UFcJiIA==

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 37ms
11ms Script
application/javascript 2001:4de0:ac18::1:a:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: https://give.salvationarmytexas.org/
Origin: https://give.salvationarmytexas.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1538f"
vary: Accept-Encoding
x-hw: 1640899976.dop125.fr8.t,1640899976.cds287.fr8.hn,1640899976.cds057.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H/1.1 200
OK 67fe2a1b26 Show response
bam-cell.nr-data.net/1/ 49 B
715 B 209ms
172ms Script
text/javascript 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/67fe2a1b26?a=363721230&v=1212.e95d35c&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaV1wQUEoKUwMJQlkMUl58Ah8%3D&rst=2426&ck=1&ref=https://give.salvationarmytexas.org/give/178322/&ap=225.94037&be=1699&fe=2043&dc=2041&tt=3982cd6be98234&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1640899974135,%22n%22:0,%22f%22:350,%22dn%22:351,%22dne%22:421,%22c%22:421,%22s%22:426,%22ce%22:445,%22rq%22:445,%22rp%22:1258,%22rpe%22:1354,%22dl%22:1261,%22di%22:1358,%22ds%22:1484,%22de%22:1484,%22dc%22:1697,%22l%22:1697,%22le%22:1704%7D,%22navigation%22:%7B%7D%7D&fp=2387&fcp=2387&jsonp=NREUM.setToken
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 21:32:56 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6c5e6235ca7f5b32-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
447 B 61ms
20ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3837893-1&cid=1659302148.1640899976&jid=2000295222&gjid=44316816&_gid=1394818032.1640899976&_u=aGDACEAABAAAAC~&z=1669814315

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.salvationarmytexas.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 30 Dec 2021 21:32:56 GMT
content-type: text/plain
access-control-allow-origin: https://give.salvationarmytexas.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v7/ 27 KB
27 KB 46ms
9ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v7/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.salvationarmytexas.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 04:15:12 GMT
x-content-type-options: nosniff
age: 235064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27420
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:05:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 04:15:12 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v7/ 27 KB
27 KB 51ms
16ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v7/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.salvationarmytexas.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 04:15:12 GMT
x-content-type-options: nosniff
age: 235064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27420
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:05:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 04:15:12 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v7/ 27 KB
27 KB 56ms
22ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v7/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.salvationarmytexas.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 04:15:12 GMT
x-content-type-options: nosniff
age: 235064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27420
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:05:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 04:15:12 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v7/ 28 KB
29 KB 56ms
26ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v7/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

056a25fd3493379aba428c8c679b68a841060e54b9bab8c65361a573ba2305ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.salvationarmytexas.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:08:40 GMT
x-content-type-options: nosniff
age: 167056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29144
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:05:42 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 23:08:40 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 3 KB
2 KB 157ms
34ms XHR
application/json 54.194.185.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=20A0289659302A7E0A495D28%40AdobeOrg&d_nsid=0&ts=1640899976621

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.185.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-185-111.eu-west-1.compute.amazonaws.com

Software

Resource Hash

b7ece9068415c2d36c2f92110cd5b68d33c78ef3c20daf436ebf8321357d15aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.salvationarmytexas.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v026-0a67b47cd.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: MEc3tTj3Rj0=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://give.salvationarmytexas.org
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1187
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 16ms
16ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=736156212&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F%23utm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Salvation%20Army&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=gtm.js&ea=gtm.js&el=give.salvationarmytexas.org&ev=0&_u=aGDACEABBAAAAC~&jid=592470348&gjid=1312500164&cid=1659302148.1640899976&tid=UA-51388709-1&_gid=1394818032.1640899976&_r=1&gtm=2wgc10PMXWH57&z=1461749624

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.salvationarmytexas.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.salvationarmytexas.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1910
date: Thu, 30 Dec 2021 21:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 30 Dec 2021 23:01:06 GMT

GET
H2 200 ActivityServer.bs Show response
bs.serving-sys.com/Serving/ 1 KB
1 KB 58ms
8ms Script
text/html 18.193.171.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/ActivityServer.bs?cn=as&ActivityID=550371&rnd=501311.18318973813&UniqueDonorID=undefined&ZipCode=undefined&NewDonor=[NewDonor]&Revenue=undefined&Territory=[Territory]
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.171.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-171-118.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e176dddc73ab5ceebd4520f8381d9486e29cacef98a2e3d5d44000b7027f7978

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin: *
cache-control: no-cache, no-store
content-type: text/html; charset=UTF-8
content-length: 646
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

14 KB
5 KB

7ms
7ms

Script
application/javascript

199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Protocol: H2
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 23:58:10 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kjyo7100026-IAD, cache-hhn11523-HHN

Redirect headers

x-tw-cdn: VZ
Date: Thu, 30 Dec 2021 21:32:56 GMT
Server: ECS (mil/6CDF)
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Location: https://static.ads-twitter.com/oct.js
Content-Length: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 133 KB
50 KB 42ms
27ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-827406829

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

018f6e2713173d50818d1fc9de53ad0478d86add88b87de6207f1c56712f8f35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51031
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 30 Dec 2021 21:32:56 GMT

GET
H/1.1 200
OK last-event-tag-latest.min.js Show response
www.everestjs.net/static/le/ 7 KB
3 KB 50ms
8ms Script
application/javascript 104.94.241.182
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.everestjs.net/static/le/last-event-tag-latest.min.js
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.94.241.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-241-182.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: abb45ae4b3a896ae99132c1786a9676218c119ea552d3fbb5ab6d40d9e05e43c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Last-Modified: Wed, 16 Jun 2021 15:18:41 GMT
Server: AmazonS3
x-amz-request-id: 9YQ306SMW4TV9EY2
ETag: "d5991c18a0042eb33f92c6b5b44ffe8d"
Vary: Accept-Encoding
Content-Type: application/javascript
Date: Thu, 30 Dec 2021 21:32:56 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2663
x-amz-id-2: 74aZn+ioPdkgh/NIhPiLMtswDKn96+1UDcWaD9ORN4TizRDHIYqjkoOTC3NCpf/D6uSaFgp0cP0=

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 40ms
8ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 23:58:10 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kjyo7100021-IAD, cache-hhn11523-HHN

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 65ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:55 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 80AB17433E0B48D09972576BCAC39EB1 Ref B: FRAEDGE1416 Ref C: 2021-12-30T21:32:56Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/8da38e9a/www-widgetapi.vflset/ 149 KB
48 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8da38e9a/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5071f1b82cf34198f13d9c727f4705d7a4daa61723adacfcd7123abcb4b3c4c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:03:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1787
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49407
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 22:18:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 30 Dec 2022 21:03:09 GMT

GET
H/1.1 200
OK widget_iframe.21f942bb866c2823339b839747a0c50c.html Show response
platform.twitter.com/widgets/ Frame 6A7C 319 KB
103 KB 39ms
38ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fgive.salvationarmytexas.org
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF2) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1818394
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 30 Dec 2021 21:32:56 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 02 Dec 2021 21:34:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CF2)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 2A27 932 B
2 KB 73ms
19ms Document
text/html 2600:9000:2190:fe00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-35486fb0f96ff904df60da905ccd0cda.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:fe00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 932
last-modified: Thu, 04 Nov 2021 19:04:57 GMT
accept-ranges: bytes
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
x-content-type-options: nosniff
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://m.stripe.com; default-src 'none'; font-src 'self'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy: connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
date: Thu, 30 Dec 2021 21:31:54 GMT
cache-control: max-age=300, public
etag: "f6254e6dd0cb06228801a1c8baf0939f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: PbP0SyrbQR24dA1lkmvCItyigDcwNFXWqp_lQknovJbF-1uTW_OdnA==
age: 62

GET
H2 200 plaid Show response
pay.classy.org/token/ 88 B
438 B 387ms
387ms XHR
application/json 2606:4700::6812:843c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.classy.org/token/plaid?applicationId=8265&currency=EUR

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:843c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://give.salvationarmytexas.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
via: 1.1 f6f860dfc55b1909ca7a53c7e5987f4b.cloudfront.net (CloudFront)
x-classypay-version: 1
cf-cache-status: DYNAMIC
x-amz-cf-pop: MXP64-C3
x-cache: Miss from cloudfront
x-classypay-requestid: e7d50f7a-246d-49d2-b07b-519333a87c01
content-encoding: br
vary: Accept-Encoding
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 6c5e62367b02374e-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-amz-cf-id: hpq-akhee2HeiHl3sEY9g0p521WEZM5lhlGwibRkTFdIl8SEu2VhjA==

GET
H3 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v7/ 28 KB
28 KB 23ms
9ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v7/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

056a25fd3493379aba428c8c679b68a841060e54b9bab8c65361a573ba2305ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.salvationarmytexas.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:08:40 GMT
x-content-type-options: nosniff
age: 167056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29144
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:05:42 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 23:08:40 GMT

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v7/ 27 KB
27 KB 29ms
14ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v7/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.salvationarmytexas.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 04:15:12 GMT
x-content-type-options: nosniff
age: 235064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27420
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:05:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 04:15:12 GMT

GET
H3 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v7/ 27 KB
27 KB 27ms
13ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v7/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.salvationarmytexas.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 04:15:12 GMT
x-content-type-options: nosniff
age: 235064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27420
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:05:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 04:15:12 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 40ms
20ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-51388709-1&cid=1659302148.1640899976&jid=592470348&gjid=1312500164&_gid=1394818032.1640899976&_u=aGDACEABBAAAAC~&z=1867102369

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.salvationarmytexas.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 30 Dec 2021 21:32:56 GMT
content-type: text/plain
access-control-allow-origin: https://give.salvationarmytexas.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframeResizer-6bb8ec1b02.js Show response
give.salvationarmytexas.org/sso/ssobuild/js/ 22 KB
7 KB 42ms
41ms XHR
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmytexas.org/sso/ssobuild/js/iframeResizer-6bb8ec1b02.js

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb92a1ef1cf264bb8eea72c2931c0792c88263258e00e86de118bdd5f1aae997

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-9576eacae4da2c3e----1640899976726
traceparent: 00-feef1ed4bfa000d22049c909f68ab450-9576eacae4da2c3e-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI5NTc2ZWFjYWU0ZGEyYzNlIiwidHIiOiJmZWVmMWVkNGJmYTAwMGQyMjA0OWM5MDlmNjhhYjQ1MCIsInRpIjoxNjQwODk5OTc2NzI2fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://give.salvationarmytexas.org/give/178322/
X-Requested-With: XMLHttpRequest

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 792019
cf-polished: origSize=35133
cf-bgj: minify
last-modified: Mon, 22 Nov 2021 20:03:54 GMT
server: cloudflare
etag: W/"619bf7aa-893d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 6c5e62369a77dfcb-FRA
expires: Wed, 21 Dec 2022 17:32:36 GMT

GET
H2 200 ebAttribution.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 24 KB
8 KB 185ms
116ms Script
application/javascript 2.16.186.35
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebAttribution.js
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.35 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-35.deploy.static.akamaitechnologies.com
Software: / ARR/2.5
Resource Hash: 3cd2f326065eedd60b29e63d161978f2fa59968abc0d22c0e72ae0ae81ecd7a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 11:46:06 GMT
server
x-powered-by: ARR/2.5
etag: "0d3b7fc9e3d41:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=631
accept-ranges: bytes
content-length: 7864

GET
H2 200 5710159.js Show response
bat.bing.com/p/action/ 683 B
699 B 347ms
347ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5710159.js
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6b13e5a94e25dfd583992e8474389a43928e71d2e65cb89204efe679447cd108

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B65D5B2A69BC475DB84D5A85E85A3C4F Ref B: FRAEDGE1416 Ref C: 2021-12-30T21:32:56Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 587

GET
H2 204 0
bat.bing.com/action/ 0
150 B 32ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5710159&Ver=2&mid=ad126aaa-5525-4f8c-b054-2dfe7e2f4ef3&sid=0dc5109069b811ec9bbd3b1b796223c9&vid=0dc54aa069b811ecaac28d907ce07f85&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20to%20The%20Salvation%20Army&p=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url%26c_src%3D22ddjmadmtdtdgdurl%26c_src2%3Dtsm_22_direct_mail_cultivation_url&r=&lt=1704&evt=pageLoad&msclkid=N&sv=1&rn=593818
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D0F9543FB2514F06A64C75ECBAAFF750 Ref B: FRAEDGE1416 Ref C: 2021-12-30T21:32:56Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5715322.js Show response
bat.bing.com/p/action/ 681 B
756 B 233ms
232ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5715322.js
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: efb1bb3e45585ec07348a26d163e52204bd26b3069c94af87082ad4bb7471ddc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 32366FC0DC504849867D212A60A4DD69 Ref B: FRAEDGE1416 Ref C: 2021-12-30T21:32:56Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 583

GET
H2 204 0
bat.bing.com/action/ 0
96 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5715322&Ver=2&mid=152ff458-32cf-48a2-9eef-c0253361d216&sid=0dc5109069b811ec9bbd3b1b796223c9&vid=0dc54aa069b811ecaac28d907ce07f85&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20to%20The%20Salvation%20Army&p=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url%26c_src%3D22ddjmadmtdtdgdurl%26c_src2%3Dtsm_22_direct_mail_cultivation_url&r=&lt=1704&evt=pageLoad&msclkid=N&sv=1&rn=277274
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B9368DF7EA93448C89B6FB7DF14FE1BB Ref B: FRAEDGE1416 Ref C: 2021-12-30T21:32:56Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
676 B 151ms
117ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nvb33&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=2b0afc31-f853-4ef8-923d-e74239e9470d&tw_document_href=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url%26c_src%3D22ddjmadmtdtdgdurl%26c_src2%3Dtsm_22_direct_mail_cultivation_url&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 110
pragma: no-cache
last-modified: Thu, 30 Dec 2021 21:32:56 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: f558f38a507a6cf529b99151e1093af2b84d783301472c4f054b0b2b5e6a7567
x-transaction: 5855214140079e62
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
471 B 140ms
117ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nvb33&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=2b0afc31-f853-4ef8-923d-e74239e9470d&tw_document_href=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url%26c_src%3D22ddjmadmtdtdgdurl%26c_src2%3Dtsm_22_direct_mail_cultivation_url

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 110
pragma: no-cache
last-modified: Thu, 30 Dec 2021 21:32:56 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 7bff25f0fc46dc36941f30d55069a5d2716698182eef3419f401c5cbd4cef8fb
x-transaction: 64a007377476c0b2
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 60ms
36ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51388709-1&cid=1659302148.1640899976&jid=592470348&_u=aGDACEABBAAAAC~&z=794410780

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 55ms
31ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51388709-1&cid=1659302148.1640899976&jid=592470348&_u=aGDACEABBAAAAC~&z=794410780

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
237 B 139ms
120ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=l54yg&tw_sale_amount=undefined&tw_order_quantity=undefined&tw_iframe_status=0&event_id=f989b61d-1b74-4fef-9311-9cb986cc8eb7&tw_document_href=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url%26c_src%3D22ddjmadmtdtdgdurl%26c_src2%3Dtsm_22_direct_mail_cultivation_url&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 113
pragma: no-cache
last-modified: Thu, 30 Dec 2021 21:32:56 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: f558f38a507a6cf529b99151e1093af2b84d783301472c4f054b0b2b5e6a7567
x-transaction: 7dc50227f2fdb454
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
124 B 129ms
122ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=l54yg&tw_sale_amount=undefined&tw_order_quantity=undefined&tw_iframe_status=0&event_id=f989b61d-1b74-4fef-9311-9cb986cc8eb7&tw_document_href=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url%26c_src%3D22ddjmadmtdtdgdurl%26c_src2%3Dtsm_22_direct_mail_cultivation_url

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 113
pragma: no-cache
last-modified: Thu, 30 Dec 2021 21:32:56 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 7bff25f0fc46dc36941f30d55069a5d2716698182eef3419f401c5cbd4cef8fb
x-transaction: 19438bf9767fe5b7
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 41ms
18ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Dec 2021 21:32:56 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-590768768&l=dataLayer&cx=c

