give.salvationarmyalm.org Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://meridianemptystocking.org/
Effective URL:
https://give.salvationarmyalm.org/campaign/the-salvation-army-meridian-online-kettle/c497809
Submission: On July 31 via automatic, source certstream-suspicious (July 31st 2024, 1:42:04 am UTC) — Scanned from DE

Summary HTTP 50 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 14 domains to perform 50 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is give.salvationarmyalm.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 7th 2024. Valid for: 10 months.

This is the only time give.salvationarmyalm.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::ac43:b0df	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 15	2606:4700::68... 2606:4700::6812:c55f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
4	2606:4700:310... 2606:4700:3108::ac42:2b3c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.143.247.24 52.143.247.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6811:f6cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.214.61 52.222.214.61	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
1	52.222.214.25 52.222.214.25	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
50	16

1 2606:4700:3037::ac43:b0df (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

meridianemptystocking.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700::6812:c55f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prod-frs.content.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

give.salvationarmyalm.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

files.doublethedonation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3108::ac42:2b3c (United States)

ASN13335 (CLOUDFLARENET, US)

transcend-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.143.247.24 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

htp.tokenex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f6cb (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-61.fra56.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-25.fra56.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	classy.org 1 redirects www.classy.org — Cisco Umbrella Rank: 244190 prod-frs.content.classy.org — Cisco Umbrella Rank: 97200 assets.classy.org — Cisco Umbrella Rank: 118621	2 MB
10	salvationarmyalm.org give.salvationarmyalm.org	63 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	274 KB
4	transcend-cdn.com transcend-cdn.com — Cisco Umbrella Rank: 10026	146 KB
3	doublethedonation.com files.doublethedonation.com — Cisco Umbrella Rank: 138169	138 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 84	13 KB
2	google.com www.google.com — Cisco Umbrella Rank: 10	1 KB
2	stripe.com js.stripe.com — Cisco Umbrella Rank: 2856	155 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1211	31 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 1314	4 KB
1	tokenex.com htp.tokenex.com — Cisco Umbrella Rank: 55529	5 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1223	7 KB
1	meridianemptystocking.org 1 redirects meridianemptystocking.org	547 B
50	14

	Domain	Requested by
10	give.salvationarmyalm.org	give.salvationarmyalm.org transcend-cdn.com
7	fonts.gstatic.com	fonts.googleapis.com
7	assets.classy.org
7	prod-frs.content.classy.org	give.salvationarmyalm.org transcend-cdn.com prod-frs.content.classy.org
4	transcend-cdn.com	give.salvationarmyalm.org transcend-cdn.com
3	files.doublethedonation.com	give.salvationarmyalm.org files.doublethedonation.com transcend-cdn.com
2	www.youtube.com	transcend-cdn.com
2	www.google.com	transcend-cdn.com
2	js.stripe.com	transcend-cdn.com
1	www.gstatic.com	transcend-cdn.com
1	fonts.googleapis.com	transcend-cdn.com
1	code.jquery.com	transcend-cdn.com
1	unpkg.com	transcend-cdn.com
1	htp.tokenex.com	transcend-cdn.com
1	static.cloudflareinsights.com	give.salvationarmyalm.org
1	www.classy.org	1 redirects
1	meridianemptystocking.org	1 redirects
50	17

This site contains links to these domains. Also see Links.

Domain
www.classy.org

Subject Issuer	Validity	Valid
give.salvationarmyalm.org Cloudflare Inc ECC CA-3	`2024-03-07` - `2024-12-31`	10 months	crt.sh
classy.org Cloudflare Inc ECC CA-3	`2024-03-03` - `2024-12-31`	10 months	crt.sh
snie5b5gl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-17` - `2025-04-17`	a year	crt.sh
transcend-cdn.com WE1	`2024-07-16` - `2024-10-14`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
api.tokenex.com Go Daddy Secure Certificate Authority - G2	`2024-01-08` - `2024-12-14`	a year	crt.sh
unpkg.com WE1	`2024-07-28` - `2024-10-26`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-07-23` - `2024-10-24`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://give.salvationarmyalm.org/campaign/the-salvation-army-meridian-online-kettle/c497809
Frame ID: E0BEF7AEA8EA68A9724C8E4B5AAAF10A
Requests: 50 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: BF201962A593B76DBC8FC2EE2A2FE33D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcwtHkpAAAAABHUXtvKCZQ645083zUdeimy8NlP&co=aHR0cHM6Ly9naXZlLnNhbHZhdGlvbmFybXlhbG0ub3JnOjQ0Mw..&hl=de&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&size=invisible&cb=rj6lnm5eccl5
Frame ID: F83876F1785A09A6CEFBFCBABA6A1AC2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Salvation Army Meridian Online Kettle - Campaign