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e74db74e73475f4c9135e2f849e08d4e91468dba75103532c38455ef83d55c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39622
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 30 Dec 2021 21:32:56 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-590708955&l=dataLayer&cx=c

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d2c02fcc31f8a45db99e522307414cbed3c81c88287dd1b953abb3f6795afd04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39580
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 30 Dec 2021 21:32:56 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 2A27 0
121 B 217ms
178ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
x-envoy-upstream-service-time: 15
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

POST
H2 200 csp-report
q.stripe.com/ Frame 2A27 0
121 B 223ms
184ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
x-envoy-upstream-service-time: 20
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
237 B 130ms
129ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nvb33&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=c9176f0c-9846-4592-8520-73a8f47308e5&tw_document_href=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url%26c_src%3D22ddjmadmtdtdgdurl%26c_src2%3Dtsm_22_direct_mail_cultivation_url&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 123
pragma: no-cache
last-modified: Thu, 30 Dec 2021 21:32:56 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: f558f38a507a6cf529b99151e1093af2b84d783301472c4f054b0b2b5e6a7567
x-transaction: 1bae88c78881b372
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
124 B 124ms
123ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nvb33&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=c9176f0c-9846-4592-8520-73a8f47308e5&tw_document_href=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url%26c_src%3D22ddjmadmtdtdgdurl%26c_src2%3Dtsm_22_direct_mail_cultivation_url

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 115
pragma: no-cache
last-modified: Thu, 30 Dec 2021 21:32:56 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 7bff25f0fc46dc36941f30d55069a5d2716698182eef3419f401c5cbd4cef8fb
x-transaction: 844c6083882501be
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK dest5.html Show response
thesalvationarmy.demdex.net/ Frame 24D3 7 KB
3 KB 137ms
36ms Document
text/html 34.255.232.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thesalvationarmy.demdex.net/dest5.html?d_nsid=0

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.255.232.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-255-232-227.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Thu, 30 Dec 2021 21:32:56 GMT
DCS: dcs-prod-irl1-2-v026-0443902af.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 20 Dec 2021 14:26:35 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: ucGyEIRGQIg=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
thesalvationarmy.sc.omtrdc.net/ 2 B
325 B 59ms
17ms XHR
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thesalvationarmy.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=20A0289659302A7E0A495D28%40AdobeOrg&mid=61425021667277686502393509210202494883&ts=1640899976815

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.salvationarmytexas.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-675dccd488-hk486
vary: Origin
x-c: main-1548.I52ef9e.M0-537
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://give.salvationarmytexas.org
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
lasteventf-tm.everesttech.net/ 0
215 B 74ms
16ms XHR
text/plain 151.101.194.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lasteventf-tm.everesttech.net/?_les_imsOrgId=20A0289659302A7E0A495D28@AdobeOrg&_les_sdid=5C0E07AD78AF602D-096E2114BD1A4A7F&_les_last_search_click=&_les_rsid=tsa.global&_les_mid=61425021667277686502393509210202494883&_les_url=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url%26c_src%3D22ddjmadmtdtdgdurl%26c_src2%3Dtsm_22_direct_mail_cultivation_url
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1640899977.882296,VS0,VE0
x-cache: MISS
content-type: text/plain
access-control-allow-origin: https://give.salvationarmytexas.org
access-control-allow-credentials: true
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-cdg20743-CDG

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Yc4liAAAAEiwoQP7
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=61942373548019733752449857941414847894
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yc4liAAAAEiwoQP7

42 B
945 B

34ms
33ms

Image
image/gif

54.194.185.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yc4liAAAAEiwoQP7

Protocol

HTTP/1.1

Server

54.194.185.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-185-111.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v026-014236da7.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: kVqtnTnvRU8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yc4liAAAAEiwoQP7
Date: Thu, 30 Dec 2021 21:32:56 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 status Show response
give.salvationarmytexas.org/sso/ 89 B
1 KB 423ms
423ms XHR
application/javascript 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmytexas.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery33105004143926322202_1640899976724&_=1640899976725

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.40

Resource Hash

bb8e0c31830c9c1376805a44608d4f1c29eeb589c9e1ce32c117f17c0b89c1ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-28e47254871bf487----1640899976821
traceparent: 00-429bdb1a74772b4a186f23b457f9ab00-28e47254871bf487-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIyOGU0NzI1NDg3MWJmNDg3IiwidHIiOiI0MjliZGIxYTc0NzcyYjRhMTg2ZjIzYjQ1N2Y5YWIwMCIsInRpIjoxNjQwODk5OTc2ODIxfX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://give.salvationarmytexas.org/give/178322/
X-Requested-With: XMLHttpRequest

Response headers

cf-ray: 6c5e62372b7edfcb-FRA
date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
p3p: CP="Classy does not have a P3P policy."
cache-control: no-cache
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 out-4.5.41.js Show response
m.stripe.network/ Frame 2A27 85 KB
14 KB 22ms
22ms Script
text/javascript 2600:9000:2190:fe00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.41.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:fe00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 290
x-cache: Hit from cloudfront
date: Thu, 30 Dec 2021 21:28:07 GMT
last-modified: Thu, 04 Nov 2021 19:04:57 GMT
server: Cloudfront
etag: W/"2db385faf28cf5f9393cf01a0a1edfa2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: -wMV9oHPVsl3JF664MoYwq0noHsgL8j9ISGjuOmLImomthmHFv9A_Q==

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 6A7C 232 B
447 B 141ms
118ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=e4dbb94b69dd58057505ceb61947b1405141b025

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fgive.salvationarmytexas.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-response-time: 111
date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: gzip
last-modified: Thu, 30 Dec 2021 21:32:56 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: ce1646395a4581e78000ed5a609770182a1c724ca58196c966782bb50852b19e
content-length: 166

GET
H2 200 controller-1b1531c8ff86057e4aab7c9e8884087a.html Show response
js.stripe.com/v3/ Frame F47E 349 B
1 KB 22ms
22ms Document
text/html 13.224.96.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-1b1531c8ff86057e4aab7c9e8884087a.html

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-111.zrh50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ae3d8508c28bb1a26931abf0b66770f3c7a45b736a8928e1a051ed1236796ade

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/

Response headers

content-type: text/html; charset=utf-8
content-length: 349
last-modified: Thu, 23 Dec 2021 18:49:59 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Thu, 30 Dec 2021 21:32:29 GMT
cache-control: max-age=60
etag: "1b1531c8ff86057e4aab7c9e8884087a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: WjKEZA7FZCPTz46-K9bvkJu7fa45VUI6ZMM_6sMR3uKBTqNNjxGPnQ==
age: 35

GET
H2 200 payment-request-inner-google-pay-557f2c10b626a503f1b6663b874551da.html Show response
js.stripe.com/v3/ Frame 789E 434 B
1 KB 24ms
24ms Document
text/html 13.224.96.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-557f2c10b626a503f1b6663b874551da.html

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-111.zrh50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

0831ee48c74252fdd5eae0ece89c5bbad4889f36c5ceb1dddacbd1e08da7fcbd

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/

Response headers

content-type: text/html; charset=utf-8
content-length: 434
last-modified: Thu, 23 Dec 2021 18:50:06 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: default-src 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Thu, 30 Dec 2021 21:32:56 GMT
cache-control: max-age=60
etag: "557f2c10b626a503f1b6663b874551da"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: S6Qcsl1Vt_hVgt22JYoVLWdsL8xgmG8OCHTT4vIdf_AdsUybGqUyPQ==

GET
H2 200 payment-request-inner-browser-1468014e862144cd57bbff075eeabffb.html Show response
js.stripe.com/v3/ Frame E202 370 B
1 KB 22ms
21ms Document
text/html 13.224.96.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-1468014e862144cd57bbff075eeabffb.html

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-111.zrh50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

4b63d593c386cc5569a58eee7bd1782c8e5b70504d9119e8452d16f00743eb2e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/

Response headers

content-type: text/html; charset=utf-8
content-length: 370
last-modified: Thu, 23 Dec 2021 18:49:59 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Thu, 30 Dec 2021 21:32:56 GMT
cache-control: max-age=60
etag: "1468014e862144cd57bbff075eeabffb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: PEPn5Bezv55bskPSiXi6buHGLEMUqzo_S16nGA5dW2eCo0yzb79OzQ==

GET
H2 200 payment-request-inner-google-pay-557f2c10b626a503f1b6663b874551da.html Show response
js.stripe.com/v3/ Frame 2FF9 434 B
1 KB 14ms
14ms Document
text/html 13.224.96.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-557f2c10b626a503f1b6663b874551da.html

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-111.zrh50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

0831ee48c74252fdd5eae0ece89c5bbad4889f36c5ceb1dddacbd1e08da7fcbd

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/

Response headers

content-type: text/html; charset=utf-8
content-length: 434
last-modified: Thu, 23 Dec 2021 18:50:06 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: default-src 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self' 'unsafe-inline'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Thu, 30 Dec 2021 21:32:56 GMT
cache-control: max-age=60
etag: "557f2c10b626a503f1b6663b874551da"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: SVGw8FoTKSlBLkkRQpxinDYuyR0pxfp65tPICholEJxKTexL5PlNeA==

GET
H2 200 payment-request-inner-browser-1468014e862144cd57bbff075eeabffb.html Show response
js.stripe.com/v3/ Frame 17D8 370 B
1 KB 20ms
20ms Document
text/html 13.224.96.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-1468014e862144cd57bbff075eeabffb.html

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-111.zrh50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

4b63d593c386cc5569a58eee7bd1782c8e5b70504d9119e8452d16f00743eb2e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/

Response headers

content-type: text/html; charset=utf-8
content-length: 370
last-modified: Thu, 23 Dec 2021 18:49:59 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Thu, 30 Dec 2021 21:32:56 GMT
cache-control: max-age=60
etag: "1468014e862144cd57bbff075eeabffb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: d-gZlXgj5xpeCvPH1r75_cZ_lTnqQV8fNMnowZH1koZ9urg4K-Fz2g==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/590768768/ 2 KB
1 KB 45ms
19ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/590768768/?random=1640899976975&cv=9&fst=1640899976975&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F&tiba=Donate%20to%20The%20Salvation%20Army&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e469ec481eff7f4a53c6caf3866bb67ffa2ab57f66f646ec9a93972f7001dbb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1047
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/827406829/ 2 KB
1 KB 44ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/827406829/?random=1640899976978&cv=9&fst=1640899976978&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F&tiba=Donate%20to%20The%20Salvation%20Army&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa521ac1f42dfd255ce58c82990f9e78aff6bbaecb4df58d5952753c5ce9b03c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1046
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/590708955/ 2 KB
2 KB 42ms
19ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/590708955/?random=1640899976979&cv=9&fst=1640899976979&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F&tiba=Donate%20to%20The%20Salvation%20Army&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56ec02398730c0f6b9c60827fee5d2e8db7d1bc708bce0e15e4ee401e792ec19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1045
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame F47E 0
347 B 183ms
183ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 23
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 789E 0
346 B 160ms
160ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 2
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame E202 0
347 B 178ms
178ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 19
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 2FF9 0
346 B 165ms
165ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 5
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 17D8 0
346 B 168ms
168ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 9
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame 2A27 156 B
522 B 503ms
174ms XHR
application/json 34.211.243.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.211.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-211-243-235.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

9f6aefc546bc055437c70d219882f74aebc45297cb9e90ba462f2726e5e60825

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 EBUidCache.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/UserProviders_1_19_0_0/ 2 KB
999 B 62ms
62ms Script
application/javascript 2.16.186.35
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/UserProviders_1_19_0_0/EBUidCache.js
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.35 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-35.deploy.static.akamaitechnologies.com
Software: / ARR/2.5
Resource Hash: 01f43a3b49eff4e13aaf2812cb11f79bec5a2eaedd56b599e6248d9937c9aba5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 12:32:09 GMT
server
x-powered-by: ARR/2.5
etag: "3f1b65eecfe3d41:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 798
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 shared-0db9372b08d665b96f9fff8d4f629b19.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F47E 200 KB
54 KB 16ms
15ms Script
application/javascript 13.224.96.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-1b1531c8ff86057e4aab7c9e8884087a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-111.zrh50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

955028a8c425cedda76a051d6127bcc38f94383ef7d8f3b26574ed2e631d392c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-1b1531c8ff86057e4aab7c9e8884087a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 45
x-cache: Hit from cloudfront
date: Thu, 30 Dec 2021 21:32:23 GMT
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified: Thu, 23 Dec 2021 18:50:00 GMT
server: Cloudfront
etag: W/"2d73cb576cf18fcbd8d6a399754f81fe"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: elk-2qp0vlQ69XWA3_c6wkkqWdK8kq5ZAxdtxRbTVfhYNFZzD497pw==

GET
H2 200 controller-93f4e45b6696d1d7eade27ae00b59943.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F47E 309 KB
85 KB 23ms
20ms Script
application/javascript 13.224.96.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-93f4e45b6696d1d7eade27ae00b59943.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-1b1531c8ff86057e4aab7c9e8884087a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-111.zrh50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

20879a2c04ef933db4f7a4bcaf4c7d4badd769dbec38648490469d1f10e64cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-1b1531c8ff86057e4aab7c9e8884087a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 27
x-cache: Hit from cloudfront
date: Thu, 30 Dec 2021 21:32:31 GMT
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified: Thu, 23 Dec 2021 18:49:59 GMT
server: Cloudfront
etag: W/"d1f5a8fb3b179b296e333c9b9eddeaa4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: 3rCedVkj1dCP-5BFMKIXIbxYHCKC0gN6X6ThYSCbiNR0dBl_ZB3rrg==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 789E 95 KB
31 KB 126ms
69ms Script
application/javascript 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-557f2c10b626a503f1b6663b874551da.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

658d3728e3878a01e5a054d6ba34ca6c574e7320933b9b9d46ad370465b8cca7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Xquq8tBT75jgxjEO+Vl6HQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-Xquq8tBT75jgxjEO+Vl6HQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private, max-age=600
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-Xquq8tBT75jgxjEO+Vl6HQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-Xquq8tBT75jgxjEO+Vl6HQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 30 Dec 2021 21:32:57 GMT

GET
H2 200 shared-0db9372b08d665b96f9fff8d4f629b19.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 789E 200 KB
54 KB 28ms
25ms Script
application/javascript 13.224.96.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-557f2c10b626a503f1b6663b874551da.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-111.zrh50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

955028a8c425cedda76a051d6127bcc38f94383ef7d8f3b26574ed2e631d392c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-557f2c10b626a503f1b6663b874551da.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 45
x-cache: Hit from cloudfront
date: Thu, 30 Dec 2021 21:32:23 GMT
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified: Thu, 23 Dec 2021 18:50:00 GMT
server: Cloudfront
etag: W/"2d73cb576cf18fcbd8d6a399754f81fe"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: 3xcMdA5MNdn_QEYJm9MLFJAT159bsPsgxglx9-cj2Gcse_77yQpLYQ==

GET
H2 200 payment-request-inner-google-pay-5e4d60562b5a43e82129bd9dc1d51f29.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 789E 13 KB
5 KB 42ms
39ms Script
application/javascript 13.224.96.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-5e4d60562b5a43e82129bd9dc1d51f29.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-557f2c10b626a503f1b6663b874551da.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-111.zrh50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

8e22c684d8b031221db2f968b426fb0368db55bef2f43247c87657487aaa33b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-557f2c10b626a503f1b6663b874551da.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZRH50-C1
x-cache: Hit from cloudfront
date: Thu, 30 Dec 2021 21:32:57 GMT
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified: Thu, 23 Dec 2021 18:49:59 GMT
server: Cloudfront
etag: W/"cf777bd1b94f0e5e2f01781b2b3c954d"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: zi5v69GTblty0pHWznaiXHTen2GX_SX4cyCQweDCYZYOcnpQRfzyyw==

GET
H2 200 shared-0db9372b08d665b96f9fff8d4f629b19.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E202 200 KB
54 KB 32ms
29ms Script
application/javascript 13.224.96.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-1468014e862144cd57bbff075eeabffb.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-111.zrh50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

955028a8c425cedda76a051d6127bcc38f94383ef7d8f3b26574ed2e631d392c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-1468014e862144cd57bbff075eeabffb.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 45
x-cache: Hit from cloudfront
date: Thu, 30 Dec 2021 21:32:23 GMT
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified: Thu, 23 Dec 2021 18:50:00 GMT
server: Cloudfront
etag: W/"2d73cb576cf18fcbd8d6a399754f81fe"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: Zhn5Ptzvqex61-xeB0WuUC3m2itt4AhWutRZMklsu_o1toFHQDMQ_Q==

GET
H2 200 payment-request-inner-browser-b3a9fcb414bb0b31d8ba6001ba46aac9.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E202 11 KB
5 KB 33ms
29ms Script
application/javascript 13.224.96.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-b3a9fcb414bb0b31d8ba6001ba46aac9.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-1468014e862144cd57bbff075eeabffb.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-111.zrh50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

aabde97e35c9b8428904152a68b7b7af57eb1bf960472f2fd0a2ef9f56259aeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-1468014e862144cd57bbff075eeabffb.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZRH50-C1
x-cache: Hit from cloudfront
date: Thu, 30 Dec 2021 21:32:57 GMT
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified: Thu, 23 Dec 2021 18:50:00 GMT
server: Cloudfront
etag: W/"3bcda9584f7763c99fab824e6e12661f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: vG6vamyTJlEW1cJmPayKwnt6OaSgIcksu1hF15FbAndcNSxyz0btpw==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 2FF9 95 KB
30 KB 181ms
126ms Script
application/javascript 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-557f2c10b626a503f1b6663b874551da.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

658d3728e3878a01e5a054d6ba34ca6c574e7320933b9b9d46ad370465b8cca7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-k3r9+3ACaTUl1ci6Tvxb6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-k3r9+3ACaTUl1ci6Tvxb6A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private, max-age=600
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-k3r9+3ACaTUl1ci6Tvxb6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-k3r9+3ACaTUl1ci6Tvxb6A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 30 Dec 2021 21:32:57 GMT

GET
H2 200 shared-0db9372b08d665b96f9fff8d4f629b19.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2FF9 200 KB
54 KB 33ms
29ms Script
application/javascript 13.224.96.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-557f2c10b626a503f1b6663b874551da.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-111.zrh50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

955028a8c425cedda76a051d6127bcc38f94383ef7d8f3b26574ed2e631d392c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-557f2c10b626a503f1b6663b874551da.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 45
x-cache: Hit from cloudfront
date: Thu, 30 Dec 2021 21:32:23 GMT
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified: Thu, 23 Dec 2021 18:50:00 GMT
server: Cloudfront
etag: W/"2d73cb576cf18fcbd8d6a399754f81fe"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: 7XSqD92ZrQQlOudQ1ab5szbNVFVAtp-EPeV85klm5uX5VmlZL3BVbw==

GET
H2 200 payment-request-inner-google-pay-5e4d60562b5a43e82129bd9dc1d51f29.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2FF9 13 KB
5 KB 41ms
38ms Script
application/javascript 13.224.96.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-5e4d60562b5a43e82129bd9dc1d51f29.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-557f2c10b626a503f1b6663b874551da.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-111.zrh50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

8e22c684d8b031221db2f968b426fb0368db55bef2f43247c87657487aaa33b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-557f2c10b626a503f1b6663b874551da.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZRH50-C1
x-cache: Hit from cloudfront
date: Thu, 30 Dec 2021 21:32:57 GMT
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified: Thu, 23 Dec 2021 18:49:59 GMT
server: Cloudfront
etag: W/"cf777bd1b94f0e5e2f01781b2b3c954d"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: fcNlISF3-m6ffmwWsjwuh-7l7dms90Pz3C78wHWV-eUw6_UYUQ_JXA==

GET
H2 200 shared-0db9372b08d665b96f9fff8d4f629b19.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 17D8 200 KB
54 KB 33ms
31ms Script
application/javascript 13.224.96.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-1468014e862144cd57bbff075eeabffb.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-111.zrh50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

955028a8c425cedda76a051d6127bcc38f94383ef7d8f3b26574ed2e631d392c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-1468014e862144cd57bbff075eeabffb.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 45
x-cache: Hit from cloudfront
date: Thu, 30 Dec 2021 21:32:23 GMT
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified: Thu, 23 Dec 2021 18:50:00 GMT
server: Cloudfront
etag: W/"2d73cb576cf18fcbd8d6a399754f81fe"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: lv4IzurgY7P5cVbF5Ab82l14zMDgGOB7-irK_Nvizlc_Ts1dJBFibA==

GET
H2 200 payment-request-inner-browser-b3a9fcb414bb0b31d8ba6001ba46aac9.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 17D8 11 KB
5 KB 34ms
32ms Script
application/javascript 13.224.96.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-b3a9fcb414bb0b31d8ba6001ba46aac9.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-1468014e862144cd57bbff075eeabffb.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-111.zrh50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

aabde97e35c9b8428904152a68b7b7af57eb1bf960472f2fd0a2ef9f56259aeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-1468014e862144cd57bbff075eeabffb.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZRH50-C1
x-cache: Hit from cloudfront
date: Thu, 30 Dec 2021 21:32:57 GMT
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
last-modified: Thu, 23 Dec 2021 18:50:00 GMT
server: Cloudfront
etag: W/"3bcda9584f7763c99fab824e6e12661f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: kK95kazFH6E7-L-7bak5OTiIOqGFGNKLlNjTAfNiYdnd_uIZDLsN_g==

GET
H2 200 clarity.js Show response
g.clarity.ms/s/0.6.31/ 52 KB
23 KB 406ms
123ms Script
application/javascript 52.182.214.99
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.clarity.ms/s/0.6.31/clarity.js
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.214.99 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: br
etag: "1d7f3ace6a16300"
last-modified: Sat, 18 Dec 2021 01:16:36 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=6E0D743F2AD14A0D94803ACE3F9B99BB&RedC=c.clarity.ms&MXFR=3B78F3DC21AA60B2227AE2C125AA6E08
https://c.clarity.ms/c.gif?CtsSyncId=6E0D743F2AD14A0D94803ACE3F9B99BB&MUID=07138A1744F665E82E949B0A459D6465

42 B
368 B

28ms
28ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=6E0D743F2AD14A0D94803ACE3F9B99BB&MUID=07138A1744F665E82E949B0A459D6465
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:56 GMT
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "f95a3e4769d2d71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:56 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FD545FEFAE86493CBD81966E22F14F8A Ref B: FRAEDGE1416 Ref C: 2021-12-30T21:32:57Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=6E0D743F2AD14A0D94803ACE3F9B99BB&MUID=07138A1744F665E82E949B0A459D6465
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/590768768/ 42 B
64 B 40ms
20ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/590768768/?random=1640899976975&cv=9&fst=1640898000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F&tiba=Donate%20to%20The%20Salvation%20Army&async=1&fmt=3&is_vtc=1&random=3045855036&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/590768768/ 42 B
64 B 41ms
21ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/590768768/?random=1640899976975&cv=9&fst=1640898000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F&tiba=Donate%20to%20The%20Salvation%20Army&async=1&fmt=3&is_vtc=1&random=3045855036&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/590708955/ 42 B
64 B 31ms
21ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/590708955/?random=1640899976979&cv=9&fst=1640898000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F&tiba=Donate%20to%20The%20Salvation%20Army&async=1&fmt=3&is_vtc=1&random=1845582233&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/590708955/ 42 B
64 B 32ms
21ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/590708955/?random=1640899976979&cv=9&fst=1640898000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F&tiba=Donate%20to%20The%20Salvation%20Army&async=1&fmt=3&is_vtc=1&random=1845582233&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/827406829/ 42 B
64 B 33ms
23ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/827406829/?random=1640899976978&cv=9&fst=1640898000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F&tiba=Donate%20to%20The%20Salvation%20Army&async=1&fmt=3&is_vtc=1&random=1253284922&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/827406829/ 42 B
64 B 31ms
22ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/827406829/?random=1640899976978&cv=9&fst=1640898000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F&tiba=Donate%20to%20The%20Salvation%20Army&async=1&fmt=3&is_vtc=1&random=1253284922&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=736156212&t=timing&_s=6&dl=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F%23utm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Salvation%20Army&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TT%3A%20fully%20loaded&utv=fresh&utl=1640899976224&utt=2963&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1659302148.1640899976&tid=UA-3837893-1&_gid=1394818032.1640899976&cd1=50874&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=178322&cd6=campaign&cd11=recurring%20optimization&z=13494201

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 14:25:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25621
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=4452616395914293441
dpm.demdex.net/ Frame 24D3
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=4452616395914293441

42 B
945 B

33ms
32ms

Image
image/gif

54.194.185.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=4452616395914293441

Protocol

HTTP/1.1

Server

54.194.185.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-185-111.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v026-080649d86.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: M8l0bzcKTLs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=4452616395914293441
pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

POST
H2 200 0 Show response
r.stripe.com/ Frame F47E 0
127 B 167ms
160ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 30 Dec 2021 21:32:57 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame F47E 0
127 B 184ms
184ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 30 Dec 2021 21:32:57 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame F47E 0
127 B 185ms
185ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 30 Dec 2021 21:32:57 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame F47E 0
127 B 184ms
183ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 30 Dec 2021 21:32:57 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame F47E 0
127 B 184ms
184ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 30 Dec 2021 21:32:57 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame F47E 0
127 B 183ms
183ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 30 Dec 2021 21:32:57 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame F47E 0
127 B 184ms
184ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 30 Dec 2021 21:32:57 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame F47E 0
127 B 183ms
183ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 30 Dec 2021 21:32:57 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame F47E 0
127 B 183ms
183ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 30 Dec 2021 21:32:57 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame F47E 0
127 B 182ms
182ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 30 Dec 2021 21:32:57 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame F47E 0
127 B 182ms
182ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 30 Dec 2021 21:32:57 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame F47E 0
127 B 182ms
182ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 30 Dec 2021 21:32:57 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame F47E 0
127 B 187ms
187ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 30 Dec 2021 21:32:57 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame F47E 0
127 B 186ms
185ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 30 Dec 2021 21:32:57 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame F47E 0
127 B 182ms
182ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 30 Dec 2021 21:32:57 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 Serving Show response
bs.serving-sys.com/ 497 B
494 B 9ms
9ms Script
application/x-javascript 18.193.171.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?EBUI.js&cn=cu
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.171.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-171-118.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 929b6ddafea02933ff93bd101abff6909e9371cbd7fc052025ec78357e6b4d15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
etag: "a6985b37c65dcd1:0"
last-modified: Thu, 30 Dec 2021 21:32:00 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin: *
cache-control: private, max-age=3600
content-type: application/x-javascript
content-length: 228

GET
H2 200 Serving Show response
bs.serving-sys.com/ 1 KB
1 KB 12ms
11ms Script
text/html 18.193.171.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?secCall=1&sessionid=6547205171539992793&cn=as&ActivityID=550371&rnd=501311.18318973813&UniqueDonorID=undefined&ZipCode=undefined&NewDonor=[NewDonor]&Revenue=undefined&Territory=[Territory]&cuid=186da422-2183-4533-83cc-2386f9839f23
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.171.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-171-118.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b4c78098df84a81f82667de4cca7fb0c6e27ac7956be2cd537658ae9ce37f027

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin: *
cache-control: private
content-type: text/html; charset=UTF-8
content-length: 533
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=1175&gdpr=0&dpuuid=pERWE6BADU-_RlRBqk0YEKAWVEC_TFdCoUGoRooy
dpm.demdex.net/ Frame 24D3
Redirect Chain

https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=pERWE6BADU-_RlRBqk0YEKAWVEC_TFdCoUGoRooy

42 B
945 B

32ms
31ms

Image
image/gif

54.194.185.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=pERWE6BADU-_RlRBqk0YEKAWVEC_TFdCoUGoRooy

Protocol

HTTP/1.1

Server

54.194.185.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-185-111.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v026-092eae008.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: kSajBygrRNs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=pERWE6BADU-_RlRBqk0YEKAWVEC_TFdCoUGoRooy
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 96F0 17 KB
7 KB 95ms
75ms Document
text/html 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

858b5a61deecbd35dba88d0191ea81b53fa60ddc5c3afce0da0853fcec1c796c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bvHX2C+HDelk0cRZfTUdzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-bvHX2C+HDelk0cRZfTUdzw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
expires: Thu, 30 Dec 2021 21:32:57 GMT
date: Thu, 30 Dec 2021 21:32:57 GMT
cache-control: private, max-age=3600
strict-transport-security: max-age=31536000
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
content-security-policy: script-src 'report-sample' 'nonce-bvHX2C+HDelk0cRZfTUdzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-bvHX2C+HDelk0cRZfTUdzw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 34ms
17ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Dec 2021 21:32:57 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
10 KB 32ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:56 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 38D60D726B1143DFB1D8E9BC512B75DF Ref B: FRAEDGE1416 Ref C: 2021-12-30T21:32:57Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

GET
H2 200 ActivityServer.bs Show response
bs.serving-sys.com/Serving/ 1 KB
1 KB 8ms
8ms Script
text/html 18.193.171.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/ActivityServer.bs?cn=as&ActivityID=485783&rnd=855944.8862801227
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.171.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-171-118.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9f14c1e23de364b2b7e9b00404e084b6b04be77a993f5f354b3cab0e585ee00a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin: *
cache-control: no-cache, no-store
content-type: text/html; charset=UTF-8
content-length: 584
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 10ms
8ms Script
application/javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Thu, 06 Jan 2022 21:32:57 GMT

GET
H2 200 xyz.js Show response
getrockerbox.com/assets/ 45 KB
10 KB 204ms
128ms Script
application/javascript 172.67.177.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getrockerbox.com/assets/xyz.js
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.177.215 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a8b42be2df7b31e11b442a965f4ee259ffac45e2643d39f47faedc219589fc5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7DNuqx4bxqdNm7p1sHEXARtegPV9E74l7fHC4m3BfAvJi7uSDMvD9kHKqa9nLTpjwXdfKSOOWSKKm7RJfzMvoENn0z0hdiI5i3hXFmjbpZ7SUXfAcru2kc90XhLYidKkS3H"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 6c5e623aaa3d7168-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK st.v3.js Show response
www.everestjs.net/static/ 91 KB
29 KB 13ms
13ms Script
text/javascript 104.94.241.182
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.everestjs.net/static/st.v3.js
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.94.241.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-241-182.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a7b2e960f7628e2b6d292e1e5e51cedf3243dab1c9d7cafb9897ba05c8185ce4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Last-Modified: Thu, 24 Jun 2021 13:55:47 GMT
Server: AmazonS3
x-amz-request-id: FC0RYDNW64YHRAYM
ETag: "9a2486101572abfab95503fa8e906001"
Vary: Accept-Encoding
Content-Type: text/javascript
Date: Thu, 30 Dec 2021 21:32:57 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28890
x-amz-id-2: UDIYtkbRYX7hUzBf0BdTpBXP4mBUV9aHXfFSH17wex8N8sxTDN2+7mnLx9mwIXG/dVXx1sk33f0=

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: mARD3Qx9DXO5JNFpcfXvE6spsqmIwo6MD/V4sk52o3Ayia2XDmKlpSuANekFNfsJVeuxi1Y7oUI+EU5bU166Ow==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 30 Dec 2021 21:32:57 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-934932873

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d448e38f86b7d6e3c94564f8435891fe52875eca91dde519e9db40d290e2765

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39623
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 30 Dec 2021 21:32:57 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 66ms
17ms Script
application/javascript 2a04:4e42:400::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 04686da390f8eec3ccd75869fa71e22cad452cfcff6ffa31c979f599d64831d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Wed, 03 Nov 2021 15:08:58 GMT
server: snooserv
etag: "3fbf36d562f1d2a543a89683060265ed"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-encoding: gzip
content-length: 7632