Page URL History Show full URLs

https://meridianemptystocking.org/ HTTP 301
https://www.classy.org/campaign/the-salvation-army-meridian-online-kettle/c497809 HTTP 302
https://give.salvationarmyalm.org/campaign/the-salvation-army-meridian-online-kettle/c497809 Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

100 %
HTTPS

81 %
IPv6

14
Domains

17
Subdomains

16
IPs

2
Countries

2973 kB
Transfer

8856 kB
Size

15
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.classy.org/terms/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/
Title: Terms of Use

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://meridianemptystocking.org/ HTTP 301
https://www.classy.org/campaign/the-salvation-army-meridian-online-kettle/c497809 HTTP 302
https://give.salvationarmyalm.org/campaign/the-salvation-army-meridian-online-kettle/c497809 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request c497809 Show response
give.salvationarmyalm.org/campaign/the-salvation-army-meridian-online-kettle/
Redirect Chain

https://meridianemptystocking.org/
https://www.classy.org/campaign/the-salvation-army-meridian-online-kettle/c497809
https://give.salvationarmyalm.org/campaign/the-salvation-army-meridian-online-kettle/c497809

199 KB
40 KB

1021ms
913ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmyalm.org/campaign/the-salvation-army-meridian-online-kettle/c497809

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88e1adb2e8e32354415362df007b778b691f6dc9c496a60fe6a996af0096c361

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 8ab9e387185b9f4c-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 31 Jul 2024 01:41:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IDPSaLkGCmWDsGa56%2FBq7gjGvf5ig1FHDm5zAKlTxgWRFwKlCDZ4bdknkawN8udnJHZJNnO85F1wgjkw1Hxt0xgS7o9B%2B%2BHvvTkBHidZalebqIUyExKCuWJ9Alk8Juv330D7cEz0J3oWoDYISFq4cxNYu7UlbbmL"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 8ab9e37d18f437d1-FRA
content-type: text/html; charset=utf-8
date: Wed, 31 Jul 2024 01:41:54 GMT
location: https://give.salvationarmyalm.org/campaign/the-salvation-army-meridian-online-kettle/c497809
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept, Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 main.css
prod-frs.content.classy.org/prod/d4baf0c7eb55d11091f6206be6d59cd712148513/static/frs/ 1 MB
147 KB 122ms
54ms Stylesheet
text/css 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/d4baf0c7eb55d11091f6206be6d59cd712148513/static/frs/main.css

Requested by

Host: give.salvationarmyalm.org
URL: https://give.salvationarmyalm.org/campaign/the-salvation-army-meridian-online-kettle/c497809

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc3b9802300980c5512d466ec6beb2ce4f85792bac38475bf83fd58206c8ea8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.salvationarmyalm.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 01:41:55 GMT
via: 1.1 577d8c1d3279d6a0f53cebe01ead8c6e.cloudfront.net (CloudFront)
content-encoding: br
x-amz-version-id: tNFsERTTlKCr032pLOYTqrPP.lOkxB2J
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P10
age: 6257
cf-polished: origSize=1160310
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cf-bgj: minify
last-modified: Tue, 23 Jul 2024 23:45:47 GMT
server: cloudflare
etag: W/"fb20139040984228da93e48da86508d6"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 8ab9e38dde1d9b80-FRA
x-amz-cf-id: a_ZVuuM6269RZmqv866osXhKik3vv2awEmCC2RbMl9E3gE-DH1WX2g==

GET
H2 200 ddplugin.css
files.doublethedonation.com/app/ 141 KB
17 KB 232ms
24ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/app/ddplugin.css
Requested by: Host: give.salvationarmyalm.org
URL: https://give.salvationarmyalm.org/campaign/the-salvation-army-meridian-online-kettle/c497809
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CF6) /
Resource Hash: 60891a54df49aac87f56b67ebcd37582eae4b01e7b20b35b5b141a5ddd7e66c5

Request headers

Referer: https://give.salvationarmyalm.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 31 Jul 2024 01:41:55 GMT
content-encoding: gzip
content-md5: ZRi6wreqb8lyrsIdYQAn/Q==
age: 2542
x-cache: HIT
content-length: 16794
x-ms-lease-status: unlocked
last-modified: Mon, 29 Jul 2024 23:53:50 GMT
server: ECAcc (frc/4CF6)
etag: 0x8DCB029B1D34C31
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
x-ms-request-id: d176f99c-001e-0018-1ce4-e29a60000000
cache-control: public, max-age=3600;
x-ms-version: 2009-09-19
expires: Wed, 31 Jul 2024 02:41:55 GMT