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 54ms
18ms Script
application/javascript 2001:4de0:ac18::1:a:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
etag: W/"5a637bd4-1538f"
vary: Accept-Encoding
x-hw: 1640899977.dop023.ml1.t,1640899977.cds206.ml1.hn,1640899977.cds213.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H/1.1 200
OK 44762 Show response
cdn.bttrack.com/universal/ 2 KB
2 KB 236ms
186ms Script
application/javascript 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bttrack.com/universal/44762
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: a2e89bdf0c5c96e3dec1fe48020675ac94588833f2f846b218be0cd940399d99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 21:32:57 GMT
Cache-Control: max-age=900
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2131
X-HW: 1640899977.dop132.fr8.t,1640899977.cds144.fr8.shn,1640899977.dop132.fr8.t,1640899977.cds167.fr8.p
Content-Type: application/javascript; charset=utf-8

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=736156212&t=pageview&_s=1&dl=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F%23utm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url&ul=en-us&de=UTF-8&dt=Donate%20to%20The%20Salvation%20Army&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1659302148.1640899976&tid=UA-51388709-1&_gid=1394818032.1640899976&cd3=DONATE%3AUSS&gtm=2wgc10PMXWH57&z=458323339

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 14:25:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25621
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://rtd-tm.everesttech.net/upi/?sid=BI5HN7C1EL5Auw2BCnPp&cs=1&gtmcb=1030360717
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWM0bGlBQUFBRWl3b1FQNw

170 B
502 B

41ms
18ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWM0bGlBQUFBRWl3b1FQNw

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1640899977.312178,VS0,VE81
x-served-by: cache-cdg20743-CDG
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWM0bGlBQUFBRWl3b1FQNw
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2 200 impression
b.videoamp.com/d2/a318dba2-27b2-11ec-bb7e-4189d3b56416/2380/ 42 B
312 B 319ms
108ms Image
image/gif 52.54.23.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.videoamp.com/d2/a318dba2-27b2-11ec-bb7e-4189d3b56416/2380/impression?dnt=false&vpxid=2380&bwb=35&us_privacy=&gtmcb=1603648593
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.23.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-23-204.compute-1.amazonaws.com
Software: Beacon Server /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 30 Dec 2021 21:32:57 GMT
access-control-allow-credentials: true
server: Beacon Server
access-control-allow-headers: Content-Type
content-length: 42
content-type: image/gif

GET
H/1.1 200
OK 1023
bttrack.com/Pixel/Retarget/ 35 B
380 B 381ms
94ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/Pixel/Retarget/1023
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-ServerName: Track001-dc3
Pragma: no-cache
Date: Thu, 30 Dec 2021 21:32:57 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 103ms
30ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=9vus3v7&ct=0:95naoge&fmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 98ms
98ms Image
image/gif 52.204.77.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=7301909825941009&v=5584865395564415&s=4974540066417987&b=web&tv=4.0&sp=ts&sp=1640899976499&sp=d&sp=give.salvationarmytexas.org&sp=h&sp=%2Fgive%2F178322%2F&sp=g&sp=%23!%2Fdonation%2Fcheckout%3Fc_src%3D22ddjmadmtdtdgdurl%26c_src2%3Dtsm_22_direct_mail_cultivation_url%26utm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url&pp=d&pp=give.salvationarmytexas.org&pp=h&pp=%2Fgive%2F178322%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url%26c_src%3D22ddjmadmtdtdgdurl%26c_src2%3Dtsm_22_direct_mail_cultivation_url&pp=t&pp=Donate%20to%20The%20Salvation%20Army&pp=ts&pp=1640899976539&pp=pr&pp=%2Fgive%2F178322%2F&id0=5715705752111597&k0=environment&k0=prod&k0=organization_id&k0=50874&k0=campaign&k0=178322&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=page&k0=%2Fgive%2F178322%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url%26c_src%3D22ddjmadmtdtdgdurl%26c_src2%3Dtsm_22_direct_mail_cultivation_url&k0=title&k0=Donation%20Page&k0=userAgent&k0=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&k0=environment&k0=prod&k0=is_public&k0=true&t0=Page%20View&ts0=1640899977290&st=1640899977290

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.204.77.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-204-77-146.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 15ms
14ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=736156212&t=pageview&_s=1&dl=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F%23utm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url&dp=%2Fgive%2F178322%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url%26c_src%3D22ddjmadmtdtdgdurl%26c_src2%3Dtsm_22_direct_mail_cultivation_url&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAAC~&jid=321832523&gjid=105708162&cid=1659302148.1640899976&tid=UA-22976341-2&_gid=1394818032.1640899976&_r=1&_slc=1&z=2141119957

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.salvationarmytexas.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://give.salvationarmytexas.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=736156212&t=pageview&_s=7&dl=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F%23utm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url&dp=%2Fgive%2F178322%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url%26c_src%3D22ddjmadmtdtdgdurl%26c_src2%3Dtsm_22_direct_mail_cultivation_url&ul=en-us&de=UTF-8&dt=Donation%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAAC~&jid=&gjid=&cid=1659302148.1640899976&tid=UA-3837893-1&_gid=1394818032.1640899976&cd1=50874&cd2=Classy%20Pay&cd3=0&cd4=donation&cd5=178322&cd6=campaign&cd11=recurring%20optimization&z=1407037152

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 14:25:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25621
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-d5N1L76OG6H12.js Show response
rules.quantcount.com/ 4 KB
2 KB 50ms
13ms Script
application/javascript 2600:9000:2190:e200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-d5N1L76OG6H12.js
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:e200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b2cf6a1b18d22607d58a89b74c4f9276b7aacca733871d9f3883cb3fc00a98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:22:51 GMT
content-encoding: gzip
age: 2936
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Mon, 20 Dec 2021 22:57:59 GMT
server: AmazonS3
etag: W/"ad0a0eb15beaf3ff81216f6012459a32"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: iTuUgHCaUSQCfWcbTsy5R5WeY5P0q45n4J2ZTSqM5usVKjU4KL62pg==

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame C01F 17 KB
7 KB 70ms
70ms Document
text/html 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e814c55e20f25a0979856e6a6fbecf5bf35fd425ec2e4e15ed217edda75c89f8

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-LBJqJElT3mTYXeObkFQKeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-LBJqJElT3mTYXeObkFQKeA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
expires: Thu, 30 Dec 2021 21:32:57 GMT
date: Thu, 30 Dec 2021 21:32:57 GMT
cache-control: private, max-age=3600
strict-transport-security: max-age=31536000
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-LBJqJElT3mTYXeObkFQKeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-LBJqJElT3mTYXeObkFQKeA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 20ms
20ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-22976341-2&cid=1659302148.1640899976&jid=321832523&gjid=105708162&_gid=1394818032.1640899976&_u=aGDACEABBAAAAC~&z=829003336

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.salvationarmytexas.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 30 Dec 2021 21:32:57 GMT
content-type: text/plain
access-control-allow-origin: https://give.salvationarmytexas.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 serving
bs.serving-sys.com/ Frame 24D3 0
104 B 9ms
9ms Image
text/plain 18.193.171.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bs.serving-sys.com/serving?cn=um&dpid=1&euuid=61942373548019733752449857941414847894&redir=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.171.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-171-118.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0
p3p: CP="NOI DEVa OUR BUS UNI"

GET
H/1.1

200
OK

pixel_details.html Show response
www.everestjs.net/static/ Frame 4C59
Redirect Chain

https://pixel.everesttech.net/8196/gr?ev_gb=0&url=https%3A%2F%2Fwww.everestjs.net%2Fstatic%2Fpixel_details.html%23google%3D__EFGCK__%26gsurfer%3D__EFGSURFER__%26imsId%3D__EFIMSORGID__%26optout%3D__...
https://www.everestjs.net/static/pixel_details.html

166 B
597 B

7ms
7ms

Document
text/html

104.94.241.182
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.everestjs.net/static/pixel_details.html
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.94.241.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-94-241-182.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 769254457b771e41802cfbc21371888c7b2485ad5baddaacae3b25cd428e428a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/

Response headers

x-amz-id-2: Mt5wTBAhio1GlKXyQLba6LvIew2j3+f7EgfYm7ZPTNFWm6RKyBsrIJWGkx5d8l6kFZPxv6EdhJE=
x-amz-request-id: MGJKB2Q36MQ2W3PX
Last-Modified: Mon, 15 Mar 2021 04:37:06 GMT
ETag: "003ecf27f0c456effed26f884130b077"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: text/html
Server: AmazonS3
Content-Encoding: gzip
Content-Length: 146
Date: Thu, 30 Dec 2021 21:32:57 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Date: Thu, 30 Dec 2021 21:32:57 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 389
Connection: keep-alive
Server: Apache
Cache-Control: no-cache
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
Location: https://www.everestjs.net/static/pixel_details.html#google=Yc4liAAAAEiwoQP7&gsurfer=Yc4liAAAAEiwoQP7&imsId=20A0289659302A7E0A495D28@AdobeOrg&optout=0&throttleCookie=&time=20211230213257

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/980170053/ 2 KB
1 KB 19ms
19ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/980170053/?random=1640899977342&cv=9&fst=1640899977342&num=1&value=0&label=x8c1CMjokmsQxeqw0wM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F&tiba=Donate%20to%20The%20Salvation%20Army&auid=1775999282.1640899977&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

6be052328228391cd496a48ae5fa93e991a6284fb6905cb425d1627fd1aab698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1224
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
980170053.privacysandbox.googleadservices.com/pagead/privacysandbox/conversion/980170053/ 0
0 55ms
18ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://980170053.privacysandbox.googleadservices.com/pagead/privacysandbox/conversion/980170053/?random=1640899977342&cv=9&fst=1640899977342&num=1&fmt=3&value=0&label=x8c1CMjokmsQxeqw0wM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F&tiba=Donate%20to%20The%20Salvation%20Army&auid=1775999282.1640899977&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/827406829/ 2 KB
1 KB 49ms
33ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/827406829/?random=1640899977350&cv=9&fst=1640899977350&num=1&label=pQ-wCLfl3IgBEO3zxIoD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F&tiba=Donate%20to%20The%20Salvation%20Army&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013547decd823e37709d53e7f71d5f447a168e7750e1c1dfcad61bceab0c0974

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1134
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1017306725360359 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 115ms
105ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1017306725360359?v=2.9.48&r=stable

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

81d7b061a008b713a9a3f1b7b7900fcde977eeb9ccec8d17c615f2a0086ca65d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: N4mTM/NZ+zgd0r6DYbtaeTVBgxvwlNv9RLGlUC+gcqRr5qFYYjKlsuQ5Da7Nb2jIS1699GkJR8wC++YuQVi4gQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 30 Dec 2021 21:32:57 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 26ms
26ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Dec 2021 21:32:57 GMT

GET
H2 204 4063368.js Show response
bat.bing.com/p/action/ 0
93 B 201ms
198ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/4063368.js
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 30 Dec 2021 21:32:56 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 67F002CF00524EB7BC6AC5EA486877F8 Ref B: FRAEDGE1416 Ref C: 2021-12-30T21:32:57Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
95 B 38ms
37ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4063368&tm=gtm002&Ver=2&mid=c1183a36-cec1-4300-8836-df79d21d3e26&sid=0dc5109069b811ec9bbd3b1b796223c9&vid=0dc54aa069b811ecaac28d907ce07f85&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20to%20The%20Salvation%20Army&p=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url%26c_src%3D22ddjmadmtdtdgdurl%26c_src2%3Dtsm_22_direct_mail_cultivation_url&r=&lt=1704&evt=pageLoad&msclkid=N&sv=1&rn=667036
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:56 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 07C74A4E430F4F5A9279C129D61A6D4C Ref B: FRAEDGE1416 Ref C: 2021-12-30T21:32:57Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 96F0 2 KB
2 KB 19ms
18ms Other
text/html 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 s51745642002456 Show response
thesalvationarmy.sc.omtrdc.net/b/ss/tsa.global/10/JS-2.20.0/ 3 KB
4 KB 41ms
41ms Script
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thesalvationarmy.sc.omtrdc.net/b/ss/tsa.global/10/JS-2.20.0/s51745642002456?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=30%2F11%2F2021%2021%3A32%3A57%204%200&d.&nsid=0&jsonv=1&.d&sdid=5C0E07AD78AF602D-096E2114BD1A4A7F&mid=61425021667277686502393509210202494883&aamlh=6&ce=UTF-8&pageName=DONATE%3AUSS%7C178322%7CCampaign%20Donate&g=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F%23%21%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url%26c_src%3D22ddjmadmtdtdgdurl%26c_src2%3Dtsm_22_direct_mail_cultivation_url&cc=USD&ch=Donate&events=event5&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F&v1=DONATE%3AUSS%7C178322%7CCampaign%20Donate&c2=give.salvationarmytexas.org&c3=DONATE%3AUSS&v5=The%20Salvation%20Army%3A178322&c6=21&c9=VisitorAPI%20Present&c12=D%3Dmid&c15=donation&c16=D%3Dv31&c18=D%3Dv64&v21=false&v24=tsm-727%3A22ddjmadmtdtdgdurl%3Adirect_mail_cultivation_url%3Anull%3Anull&v30=The%20Salvation%20Army&v33=D%3Dmid&v64=D%3Dg&v66=undefined&v68=50874&v73=22ddjmadmtdtdgdurl%20%7C%20tsm_22_direct_mail_cultivation_url&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=20A0289659302A7E0A495D28%40AdobeOrg&AQE=1

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a7c703739fb97507e8e7ad6c5052cccba73e57f374fd65cb7fa7d58b6be79b93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-aam-tid: bJmNUf0lRbM=
date: Thu, 30 Dec 2021 21:32:57 GMT
x-content-type-options: nosniff
x-c: main-1548.I52ef9e.M0-537
p3p: CP="This is not a P3P policy"
content-length: 3353
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-2-v026-00bfba38b.edge-irl1.demdex.com UNKNOWN
pragma: no-cache
last-modified: Fri, 31 Dec 2021 21:32:57 GMT
server: jag
xserver: anedge-675dccd488-kqjwv
etag: 3523805870031011840-4619475731378049989
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Wed, 29 Dec 2021 21:32:57 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame C01F 2 KB
2 KB 19ms
19ms Other
text/html 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK dap-x1.js Show response
dap-dist.akamaized.net/ 8 KB
8 KB 233ms
34ms Script
application/x-javascript 2a02:26f0:6c00::210:ba10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dap-dist.akamaized.net/dap-x1.js
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d25f83d0f7902281216e314e4c888ce0ee752f5fe59a16fcaacbac13744e5015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 21:32:57 GMT
Last-Modified: Tue, 13 Jul 2021 17:59:58 GMT
Server: AkamaiNetStorage
ETag: "a8c4860980709dc3b2b2bc59c9555044:1626199198.261924"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8348

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
125 B 134ms
107ms Image
image/gif 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1640899977438&id=t2_8x24ctfw&event=PageVisit&m.itemCount=&m.value=&m.currency=&m.transactionId=&m.customEventName=&uuid=98876e86-0bf8-43d0-b490-206ded812eb5&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_5b7866e3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
via: 1.1 varnish
server: Varnish
accept-ranges: bytes
content-length: 42
retry-after: 0
content-type: image/gif

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AM... Frame 96F0 147 KB
52 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8a148e1b9d6521e624ac4a4019a30a1095aaa74e0d45b419d858d6db4ca06f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 18:29:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52724
x-xss-protection: 0
last-modified: Sat, 04 Dec 2021 03:35:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Wed, 28 Dec 2022 18:29:50 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/980170053/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/980170053/?random=1294943914&cv=9&fst=1640899977342&num=1&value=0&label=x8c1CMjokmsQxeqw0wM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u...
https://www.google.com/pagead/1p-conversion/980170053/?random=1294943914&cv=9&fst=1640899977342&num=1&value=0&label=x8c1CMjokmsQxeqw0wM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_a...
https://www.google.de/pagead/1p-conversion/980170053/?random=1294943914&cv=9&fst=1640899977342&num=1&value=0&label=x8c1CMjokmsQxeqw0wM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw...

42 B
64 B

23ms
22ms

Image
image/gif

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/980170053/?random=1294943914&cv=9&fst=1640899977342&num=1&value=0&label=x8c1CMjokmsQxeqw0wM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F&tiba=Donate%20to%20The%20Salvation%20Army&auid=1775999282.1640899977&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=iSXOYdXiFe-ox_APq8S_iAc&cid=CAQSKQCNIrLMdpwqHsSw06olZqcSYbf1FnYRR6fNosfBZg22wUtxKzGh1xxb&eitems=ChEIgM61jgYQruiN_-a1uo_0ARIdAEz7HbCW1nP3vsdhP-VEFijol3ev3YavRNZCSD8&random=1494407226&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hDuL9wDAeAwQPT3x_hKteemupqeABEPIik-bW-YhEJ4bO4ZCokREzmsV99aC30eJPYAdekcBaIEJC35krdFWoJx

Protocol

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/980170053/?random=1294943914&cv=9&fst=1640899977342&num=1&value=0&label=x8c1CMjokmsQxeqw0wM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F&tiba=Donate%20to%20The%20Salvation%20Army&auid=1775999282.1640899977&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=iSXOYdXiFe-ox_APq8S_iAc&cid=CAQSKQCNIrLMdpwqHsSw06olZqcSYbf1FnYRR6fNosfBZg22wUtxKzGh1xxb&eitems=ChEIgM61jgYQruiN_-a1uo_0ARIdAEz7HbCW1nP3vsdhP-VEFijol3ev3YavRNZCSD8&random=1494407226&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hDuL9wDAeAwQPT3x_hKteemupqeABEPIik-bW-YhEJ4bO4ZCokREzmsV99aC30eJPYAdekcBaIEJC35krdFWoJx
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame 24D3
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=61942373548019733752449857941414847894&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-yesvRT1E2pFWuGakaIN34TkT1KmRuPlvbZQ-~A

42 B
945 B

32ms
32ms

Image
image/gif

54.194.185.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-yesvRT1E2pFWuGakaIN34TkT1KmRuPlvbZQ-~A

Protocol

HTTP/1.1

Server

54.194.185.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-185-111.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v026-0a1460121.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: z2oaWbwkRp8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Thu, 30 Dec 2021 21:32:57 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-yesvRT1E2pFWuGakaIN34TkT1KmRuPlvbZQ-~A
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2 200 pixel;r=1073878895;labels=_fp.event.Default;rf=0;a=p-d5N1L76OG6H12;url=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-727%26utm_medium%3D2...
pixel.quantserve.com/ 35 B
385 B 12ms
11ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1073878895;labels=_fp.event.Default;rf=0;a=p-d5N1L76OG6H12;url=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url%26c_src%3D22ddjmadmtdtdgdurl%26c_src2%3Dtsm_22_direct_mail_cultivation_url;uht=2;fpan=1;fpa=P0-623777433-1640899977444;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=salvationarmytexas.org;je=0;sr=1600x1200x24;dst=0;et=1640899977444;tzo=0;ogl=site_name.Classy%2Ctype.website%2Curl.https%3A%2F%2Fgive%252Esalvationarmytexas%252Eorg%2Fgive%2F178322%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3D%2Cimage.https%3A%2F%2Fassets%252Eclassy%252Eorg%2F5866174%2Fb1c824ac-221c-11e8-9a62-06ca153bb396%252Ejpg%2Cdescription.The%20Salvation%20Army%252C%20an%20international%20movement%252C%20is%20an%20evangelical%20part%20of%20the%20uni%2Ctitle.Donate%20to%20The%20Salvation%20Army

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/934932873/ 2 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/934932873/?random=1640899977448&cv=9&fst=1640899977448&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F&tiba=Donate%20to%20The%20Salvation%20Army&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f6ce0fec5ac5c31568e97c21205b5293270aaba7a5b11649a147b3b71cf6edb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1046
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AM... Frame C01F 147 KB
52 KB 28ms
15ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8a148e1b9d6521e624ac4a4019a30a1095aaa74e0d45b419d858d6db4ca06f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 18:29:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52724
x-xss-protection: 0
last-modified: Sat, 04 Dec 2021 03:35:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Wed, 28 Dec 2022 18:29:50 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/827406829/ 42 B
64 B 61ms
61ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/827406829/?random=1640899977350&cv=9&fst=1640898000000&num=1&label=pQ-wCLfl3IgBEO3zxIoD&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F&tiba=Donate%20to%20The%20Salvation%20Army&async=1&fmt=3&is_vtc=1&cid=CAQSKQCNIrLMp_sb-Tm1sJMHQCUbn6RGxVAvzrwrCClXPC0NdBvv2i8M0KGG&random=2647487117&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/827406829/ 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/827406829/?random=1640899977350&cv=9&fst=1640898000000&num=1&label=pQ-wCLfl3IgBEO3zxIoD&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F&tiba=Donate%20to%20The%20Salvation%20Army&async=1&fmt=3&is_vtc=1&cid=CAQSKQCNIrLMp_sb-Tm1sJMHQCUbn6RGxVAvzrwrCClXPC0NdBvv2i8M0KGG&random=2647487117&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK configuration Show response
api.braintreegateway.com/merchants/qzgr5rrzdz3xxy2z/client_api/v1/ 2 KB
2 KB 973ms
907ms Script
application/javascript 35.156.167.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.braintreegateway.com/merchants/qzgr5rrzdz3xxy2z/client_api/v1/configuration?authorizationFingerprint=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2NDA5ODYzNzcsImp0aSI6IjE0YTliYzJhLWQ1YjUtNDk5ZC1iODM4LTg1MjcwY2E4ZDlkZCIsInN1YiI6InF6Z3I1cnJ6ZHozeHh5MnoiLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6InF6Z3I1cnJ6ZHozeHh5MnoiLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0IjpmYWxzZX0sInJpZ2h0cyI6WyJtYW5hZ2VfdmF1bHQiXSwic2NvcGUiOlsiQnJhaW50cmVlOlZhdWx0Il0sIm9wdGlvbnMiOnt9fQ.pQZU5ytXEo0PxXZr7c5PvM1miT6_o7dOReaLjTtdq0_KZ9mFkk8zejQnxTmDwWDl273Xto-iJXcqaUYuqUUUmQ&callback=callback_jsoncccf8f3f071d417a80579101716a0ae4

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

35.156.167.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-167-229.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0cad01826f96f6596a643bd398317fda3520fa4123069056b10e460426ef319e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:58 GMT
content-encoding: gzip
X-Content-Type-Options: nosniff
x-permitted-cross-domain-policies: none
transfer-encoding: chunked
paypal-debug-id: 704ac7fe5bdf4
vary: Accept-Encoding, Origin
X-XSS-Protection: 1; mode=block
x-request-id: db0f70c1-ea88-4a4c-83cf-191643dfff73
x-runtime: 0.584659
referrer-policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN
etag: W/"f07f93a9b03fed2a70675d9a392a5854"
x-download-options: noopen
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=0, private, must-revalidate
X-BroxyId: db0f70c1-ea88-4a4c-83cf-191643dfff73
Content-Security-Policy: frame-ancestors 'self'

GET
H3 200 /
www.google.com/pagead/1p-user-list/934932873/ 42 B
64 B 25ms
24ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/934932873/?random=1640899977448&cv=9&fst=1640898000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F&tiba=Donate%20to%20The%20Salvation%20Army&async=1&fmt=3&is_vtc=1&random=3178526883&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/934932873/ 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/934932873/?random=1640899977448&cv=9&fst=1640898000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F&tiba=Donate%20to%20The%20Salvation%20Army&async=1&fmt=3&is_vtc=1&random=3178526883&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.HTq... Frame 96F0 36 KB
13 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.HTqfbqayYmU.L.B1.O/am=BgAC/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjRMCIOQyt3VRLO5xGLlmBd_4lTUw/ee=cEt90b:ws9Tlc;uY49fb:COQbmf;Oj465e:KG2eXe;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2d9f427387d66c1e47f6fc9338e3877a8493526fbcf277cdb7f3e55d77cd85a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 15:15:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 541049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13458
x-xss-protection: 0
last-modified: Sat, 04 Dec 2021 02:26:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Sat, 24 Dec 2022 15:15:28 GMT

GET
H3 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.HTq... Frame 96F0 73 KB
27 KB 21ms
10ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.HTqfbqayYmU.L.B1.O/am=BgAC/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjRMCIOQyt3VRLO5xGLlmBd_4lTUw/ee=cEt90b:ws9Tlc;uY49fb:COQbmf;Oj465e:KG2eXe;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058d6bb45f407a87de0e1aafd110a5e3422d7d35f6c8b33b4f43e577fd1e0281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 04:01:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 235874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27350
x-xss-protection: 0
last-modified: Sat, 04 Dec 2021 02:26:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Wed, 28 Dec 2022 04:01:43 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.HTq... Frame C01F 36 KB
13 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2d9f427387d66c1e47f6fc9338e3877a8493526fbcf277cdb7f3e55d77cd85a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 15:15:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 541049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13458
x-xss-protection: 0
last-modified: Sat, 04 Dec 2021 02:26:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Sat, 24 Dec 2022 15:15:28 GMT

GET
H3 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.HTq... Frame C01F 73 KB
27 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.HTqfbqayYmU.L.B1.O/am=BgAC/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjRMCIOQyt3VRLO5xGLlmBd_4lTUw/ee=cEt90b:ws9Tlc;uY49fb:COQbmf;Oj465e:KG2eXe;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058d6bb45f407a87de0e1aafd110a5e3422d7d35f6c8b33b4f43e577fd1e0281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 04:01:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 235874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27350
x-xss-protection: 0
last-modified: Sat, 04 Dec 2021 02:26:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Wed, 28 Dec 2022 04:01:43 GMT

GET
H3 200 integrations Show response
getrockerbox.com/ 42 B
558 B 140ms
115ms Script
text/javascript 172.67.177.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getrockerbox.com/integrations?source=salvation_army
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.177.215 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6e9e1722cffa254dc5061e3d89fc40a4faec0cd7d44819923657d498e8df822

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYKPM6F5AeCWGnHHdyDPaRRpviX1ttTaT7wks7FmVXVb4FsfaoSLgeU36b%2BJXO32A1fW0kw95DchQc2YLXFsxl3WwSK2as3Efoj7Q7BZJpCdtpLJ133gCN0RMX5YMSS2ldts"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 6c5e623bce8f72a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 jpuid Show response
getrockerbox.com/ 67 B
715 B 139ms
115ms Script
text/javascript 172.67.177.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getrockerbox.com/jpuid?jsonp=RB.jsonPUID
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.177.215 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9d4ac8d89475a3bad4012b0d3768fdb6f2542beeddf3f7a569b9b2791371228

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5oin8LeuRJ6GwZ0Ci4396ZHem1uQ39Kc7bF%2FqoWvxOCHKmpFxJEykc%2FjVqFA01H2Z4kc%2BxIpXY%2BWbEThDitDLswVv0mbnhOj6C2mPAlMF%2F1VGVdB9qx3ANlVr5FHTx2RSvO"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 6c5e623bce8b72a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 22ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1017306725360359&ev=PageView&dl=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url%26c_src%3D22ddjmadmtdtdgdurl%26c_src2%3Dtsm_22_direct_mail_cultivation_url&rl=&if=false&ts=1640899977538&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1640899977537.1247952324&it=1640899977357&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 30 Dec 2021 21:32:57 GMT

GET
H/1.1 200
OK user
bttrack.com/dmp/adobe/ Frame 24D3 35 B
380 B 202ms
95ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/dmp/adobe/user?dd_uuid=61942373548019733752449857941414847894
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-ServerName: Track001-dc3
Pragma: no-cache
Date: Thu, 30 Dec 2021 21:32:57 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 96F0 49 KB
20 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.HTqfbqayYmU.L.B1.O/am=BgAC/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjRMCIOQyt3VRLO5xGLlmBd_4lTUw/ee=cEt90b:ws9Tlc;uY49fb:COQbmf;Oj465e:KG2eXe;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1911
date: Thu, 30 Dec 2021 21:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 30 Dec 2021 23:01:06 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 96F0 1 MB
338 KB 76ms
76ms XHR
text/html 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c11896d8199be8c6cf706a04f0319096bc3cd393c2b9daad6627c03455c0f32c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7xJek+somOjcL/42vyQJ3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-7xJek+somOjcL/42vyQJ3A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none
x-frame-options: DENY
strict-transport-security: max-age=31536000
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=3600
content-security-policy: script-src 'report-sample' 'nonce-7xJek+somOjcL/42vyQJ3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-7xJek+somOjcL/42vyQJ3A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires: Thu, 30 Dec 2021 21:32:57 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame C01F 49 KB
20 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.HTqfbqayYmU.L.B1.O/am=BgAC/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjRMCIOQyt3VRLO5xGLlmBd_4lTUw/ee=cEt90b:ws9Tlc;uY49fb:COQbmf;Oj465e:KG2eXe;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1911
date: Thu, 30 Dec 2021 21:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 30 Dec 2021 23:01:06 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame C01F 1 MB
338 KB 80ms
79ms XHR
text/html 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13f611e8acfb953e6bd212b453a9569b7fa9703659020ccc6c7312b2732493c9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZKkeMzMRY8K+0Lvn1z45Eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-ZKkeMzMRY8K+0Lvn1z45Eg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none
x-frame-options: DENY
strict-transport-security: max-age=31536000
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=3600
content-security-policy: script-src 'report-sample' 'nonce-ZKkeMzMRY8K+0Lvn1z45Eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-ZKkeMzMRY8K+0Lvn1z45Eg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires: Thu, 30 Dec 2021 21:32:57 GMT

POST
H3 200 log Show response
play.google.com/ Frame 96F0 131 B
155 B 34ms
19ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 30 Dec 2021 21:32:57 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 46ms
15ms Preflight
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 30 Dec 2021 21:32:57 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 30 Dec 2021 21:32:57 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 96F0 131 B
155 B 28ms
16ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 30 Dec 2021 21:32:57 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 43ms
16ms Preflight
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 30 Dec 2021 21:32:57 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 30 Dec 2021 21:32:57 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 96F0 131 B
155 B 35ms
22ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 30 Dec 2021 21:32:57 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 39ms
16ms Preflight
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 30 Dec 2021 21:32:57 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 30 Dec 2021 21:32:57 GMT
cache-control: private

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 34ms
16ms Preflight
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 30 Dec 2021 21:32:57 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 30 Dec 2021 21:32:57 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame 96F0 131 B
155 B 30ms
18ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 30 Dec 2021 21:32:57 GMT

POST
H3 200 log Show response
play.google.com/ Frame 96F0 131 B
155 B 31ms
18ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 30 Dec 2021 21:32:57 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 29ms
16ms Preflight
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 30 Dec 2021 21:32:57 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 30 Dec 2021 21:32:57 GMT
cache-control: private

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.HTq... Frame 96F0 17 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.HTqfbqayYmU.L.B1.O/am=BgAC/d=1/exm=Das5Le,IZT63,LEikZe,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjRMCIOQyt3VRLO5xGLlmBd_4lTUw/ee=cEt90b:ws9Tlc;uY49fb:COQbmf;Oj465e:KG2eXe;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8664390f269923cfc07cec5a2f94704ff85786a0ee80ebf564654041e822fd3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 18:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7265
x-xss-protection: 0
last-modified: Sat, 04 Dec 2021 02:26:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Mon, 26 Dec 2022 18:36:00 GMT

GET
H3 200 m=lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.HTq... Frame 96F0 8 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.HTqfbqayYmU.L.B1.O/am=BgAC/d=1/exm=Das5Le,FCpbqb,IZT63,LEikZe,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,hhhU8,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjRMCIOQyt3VRLO5xGLlmBd_4lTUw/ee=cEt90b:ws9Tlc;uY49fb:COQbmf;Oj465e:KG2eXe;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40a3be1a3422a8d3afc05bc4cf5b8a559ccc414022040153343dac7060335c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 15:15:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 541036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3333
x-xss-protection: 0
last-modified: Sat, 04 Dec 2021 02:26:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Sat, 24 Dec 2022 15:15:41 GMT

POST
H3 200 log Show response
play.google.com/ Frame C01F 131 B
155 B 69ms
60ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 30 Dec 2021 21:32:57 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 15ms
15ms Preflight
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 30 Dec 2021 21:32:57 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 30 Dec 2021 21:32:57 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame C01F 131 B
155 B 19ms
17ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 30 Dec 2021 21:32:57 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 15ms
14ms Preflight
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 30 Dec 2021 21:32:57 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 30 Dec 2021 21:32:57 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame C01F 131 B
155 B 18ms
17ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 30 Dec 2021 21:32:57 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 30ms
15ms Preflight
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 30 Dec 2021 21:32:57 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 30 Dec 2021 21:32:57 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame C01F 131 B
155 B 17ms
17ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 30 Dec 2021 21:32:57 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 26ms
15ms Preflight
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 30 Dec 2021 21:32:57 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 30 Dec 2021 21:32:57 GMT
cache-control: private

POST
H3 200 log Show response
play.google.com/ Frame C01F 131 B
155 B 17ms
16ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 30 Dec 2021 21:32:57 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 19ms
15ms Preflight
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 30 Dec 2021 21:32:57 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 30 Dec 2021 21:32:57 GMT
cache-control: private

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.HTq... Frame C01F 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.HTqfbqayYmU.L.B1.O/am=BgAC/d=1/exm=Das5Le,IZT63,LEikZe,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjRMCIOQyt3VRLO5xGLlmBd_4lTUw/ee=cEt90b:ws9Tlc;uY49fb:COQbmf;Oj465e:KG2eXe;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8664390f269923cfc07cec5a2f94704ff85786a0ee80ebf564654041e822fd3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 26 Dec 2021 18:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7265
x-xss-protection: 0
last-modified: Sat, 04 Dec 2021 02:26:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Mon, 26 Dec 2022 18:36:00 GMT

GET
H3 200 m=lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.HTq... Frame C01F 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.HTqfbqayYmU.L.B1.O/am=BgAC/d=1/exm=Das5Le,FCpbqb,IZT63,LEikZe,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,hhhU8,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrjRMCIOQyt3VRLO5xGLlmBd_4lTUw/ee=cEt90b:ws9Tlc;uY49fb:COQbmf;Oj465e:KG2eXe;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40a3be1a3422a8d3afc05bc4cf5b8a559ccc414022040153343dac7060335c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 15:15:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 541036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3333
x-xss-protection: 0
last-modified: Sat, 04 Dec 2021 02:26:14 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
expires: Sat, 24 Dec 2022 15:15:41 GMT

POST
H3 200 log Show response
play.google.com/ Frame 96F0 131 B
155 B 17ms
16ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 30 Dec 2021 21:32:57 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 14ms
14ms Preflight
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 30 Dec 2021 21:32:57 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 30 Dec 2021 21:32:57 GMT
cache-control: private

POST
H2 200 0 Show response
r.stripe.com/ Frame F47E 0
127 B 163ms
163ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 30 Dec 2021 21:32:57 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame F47E 0
127 B 163ms
163ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 30 Dec 2021 21:32:57 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 24D3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWM0bGlBQUFBRWl3b1FQNw==

170 B
188 B

32ms
17ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWM0bGlBQUFBRWl3b1FQNw==

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1640899978.747092,VS0,VE0
x-served-by: cache-cdg20743-CDG
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWM0bGlBQUFBRWl3b1FQNw==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

POST
H3 200 log Show response
play.google.com/ Frame C01F 131 B
155 B 18ms
17ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 30 Dec 2021 21:32:57 GMT

OPTIONS
H3 200 log
play.google.com/ Frame 0
0 14ms
14ms Preflight
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://pay.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://pay.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 30 Dec 2021 21:32:57 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 30 Dec 2021 21:32:57 GMT
cache-control: private

POST
H2 200 0 Show response
r.stripe.com/ Frame F47E 0
127 B 160ms
159ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 30 Dec 2021 21:32:57 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame F47E 0
127 B 162ms
162ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 30 Dec 2021 21:32:57 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame F47E 0
127 B 164ms
163ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 30 Dec 2021 21:32:57 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame F47E 0
127 B 164ms
164ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 30 Dec 2021 21:32:57 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H3 200 log Show response
play.google.com/ Frame 96F0 131 B
155 B 18ms
18ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 30 Dec 2021 21:32:57 GMT

OPTIONS
H/1.1 200
OK tokenize
salvationarmyusa.dap.akadns.net/data-activation/x1/domain/salvationarmyusa.org/identity/ Frame 0
0 254ms
7ms Preflight
text/html 2a02:26f0:6c00::210:ba63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://salvationarmyusa.dap.akadns.net/data-activation/x1/domain/salvationarmyusa.org/identity/tokenize
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,pragma
Origin: https://give.salvationarmytexas.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Type: text/html
Content-Length: 0
Date: Thu, 30 Dec 2021 21:32:58 GMT
Connection: keep-alive
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC,Akamai-DAP-Token,X-Cache,Akamai-DAP-100,Akamai-DAP-DDID
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,Authorization,X-API-KEY,Content-Type,Pragma,Akamai-DAP-DDID
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *

POST
H/1.1 201
Created tokenize Show response
salvationarmyusa.dap.akadns.net/data-activation/x1/domain/salvationarmyusa.org/identity/ 0
1 KB 586ms
586ms XHR
application/xml 2a02:26f0:6c00::210:ba63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://salvationarmyusa.dap.akadns.net/data-activation/x1/domain/salvationarmyusa.org/identity/tokenize

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Pragma: akamai-x-cache-on
Accept: */*
Referer: https://give.salvationarmytexas.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=31536000
Akamai-DAP-100: D574
X-Cache: TCP_MISS from a2-16-186-95.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
Akamai-DAP-Token: eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2Iiwia2lkIjoicGFzc3dvcmQxIn0..9IBQyOeqrgp8A28uLRbQvQ.DnFRrSHOg0DeJ5PqJa996SERooGeVTAZazf-Jd_-Iatf5qMSOsv-pUMblotTrRVTncdrRqL2l5QPZAiUDU08WIcqL1cBDdn9Aow8Sa7-rggC93lmyG4Aao5_Y9Coullm-vlv7D12CojSYzMZXBs-QcS49PmqURxBS6Vf0b9UXSvygK37Wr999bZduso9pR-n8d2DHQBc-ly0kn3MSZOD4CiaPlChvXl3_AmRqgLuo3WcgKzpHxPmn1z2FxWCPZ8q2wL6TrJmYZNXkQpKCp70wUO9yytcds5gNemev1VH9Vy6CJ1mFA91Wp37JhGc8yvm0dmhr3_uUqbGz3-2LMgVjIJ0P2-TX88_dZ0soDjnOOE.zthgjbi4-DOovPThWQowcM_fdrV5tSM1ZrmyWxsX43o
Connection: close
Pragma: no-cache
Server: Microsoft-HTTPAPI/2.0
Date: Thu, 30 Dec 2021 21:32:58 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/xml; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC,Akamai-DAP-Token,X-Cache,Akamai-DAP-100,Akamai-DAP-DDID
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,Authorization,X-API-KEY,Content-Type,Pragma,Akamai-DAP-DDID
Expires: Thu, 30 Dec 2021 21:32:58 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://getrockerbox.com/rb?url=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddire...
https://secure.adnxs.com/seg?add=9705236
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9705236

43 B
1021 B

25ms
25ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9705236

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Dec 2021 21:32:57 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 76c4c0ec-7293-4891-ae0e-bd1c929dafb4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 30 Dec 2021 21:32:57 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: ff487c88-3c53-4af1-8c69-81dc1a1426b1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D9705236
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame F47E 0
127 B 161ms
160ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 30 Dec 2021 21:32:57 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 100ms
99ms Image
image/gif 52.204.77.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=7301909825941009&v=5584865395564415&s=4974540066417987&b=web&tv=4.0&sp=ts&sp=1640899976499&sp=d&sp=give.salvationarmytexas.org&sp=h&sp=%2Fgive%2F178322%2F&sp=g&sp=%23!%2Fdonation%2Fcheckout%3Fc_src%3D22ddjmadmtdtdgdurl%26c_src2%3Dtsm_22_direct_mail_cultivation_url%26utm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url&pp=d&pp=give.salvationarmytexas.org&pp=h&pp=%2Fgive%2F178322%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url%26c_src%3D22ddjmadmtdtdgdurl%26c_src2%3Dtsm_22_direct_mail_cultivation_url&pp=t&pp=Donate%20to%20The%20Salvation%20Army&pp=ts&pp=1640899976539&pp=pr&pp=%2Fgive%2F178322%2F&id0=6731953312641849&k0=environment&k0=prod&k0=organization_id&k0=50874&k0=campaign&k0=178322&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=digitalWalletsLoaded&k0=true&t0=Donation%20Page%20-%20View%20Page%20-%20Digital%20Wallet&ts0=1640899977776&st=1640899977777

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.204.77.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-204-77-146.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 GooglePay-logo.svg
give.salvationarmytexas.org/static/global/images/digitalWallets/ 3 KB
2 KB 49ms
48ms Image
image/svg+xml 2606:4700::6812:7115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.salvationarmytexas.org/static/global/images/digitalWallets/GooglePay-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/give/178322/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 Dec 2021 19:32:12 GMT
server: cloudflare
age: 663186
etag: W/"61bb943c-b41"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 6c5e623d2edddfcb-FRA
expires: Fri, 23 Dec 2022 05:19:51 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame F47E 0
127 B 245ms
245ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 30 Dec 2021 21:32:57 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame F47E 0
127 B 245ms
245ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 30 Dec 2021 21:32:57 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H3 200 log Show response
play.google.com/ Frame C01F 131 B
155 B 21ms
21ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.spj3JaUSYOw.es5.O/am=BgAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrgUrRcszF_4aHAoDgSJgFy09igR0Q/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 30 Dec 2021 21:32:57 GMT

GET
H/1.1 200
OK t
pixel.everesttech.net/8196/ 128 B
705 B 99ms
98ms Image
image/png 3.221.239.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/8196/t?ecvid=61425021667277686502393509210202494883&ev_Donation_Form_Start=1&ev_transid=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.239.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-239-181.compute-1.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 21:32:57 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
Vary: Cookie
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/
Redirect Chain

https://cm.everesttech.net/cm
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&url=/1x1&google_hm=WWM0bGlBQUFBRWl3b1FQNw
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1x1&google_gid=CAESEOaIbBngHzQhjuXKhA5oH74&google_cver=1
https://pixel.everesttech.net/1x1

128 B
691 B

98ms
98ms

Image
image/png

3.221.239.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 3.221.239.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-239-181.compute-1.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 21:32:57 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Thu, 30 Dec 2021 21:32:57 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 204 collect Show response
g.clarity.ms/ 0
101 B 123ms
122ms XHR
text/plain 52.182.214.99
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.clarity.ms/collect
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.214.99 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://give.salvationarmytexas.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://give.salvationarmytexas.org
date: Thu, 30 Dec 2021 21:32:57 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695

POST
H2 200 0 Show response
r.stripe.com/ Frame F47E 0
127 B 228ms
227ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 30 Dec 2021 21:32:57 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 h
heapanalytics.com/ 37 B
258 B 98ms
97ms Image
image/gif 52.204.77.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1566116007&u=7301909825941009&v=5584865395564415&s=4974540066417987&b=web&tv=4.0&sp=ts&sp=1640899976499&sp=d&sp=give.salvationarmytexas.org&sp=h&sp=%2Fgive%2F178322%2F&sp=g&sp=%23!%2Fdonation%2Fcheckout%3Fc_src%3D22ddjmadmtdtdgdurl%26c_src2%3Dtsm_22_direct_mail_cultivation_url%26utm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url&pp=d&pp=give.salvationarmytexas.org&pp=h&pp=%2Fgive%2F178322%2F&pp=g&pp=%23!%2Fdonation%2Fcheckout%3Futm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url%26c_src%3D22ddjmadmtdtdgdurl%26c_src2%3Dtsm_22_direct_mail_cultivation_url&pp=t&pp=Donate%20to%20The%20Salvation%20Army&pp=ts&pp=1640899976539&pp=pr&pp=%2Fgive%2F178322%2F&id0=2751660042079805&k0=environment&k0=prod&k0=organization_id&k0=50874&k0=campaign&k0=178322&k0=campaign_type&k0=donation&k0=duplicate_fundraisers&k0=false&k0=existing_fundraiser&k0=false&k0=digitalWalletsLoaded&k0=true&t0=Donation%20Page%20-%20View%20Page%20-%20Digital%20Wallet&ts0=1640899977813&st=1640899977813

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.204.77.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-204-77-146.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 24D3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yc4liAAAAEiwoQP7&expires=90

0
239 B

33ms
9ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yc4liAAAAEiwoQP7&expires=90
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:57 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1640899978.856071,VS0,VE0
x-served-by: cache-cdg20743-CDG
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yc4liAAAAEiwoQP7&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 24D3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yc4liAAAAEiwoQP7
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yc4liAAAAEiwoQP7&C=1

43 B
1003 B

26ms
26ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yc4liAAAAEiwoQP7&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Dec 2021 21:32:58 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 30 Dec 2021 21:32:58 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 30 Dec 2021 21:32:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yc4liAAAAEiwoQP7&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 279
Expires: Thu, 30 Dec 2021 21:32:58 GMT

POST
H2 204 collect Show response
g.clarity.ms/ 0
25 B 252ms
251ms XHR
text/plain 52.182.214.99
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.clarity.ms/collect
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.214.99 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://give.salvationarmytexas.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://give.salvationarmytexas.org
date: Thu, 30 Dec 2021 21:32:57 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 6D4D 0
18 B 17ms
7ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://give.salvationarmytexas.org
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/

Response headers

content-type: text/plain
access-control-allow-origin: https://give.salvationarmytexas.org
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Thu, 30 Dec 2021 21:32:58 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 24D3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=Yc4liAAAAEiwoQP7

43 B
1014 B

26ms
9ms

Image
image/gif

37.252.172.36
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=Yc4liAAAAEiwoQP7

Protocol

HTTP/1.1

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Dec 2021 21:32:58 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 286436a5-ab57-4393-8671-3fdf8674d597
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:58 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1640899978.064164,VS0,VE0
x-served-by: cache-cdg20743-CDG
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=Yc4liAAAAEiwoQP7
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 24D3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yc4liAAAAEiwoQP7

43 B
274 B

38ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yc4liAAAAEiwoQP7
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:58 GMT
via: 1.1 google
server: OXGW/17.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:58 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1640899978.165357,VS0,VE0
x-served-by: cache-cdg20743-CDG
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yc4liAAAAEiwoQP7
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 24D3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yc4liAAAAEiwoQP7

1 B
544 B

60ms
14ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yc4liAAAAEiwoQP7
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 21:32:57 GMT
cache-control: no-store, no-cache, private
x-lat: amspug011:0:757
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:58 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1640899978.265731,VS0,VE0
x-served-by: cache-cdg20743-CDG
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yc4liAAAAEiwoQP7
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 24D3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yc4liAAAAEiwoQP7&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yc4liAAAAEiwoQP7&img=1&__user_check__=1&sync_id=0ecb043a-69b8-11ec-857e-14bc9e680106

43 B
548 B

241ms
241ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yc4liAAAAEiwoQP7&img=1&__user_check__=1&sync_id=0ecb043a-69b8-11ec-857e-14bc9e680106
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 30 Dec 2021 21:32:58 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 36
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Thu, 30 Dec 2021 21:32:58 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=Yc4liAAAAEiwoQP7&img=1&__user_check__=1&sync_id=0ecb043a-69b8-11ec-857e-14bc9e680106
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 41
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200
OK 67fe2a1b26 Show response
bam-cell.nr-data.net/events/1/ 24 B
515 B 546ms
546ms XHR
image/gif 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/67fe2a1b26?a=363721230&v=1212.e95d35c&to=ZV0HYUJUCEYEU0QLC1wXIE1ARwNGFlpDTSN3bEoaV1wQUEoKUwMJQlkMUl58Ah8%3D&rst=4320&ck=1&ref=https://give.salvationarmytexas.org/give/178322/
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://give.salvationarmytexas.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain

Response headers

Date: Thu, 30 Dec 2021 21:32:58 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://give.salvationarmytexas.org
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 6c5e62415ebd5b32-FRA
Content-Length: 24

GET
H3

200

b.php
www.facebook.com/fr/ Frame 24D3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yc4liAAAAEiwoQP7&t=2592000&o=0

43 B
69 B

28ms
27ms

Image
image/gif

2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yc4liAAAAEiwoQP7&t=2592000&o=0

Protocol

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thesalvationarmy.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 13:32:58 PST
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: HBmOwqhHtqPBm4xPYiIn+fcx3GcBKyXmgcybgU0nRiBqVrjT9YaZOs+byWP9j7f9ln9ZUn8TjHIwQYp1gRk8Xg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
priority: u=3,i
expires: Thu, 30 Dec 2021 13:32:58 PST

Redirect headers

pragma: no-cache
date: Thu, 30 Dec 2021 21:32:58 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1640899978.467090,VS0,VE0
x-served-by: cache-cdg20743-CDG
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yc4liAAAAEiwoQP7&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

POST
H2 204 collect Show response
g.clarity.ms/ 0
48 B 137ms
137ms XHR
text/plain 52.182.214.99
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.clarity.ms/collect
Requested by: Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.214.99 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://give.salvationarmytexas.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://give.salvationarmytexas.org
date: Thu, 30 Dec 2021 21:32:59 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695

POST
H2 200 6 Show response
m.stripe.com/ Frame 2A27 156 B
521 B 164ms
164ms XHR
application/json 34.211.243.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.211.243.235 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-211-243-235.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

9f6aefc546bc055437c70d219882f74aebc45297cb9e90ba462f2726e5e60825

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 30 Dec 2021 21:33:01 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 trusted-types-checker-cda1635e27dc416e23614def05f39e01.js Show response
js.stripe.com/v3/fingerprinted/js/ 172 B
671 B 17ms
17ms Script
application/javascript 13.224.96.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-cda1635e27dc416e23614def05f39e01.js

Requested by

Host: give.salvationarmytexas.org
URL: https://give.salvationarmytexas.org/give/178322/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-111.zrh50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

95606fd79e5ed034243c781bbfdacc97d7fbc04174981a4a45cd4ad63008afed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://give.salvationarmytexas.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 59
x-cache: Hit from cloudfront
date: Thu, 30 Dec 2021 21:32:16 GMT
content-length: 172
last-modified: Fri, 05 Nov 2021 21:06:48 GMT
server: Cloudfront
etag: "c78a4d54d725874984ae69d553523207"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 9RU1TenF-8DfzJYuk3Y0S5nAYfQwaEjB4dG2mQWQbStiuRvZtPcH1w==

POST
H2 200 0 Show response
r.stripe.com/ Frame F47E 0
127 B 161ms
160ms XHR
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0db9372b08d665b96f9fff8d4f629b19.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Thu, 30 Dec 2021 21:33:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

Verdicts & Comments Add Verdict or Comment

281 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

76 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
give.salvationarmytexas.org/	1970-02-07 23:17:10	Name: connect.sid Value: s%3AloO-LTVLm1n5iYFizq7__VtQqGdwLelf.iEvynrRXKiIYboUrTQgMngCrnLhgQ%2FdUfHtuetYcAE4
.give.salvationarmytexas.org/	1970-01-19 23:48:21	Name: __cf_bm Value: Iaz4Umhrx.Tw0vcctQrbyEIgyJhmblGZjtpByV9NTTM-1640899975-0-AVNKnxcsVe28nx+1vtwkLHUGl/j0IVOYIUhB3kD9LSi2XexXX7uqM67HfVJGvpcgstmIZNtCfkZ7kkQiHeXXYZQ=
.give.salvationarmytexas.org/	1969-12-31 23:59:59	Name: __cfruid Value: df6d11bf76d9f4d7b56d85c2eb3c237f41ca2360-1640899975
.classy.org/	1970-01-19 23:48:21	Name: __cf_bm Value: p4zR5wt9A46UAnGHN9CG8XOZWJZ4CQOQv3PyIAOHlC8-1640899975-0-ASeaV2WENP4PLwnm2nDZL7uw8gPa7nQnwweYWAU3tn/Ti6dMxpFNV+IzTAmhiNdHvCWkkOfwHMtvWZTUFEvwuoA=
.salvationarmytexas.org/	1970-01-20 17:19:31	Name: _ga Value: GA1.2.1659302148.1640899976
.salvationarmytexas.org/	1970-01-19 23:49:46	Name: _gid Value: GA1.2.1394818032.1640899976
give.salvationarmytexas.org/	1970-01-20 00:08:29	Name: c_src Value: %7B%22178322%22%3A%5B%7B%22c_src%22%3A%2222ddjmadmtdtdgdurl%22%2C%22c_src2%22%3A%22tsm_22_direct_mail_cultivation_url%22%2C%22referrer%22%3A%22%22%2C%22timestamp%22%3A1640899976224%7D%5D%7D
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: R09R8yiJOQM
.youtube.com/	1970-01-20 04:07:31	Name: VISITOR_INFO1_LIVE Value: RvRu-8TA5RA
.salvationarmytexas.org/	1970-01-19 23:48:20	Name: _gat_classyTrack Value: 1
.salvationarmytexas.org/	1970-01-20 09:16:17	Name: _hp2_id.1566116007 Value: %7B%22userId%22%3A%227301909825941009%22%2C%22pageviewId%22%3A%225584865395564415%22%2C%22sessionId%22%3A%224974540066417987%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.salvationarmytexas.org/	1970-01-20 09:16:17	Name: _hp2_props.1566116007 Value: %7B%22environment%22%3A%22prod%22%2C%22organization_id%22%3A50874%2C%22payment_processor%22%3Anull%2C%22campaign%22%3A178322%2C%22campaign_type%22%3A%22donation%22%2C%22duplicate_fundraisers%22%3Afalse%2C%22existing_fundraiser%22%3Afalse%7D
.give.salvationarmytexas.org/	1970-01-20 08:33:55	Name: OptanonConsent Value: landingPath=https%3A%2F%2Fgive.salvationarmytexas.org%2Fgive%2F178322%2F%23!%2Fdonation%2Fcheckout%3Fc_src%3D22ddjmadmtdtdgdurl%26c_src2%3Dtsm_22_direct_mail_cultivation_url%26utm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url&datestamp=Thu+Dec+30+2021+21%3A32%3A56+GMT%2B0000+(GMT)&version=3.6.25&EuOnly=true
.salvationarmytexas.org/	1970-01-20 01:57:55	Name: _gcl_au Value: 1.1.1775999282.1640899977
.salvationarmytexas.org/	1970-01-19 23:48:20	Name: _gat_UA-51388709-1 Value: 1
.bing.com/	1970-01-20 09:09:55	Name: MUID Value: 07138A1744F665E82E949B0A459D6465
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 3737a94e28b55dd0
.demdex.net/	1970-01-20 04:07:31	Name: demdex Value: 61942373548019733752449857941414847894
.salvationarmytexas.org/	1969-12-31 23:59:59	Name: AMCVS_20A0289659302A7E0A495D28%40AdobeOrg Value: 1
.salvationarmytexas.org/	1970-01-19 23:48:21	Name: _hp2_ses_props.1566116007 Value: %7B%22ts%22%3A1640899976499%2C%22d%22%3A%22give.salvationarmytexas.org%22%2C%22h%22%3A%22%2Fgive%2F178322%2F%22%2C%22g%22%3A%22%23!%2Fdonation%2Fcheckout%3Fc_src%3D22ddjmadmtdtdgdurl%26c_src2%3Dtsm_22_direct_mail_cultivation_url%26utm_source%3Dtsm-727%26utm_medium%3D22ddjmadmtdtdgdurl%26utm_campaign%3Ddirect_mail_cultivation_url%22%7D
give.salvationarmytexas.org/	1969-12-31 23:59:59	Name: CSRF-TOKEN Value: zMToZ37o-4Q0PFwzdxGoWB67pyq9ugFR0Rpw
.salvationarmytexas.org/	1970-01-20 17:20:58	Name: adcloud Value: {%22_les_v%22:%22y%2Csalvationarmytexas.org%2C1640901776%22}
.twitter.com/	1970-01-20 17:19:31	Name: personalization_id Value: "v1_Rhp5l12cVKWspLhWR7MJiA=="
.everesttech.net/	1970-01-20 08:33:55	Name: everest_g_v2 Value: g_surferid~Yc4liAAAAEiwoQP7
.dpm.demdex.net/	1970-01-20 04:07:31	Name: dpm Value: 61942373548019733752449857941414847894
.salvationarmytexas.org/	1970-01-20 17:19:31	Name: AMCV_20A0289659302A7E0A495D28%40AdobeOrg Value: 1585540135%7CMCIDTS%7C18992%7CMCMID%7C61425021667277686502393509210202494883%7CMCAAMLH-1641504776%7C6%7CMCAAMB-1641504776%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1640907176s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18999%7CvVersion%7C4.4.0
.serving-sys.com/	1970-01-20 01:57:37	Name: u2 Value: 186da422-2183-4533-83cc-2386f9839f234EL06g
.quantserve.com/	1970-01-20 09:18:34	Name: mc Value: 61ce2589-3a788-f2ca6-9b434
give.salvationarmytexas.org/	1970-01-20 08:33:55	Name: acceptCookies Value: eyJpdiI6IlBya2s3NDlSXC8wakxYejNxSENSZmZBPT0iLCJ2YWx1ZSI6Ilk4T3FaVFVkbDM4MGFZQTRBc2h0cnc9PSIsIm1hYyI6ImQ4MjU5NTYyM2I0MWY4MzdiMWU5ZjEwZmI2ZmNhMDcyYWJiMTBmYzhmMmI3NmIyY2Y1MjQ5ZDk2ZDNmNTkwMTQifQ%3D%3D
give.salvationarmytexas.org/	1970-01-19 23:48:27	Name: XSRF-TOKEN Value: eyJpdiI6IkVGcnVaMWlvaU5CZGFjVjMzUVU0QVE9PSIsInZhbHVlIjoiWWY5Y3g0NnhiUVVJYjJGb0Jta1U0R2I5dDdUcnVjVzVYRExYS2NFYkdtTmc0bXBjMTJQeTF3NU5pRkFPYWJ3andHXC9RUThMeG9HMGs3UkdaZGhVWDRBPT0iLCJtYWMiOiJiZTQ0YWM5ZWU1YzY5ODM1NTE2ZGZmOGI3ZGMzOGU5ZWU3NWEzMzIyYTdhYThiNTdlMTE2MTdkNWYxYTk4MjYzIn0%3D
give.salvationarmytexas.org/	1969-12-31 23:59:59	Name: sid Value: eyJpdiI6Imdodms3R3hSMkQ4XC8wOGE5SWpWNHF3PT0iLCJ2YWx1ZSI6Inp0cEJnV2VcLzRVVXVVU1FwbDA5UkxOWTVteDZtazloVm5tZDhIbk1MWGx0dmZpTlhnT052dUVQNzg3Rnh4OThTQkFlb3RmWnptalFnRFp4UWczRXdndz09IiwibWFjIjoiM2NiNzgxNTBiNjlkMzVjMDQzODgyMThhZjFkN2EyMGIwZjQyZjRiZWFjMzk3YjE3MjZmYmQwN2Y3MTNjNWE5YSJ9
.c.bing.com/	1970-01-20 09:09:55	Name: SRM_B Value: 07138A1744F665E82E949B0A459D6465
.google.com/	1970-01-20 04:11:51	Name: NID Value: 511=WkRnA4aa6WUKnScXe_fIXD1yTSNl2Wu9FrVEky98ZtpD60kM5XlmaN9q8ctJkt2MlXqLyJ_tM3puPoXcL3-NgtqrFpiYNb915KGxaLW5RmeO_0o9URFyz-ok-86Co-0ZBlWmEyKNt4rBO0DAX3xmHsnkzr49gustivwufkbNv9A
.serving-sys.com/	1970-01-20 01:57:37	Name: ActivityInfo2 Value: 0022ndAtG0_002jaXAtG0_
.salvationarmytexas.org/	1970-01-19 23:48:20	Name: _gat_clientTrack Value: 1
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 09:09:55	Name: MUID Value: 07138A1744F665E82E949B0A459D6465
.c.clarity.ms/	1970-01-19 23:48:20	Name: ANONCHK Value: 0
.salvationarmytexas.org/	1970-01-19 23:49:46	Name: _uetsid Value: 0dc5109069b811ec9bbd3b1b796223c9
.salvationarmytexas.org/	1970-01-20 09:09:55	Name: _uetvid Value: 0dc54aa069b811ecaac28d907ce07f85
.doubleclick.net/	1970-01-20 09:09:55	Name: IDE Value: AHWqTUncD6uE86zay9W4xcfgUf0idfDePnggyVewsMoEvFApPpZemlBcpFTd5pS5
.salvationarmytexas.org/	1969-12-31 23:59:59	Name: s_ppvl Value: %5B%5BB%5D%5D
.salvationarmytexas.org/	1969-12-31 23:59:59	Name: s_ppv Value: DONATE%253AUSS%257C178322%257CCampaign%2520Donate%2C64%2C64%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.salvationarmytexas.org/	1970-01-19 23:48:21	Name: s_ppn Value: DONATE%3AUSS%7C178322%7CCampaign%20Donate
.salvationarmytexas.org/	1970-01-19 23:48:21	Name: gpv_v9 Value: DONATE%3AUSS%7C178322%7CCampaign%20Donate
.salvationarmytexas.org/	1969-12-31 23:59:59	Name: s_ptc Value: %5B%5BB%5D%5D
.salvationarmytexas.org/	1969-12-31 23:59:59	Name: s_cc Value: true
.salvationarmytexas.org/	1970-01-20 01:57:55	Name: _rdt_uuid Value: 1640899977438.98876e86-0bf8-43d0-b490-206ded812eb5
.quantserve.com/	1970-01-20 01:57:55	Name: d Value: EOEBDAGKJbmvYAIjAeyahQ2e6bRu7JqegwGMKUjQ
.salvationarmytexas.org/	1970-01-20 09:12:48	Name: __qca Value: P0-623777433-1640899977444
.salvationarmytexas.org/	1970-01-20 04:07:31	Name: AAMC_thesalvationarmy_0 Value: REGION%7C6
.give.salvationarmytexas.org/	1970-01-20 00:31:31	Name: aam_uuid Value: 61942373548019733752449857941414847894
.salvationarmytexas.org/	1970-01-20 01:57:55	Name: _fbp Value: fb.1.1640899977537.1247952324
.yahoo.com/	1970-01-20 08:34:17	Name: A3 Value: d=AQABBIklzmECEEmQwZmNUO4Tf9z2Eef4KXM&S=AQAAAnJ14bO5GcNMEP4dpMWOp9M
m.stripe.com/	1970-01-20 17:19:31	Name: m Value: e7827fe7-a96b-4f48-a070-1c5909091c4c342669
.give.salvationarmytexas.org/	1970-01-20 08:33:55	Name: __stripe_mid Value: 79633e43-ab29-4939-8c5a-70d2f5f603076d74d4
.give.salvationarmytexas.org/	1970-01-19 23:48:21	Name: __stripe_sid Value: b943aa0c-f0c3-40d9-b1b9-21a3f458ea536defd1
.everesttech.net/	1969-12-31 23:59:59	Name: everest_session_v2 Value: Yc4liQAABcoH439v
.getrockerbox.com/	1970-01-20 00:31:31	Name: uuid Value: rbos-0919670a-6dea-41fa-ae38-29609f2d7c9d
.salvationarmytexas.org/	1970-01-20 08:33:55	Name: _clck Value: 6rohbg\|1\|exp\|0
.turn.com/	1970-01-20 04:07:31	Name: uid Value: 4452616395914293441
.salvationarmytexas.org/	1970-01-20 00:31:31	Name: rbuid Value: rbos-0919670a-6dea-41fa-ae38-29609f2d7c9d
.everesttech.net/	1970-01-20 00:32:58	Name: ev_sync_ax Value: 20211230
.adnxs.com/	1970-01-20 01:57:55	Name: uuid2 Value: 5121322707959834686
.salvationarmytexas.org/	1970-01-19 23:49:46	Name: _clsk Value: rk4dme\|1640899977935\|1\|1\|g.clarity.ms/collect
.casalemedia.com/	1970-01-20 08:33:55	Name: CMID Value: Yc4linml0UqqkKPUXpXUbAAA
.casalemedia.com/	1970-01-20 01:57:55	Name: CMPS Value: 5221
.casalemedia.com/	1970-01-20 01:57:55	Name: CMPRO Value: 1122
.casalemedia.com/	1970-01-20 08:33:55	Name: CMRUM3 Value: 5861ce258a2760Yc4liAAAAEiwoQP7
.casalemedia.com/	1970-01-19 23:49:46	Name: CMST Value: Yc4limHOJYoA
.adnxs.com/	1970-01-20 01:57:55	Name: anj Value: dTM7k!M4.FErk#WF']wIg2C$Ol?h6=!]tbC8i_jAez_UZ18%4rE@[R[:o+hv2G.m<3Knv9bvc[dNl$]kNy^dpQwj1-Mq<M=+iFvQYdoz9*eAjC!7i1ilEm6V
.pubmatic.com/	1970-01-20 01:57:55	Name: KRTBCOOKIE_218 Value: 4056-Yc4liAAAAEiwoQP7&KRTB&22978-Yc4liAAAAEiwoQP7&KRTB&23194-Yc4liAAAAEiwoQP7&KRTB&23209-Yc4liAAAAEiwoQP7
.pubmatic.com/	1970-01-20 00:31:31	Name: PugT Value: 1640899977
.pubmatic.com/	1970-01-20 01:57:55	Name: PUBMDCID Value: 3
.demdex.net/	1970-01-20 04:07:31	Name: dextp Value: 470-1-1640899977115\|1175-1-1640899977217\|3462-1-1640899977329\|30646-1-1640899977441\|49276-1-1640899977570\|144230-1-1640899977738\|144231-1-1640899977848\|144232-1-1640899977949\|144233-1-1640899978056\|144234-1-1640899978157\|144235-1-1640899978258\|144236-1-1640899978359\|144237-1-1640899978459
.spotxchange.com/	1970-01-20 08:33:59	Name: audience Value: 0ecb03f0-69b8-11ec-857e-14bc9e680106

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='".
deprecation	warning	URL: https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-b3a9fcb414bb0b31d8ba6001ba46aac9.js Message: The 'basic-card' payment method is deprecated and will be removed in M100, around March 2022. See https://www.chromestatus.com/features/5730051011117056 for more details.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

980170053.privacysandbox.googleadservices.com
alb.reddit.com
analytics.twitter.com
api.braintreegateway.com
assets.classy.org
b.videoamp.com
bam-cell.nr-data.net
bat.bing.com
bs.serving-sys.com
bttrack.com
c.bing.com
c.clarity.ms
cdn.bttrack.com
cdn.heapanalytics.com
cdn.plaid.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
code.jquery.com
connect.facebook.net
d.turn.com
dap-dist.akamaized.net
doublethedonation.com
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
g.clarity.ms
geolocation.onetrust.com
getrockerbox.com
give.salvationarmytexas.org
googleads.g.doubleclick.net
heapanalytics.com
htp.tokenex.com
ib.adnxs.com
image2.pubmatic.com
insight.adsrvr.org
js-agent.newrelic.com
js.braintreegateway.com
js.stripe.com
lasteventf-tm.everesttech.net
m.stripe.com
m.stripe.network
pay.classy.org
pay.google.com
pixel.everesttech.net
pixel.quantserve.com
pixel.rubiconproject.com
platform.twitter.com
play.google.com
prod-frs.content.classy.org
q.stripe.com
r.stripe.com
rtd-tm.everesttech.net
rules.quantcount.com
salarmy-ntx.org
salvationarmyusa.dap.akadns.net
secure-ds.serving-sys.com
secure.adnxs.com
secure.quantserve.com
sessions.bugsnag.com
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
syndication.twitter.com
t.co
thesalvationarmy.demdex.net
thesalvationarmy.sc.omtrdc.net
unpkg.com
us-u.openx.net
www.everestjs.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.redditstatic.com
www.youtube.com
104.244.42.195
104.244.42.197
104.244.42.200
104.94.241.182
13.224.96.111
13.224.96.119
13.224.96.54
13.224.96.91
13.36.218.177
142.250.186.162
142.250.186.34
142.250.186.66
15.197.193.217
151.101.129.140
151.101.194.49
151.101.2.137
162.247.243.146
172.67.177.215
18.193.171.118
185.64.189.110
185.94.180.125
192.132.33.46
199.232.136.157
2.16.186.35
2.18.234.21
2001:4de0:ac18::1:a:1a
212.82.100.182
23.96.109.67
2600:1901:0:7a0b::
2600:9000:2190:e200:6:44e3:f8c0:93a1
2600:9000:2190:fe00:19:7d10:bd80:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6814:b844
2606:4700::6810:5f41
2606:4700::6810:7eaf
2606:4700::6812:7115
2606:4700::6812:843c
2620:112:f006:bbbb::16
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2620:1ec:c11::200
2a00:1450:4001:803::200e
2a00:1450:4001:808::200a
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:831::200e
2a00:1450:400c:c08::9d
2a00:1450:400c:c0b::5c
2a02:26f0:6c00::210:ba10
2a02:26f0:6c00::210:ba63
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:400::396
3.221.239.181
34.211.243.235
34.255.232.227
34.98.64.218
35.156.167.229
37.252.172.36
37.252.173.215
52.142.114.2
52.143.247.24
52.182.214.99
52.204.77.146
52.54.23.204
54.154.165.122
54.187.159.182
54.194.185.111
69.16.175.42
69.173.144.165
75.126.104.244
013547decd823e37709d53e7f71d5f447a168e7750e1c1dfcad61bceab0c0974
018f6e2713173d50818d1fc9de53ad0478d86add88b87de6207f1c56712f8f35
01f43a3b49eff4e13aaf2812cb11f79bec5a2eaedd56b599e6248d9937c9aba5
04686da390f8eec3ccd75869fa71e22cad452cfcff6ffa31c979f599d64831d8
056a25fd3493379aba428c8c679b68a841060e54b9bab8c65361a573ba2305ae
058d6bb45f407a87de0e1aafd110a5e3422d7d35f6c8b33b4f43e577fd1e0281
0831ee48c74252fdd5eae0ece89c5bbad4889f36c5ceb1dddacbd1e08da7fcbd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0bfb91256f2cf5de0eb60ca3fd11c8f94d27958b0f6d95b483e67483931647aa
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0cad01826f96f6596a643bd398317fda3520fa4123069056b10e460426ef319e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12b2cf6a1b18d22607d58a89b74c4f9276b7aacca733871d9f3883cb3fc00a98
13f611e8acfb953e6bd212b453a9569b7fa9703659020ccc6c7312b2732493c9
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1a544948c37c00bcd158a239f83ac9ef3f957645e777a565658f1a56b64f1c99
20879a2c04ef933db4f7a4bcaf4c7d4badd769dbec38648490469d1f10e64cf1
2f57fab97c15bf3519176fcd494f12d36d24ca3d761a787a1e66a1058bc6b30f
3079c3611d92e526a45f17e00c8c32c288f5f44a5c808750f947e9931f286533
34d4b0d52609d6fe3b7a0b1ade615a14d99b59b85c35a078c7839e33695a893b
3cd2f326065eedd60b29e63d161978f2fa59968abc0d22c0e72ae0ae81ecd7a4
40a3be1a3422a8d3afc05bc4cf5b8a559ccc414022040153343dac7060335c0c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
4a8b42be2df7b31e11b442a965f4ee259ffac45e2643d39f47faedc219589fc5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b63d593c386cc5569a58eee7bd1782c8e5b70504d9119e8452d16f00743eb2e
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5071f1b82cf34198f13d9c727f4705d7a4daa61723adacfcd7123abcb4b3c4c7
53f1b855b8410cd0863b08b6c402042c595edd9a0e0b2198ed7b46c45a2d3a1e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56ec02398730c0f6b9c60827fee5d2e8db7d1bc708bce0e15e4ee401e792ec19
5e9b5af3fbf4708d26a0b848da3e5c065451bef0fb984d88544319c94dbcc89f
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
6534fd120d9fbe3d09a439533c9a8bdae6c6e55916d9d9ab8586332adb8a6bee
655fc56e3d81e573cdddfd666426b797ac6031526d792ab9f4622894f7fa9031
658d3728e3878a01e5a054d6ba34ca6c574e7320933b9b9d46ad370465b8cca7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b13e5a94e25dfd583992e8474389a43928e71d2e65cb89204efe679447cd108
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be052328228391cd496a48ae5fa93e991a6284fb6905cb425d1627fd1aab698
6d448e38f86b7d6e3c94564f8435891fe52875eca91dde519e9db40d290e2765
6f6ce0fec5ac5c31568e97c21205b5293270aaba7a5b11649a147b3b71cf6edb
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
769254457b771e41802cfbc21371888c7b2485ad5baddaacae3b25cd428e428a
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7eb91025829b2108cc4d406f5b86a01eb0442d60396b3a30a838cc98c62aad12
8002dace9aa6d2f5a60968e10897ec4b45e698b2851a22320a6cb5f7df42c67c
81d7b061a008b713a9a3f1b7b7900fcde977eeb9ccec8d17c615f2a0086ca65d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
858b5a61deecbd35dba88d0191ea81b53fa60ddc5c3afce0da0853fcec1c796c
8664390f269923cfc07cec5a2f94704ff85786a0ee80ebf564654041e822fd3d
86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27
89c510cebaefcff2ea9b12904b0e0be9657f047b339b36b1b0862d4fcf7237d6
8ca5b0e248255ce9e81e10a3970a2d627dc55a03f5807b04560281a17720b8e2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8df3554bf3a552f23abecd026e0928042dbdde79235cb09eb30b908ce279a7b5
8e22c684d8b031221db2f968b426fb0368db55bef2f43247c87657487aaa33b0
929b6ddafea02933ff93bd101abff6909e9371cbd7fc052025ec78357e6b4d15
955028a8c425cedda76a051d6127bcc38f94383ef7d8f3b26574ed2e631d392c
95606fd79e5ed034243c781bbfdacc97d7fbc04174981a4a45cd4ad63008afed
97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46
987371454c1ad11929a412bd48f8ca28d2a951425e60023e9b1031575980ac9c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9dc9f15be9644fe661ed74493a4de393418024500fe78cf633bac0a86f29a745
9f14c1e23de364b2b7e9b00404e084b6b04be77a993f5f354b3cab0e585ee00a
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
9f6aefc546bc055437c70d219882f74aebc45297cb9e90ba462f2726e5e60825
9f9856a3de4b4645d93b0b361242ec5f29b8052a6eb1b75bb11032f62e237b9c
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e89bdf0c5c96e3dec1fe48020675ac94588833f2f846b218be0cd940399d99
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
a2f7ce78d07ff49132deb4fdd5b024e3a9bf9645215e0df7cc03dce96de79349
a6e9e1722cffa254dc5061e3d89fc40a4faec0cd7d44819923657d498e8df822
a7b2e960f7628e2b6d292e1e5e51cedf3243dab1c9d7cafb9897ba05c8185ce4
a7c703739fb97507e8e7ad6c5052cccba73e57f374fd65cb7fa7d58b6be79b93
aabde97e35c9b8428904152a68b7b7af57eb1bf960472f2fd0a2ef9f56259aeb
abb45ae4b3a896ae99132c1786a9676218c119ea552d3fbb5ab6d40d9e05e43c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adf4afee15d307888f52c5c1b8649ba2ef593e9a04e1400b63f80774c0d20176
ae3d8508c28bb1a26931abf0b66770f3c7a45b736a8928e1a051ed1236796ade
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b05bc405a4294a1d778025a79275c288477dda7cf50f679c9b621925b0dad5a4
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad
b4c78098df84a81f82667de4cca7fb0c6e27ac7956be2cd537658ae9ce37f027
b7ece9068415c2d36c2f92110cd5b68d33c78ef3c20daf436ebf8321357d15aa
b9d4ac8d89475a3bad4012b0d3768fdb6f2542beeddf3f7a569b9b2791371228
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb7b01186b504d95cdf94c25112f03ff3c412ccea15a8374e333b99e51a383b8
bb8e0c31830c9c1376805a44608d4f1c29eeb589c9e1ce32c117f17c0b89c1ea
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
c00d6640ab679b65955cadca59c8424bbe5da2fd592c16234160eea11ae7f39b
c11896d8199be8c6cf706a04f0319096bc3cd393c2b9daad6627c03455c0f32c
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49
c7ca4fdc744278dca4f10f103e639def71c36a757c20ce7db24f7405408319ba
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d25f83d0f7902281216e314e4c888ce0ee752f5fe59a16fcaacbac13744e5015
d2c02fcc31f8a45db99e522307414cbed3c81c88287dd1b953abb3f6795afd04
d52001fc076a64ba1009efd891be4999161fe0bac0ae2e73f201353dc2bb3a31
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d7dedbe3f7c471c182fc6fe56914988b29be598193ad9ce2f1e4edd9c506d952
d8a148e1b9d6521e624ac4a4019a30a1095aaa74e0d45b419d858d6db4ca06f3
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db35d9942ff3fe390acc214cea81723f9c880cdd53788be8a16d6b3e0aab3965
ddc654f4476e968fb501249f1c3156024f9d8ccb528bc2936de119bfa4beeee6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e176dddc73ab5ceebd4520f8381d9486e29cacef98a2e3d5d44000b7027f7978
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e469ec481eff7f4a53c6caf3866bb67ffa2ab57f66f646ec9a93972f7001dbb8
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e74db74e73475f4c9135e2f849e08d4e91468dba75103532c38455ef83d55c92
e814c55e20f25a0979856e6a6fbecf5bf35fd425ec2e4e15ed217edda75c89f8
ebfe453394ff1be6ef75d380ab7c5535aea0b51832d045f0d5d0ef7e6535969c
ecb1e4593e72c3d2ae1f92066a14f086ced378dad2abe1dd55be7b1f0d21e8a5
ed0b0074242c433985117b90a741b484bb7ba9924f4f48319c9970bd8fbd74ef
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
ee0a9c05670b10b0bb3b2bf17fc7826884a3e8ac95980eb24f4a20640a139183
ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb1bb3e45585ec07348a26d163e52204bd26b3069c94af87082ad4bb7471ddc
f2d9f427387d66c1e47f6fc9338e3877a8493526fbcf277cdb7f3e55d77cd85a
f44a97478cf822c45505352a029fffc8d4fedcb4e8564b73c92559f460cb2dc7
f5b3f1b9deff0b138c2506741a71c40f93ac85a02d45f017eac6fb92b3ff5b50
fa521ac1f42dfd255ce58c82990f9e78aff6bbaecb4df58d5952753c5ce9b03c
fb92a1ef1cf264bb8eea72c2931c0792c88263258e00e86de118bdd5f1aae997
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

give.salvationarmytexas.org Open in urlscan Pro 2606:4700::6812:7115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

285 Requests

94 %HTTPS

40 %IPv6

56 Domains

82 Subdomains

71 IPs

7 Countries

4957 kBTransfer

14364 kBSize

76 Cookies

7 Outgoing links

Page URL History

Redirected requests

285 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

give.salvationarmytexas.org Open in urlscan Pro
2606:4700::6812:7115 Public Scan

Screenshot
Live screenshot

Full Image

285
Requests

94 %
HTTPS

40 %
IPv6

56
Domains

82
Subdomains

71
IPs

7
Countries

4957 kB
Transfer

14364 kB
Size

76
Cookies

285 HTTP transactions
0 data transactions