GET
H3 200 airgap.js Show response
transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ 151 KB
52 KB 97ms
40ms Script
text/javascript 2606:4700:3108::ac42:2b3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Requested by

Host: give.salvationarmyalm.org
URL: https://give.salvationarmyalm.org/campaign/the-salvation-army-meridian-online-kettle/c497809

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b3c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d83d76a4815b4df9e90eddd40e37d3dcf3b459fc0f0c1b899803bf952597f819

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.salvationarmyalm.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 01:41:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 82830
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"97a0219ec2cdb5900b7a0396c0410742"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-max-age: 86400
cf-ray: 8ab9e38dc9ae1951-FRA
timing-allow-origin: *
expires: Wed, 31 Jul 2024 01:42:55 GMT

GET
H2 200 rocket-loader.min.js Show response
give.salvationarmyalm.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 26ms
25ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmyalm.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: give.salvationarmyalm.org
URL: https://give.salvationarmyalm.org/campaign/the-salvation-army-meridian-online-kettle/c497809

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://give.salvationarmyalm.org/campaign/the-salvation-army-meridian-online-kettle/c497809
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 01:41:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2024 16:35:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"669fdbbe-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xbUX6WZ6H2LGSpl7uelyNbO4p0IOmiCv4pNVjiI0BjHFXUc3D6SI3aQYFHkUsdg36ZBIQazJ4SWlZxNCZFdVxutozOzCmblnZ0PWDAVnKvCYuSwgU8K9B%2BBMVQU09NXnC2DZtEHcHIxkOAj0DyVJOATaMEktNW5C"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8ab9e38e7d679f4c-FRA
expires: Fri, 02 Aug 2024 01:41:55 GMT

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 126ms
57ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: give.salvationarmyalm.org
URL: https://give.salvationarmyalm.org/campaign/the-salvation-army-meridian-online-kettle/c497809
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer: https://give.salvationarmyalm.org/
Origin: https://give.salvationarmyalm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 01:41:55 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8ab9e38f193f4d22-FRA

GET
H2 404 fontello.css
files.doublethedonation.com/fontello/css/ 0
0 117ms
116ms Stylesheet
application/xml 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/fontello/css/fontello.css
Requested by: Host: files.doublethedonation.com
URL: https://files.doublethedonation.com/app/ddplugin.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Blob Service Version 1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer: https://files.doublethedonation.com/app/ddplugin.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-type: application/xml
x-ms-request-id: 3bb18526-701e-0002-01ea-e2fbbf000000
date: Wed, 31 Jul 2024 01:41:55 GMT
cache-control: max-age=3600
server: Blob Service Version 1.0 Microsoft-HTTPAPI/2.0
content-length: 223
expires: Wed, 31 Jul 2024 02:41:55 GMT

GET
H3 200 ui.js Show response
transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ 315 KB
87 KB 281ms
255ms Script
text/javascript 2606:4700:3108::ac42:2b3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ui.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b3c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

532173ebc9f5c9d64e69fb5acc20de586e0a4a61aad62ea24a09842d61a3710a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.salvationarmyalm.org/
Origin: https://give.salvationarmyalm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 01:41:56 GMT
content-encoding: br
x-content-type-options: nosniff
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"f9c1072c58b0df6e8e2da4b13677b262"
expect-ct: max-age=86400, enforce
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
timing-allow-origin: *
cf-ray: 8ab9e38fec2a5d97-FRA

GET
H2 200 iframe-v3.min.js Show response
htp.tokenex.com/iframe/ 19 KB
5 KB 620ms
148ms Script
application/javascript 52.143.247.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://htp.tokenex.com/iframe/iframe-v3.min.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0e562cfda9a2c721f7565dc3c81b675733cac3443c6d9763392bf9905aa5fe7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.salvationarmyalm.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 31 Jul 2024 01:41:55 GMT
last-modified: Thu, 25 Jul 2024 18:34:42 GMT
etag: "08d6950c1deda1:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4931
x-xss-protection: 1; mode=block

GET
H2 200 paypal-js.legacy.min.js Show response
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ 7 KB
4 KB 95ms
36ms Script
application/javascript 2606:4700::6811:f6cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.salvationarmyalm.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 01:41:55 GMT
content-encoding: gzip
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 12037299
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HRWFHN4GMEYW9TJJZK68Y40Z-fra
server: cloudflare
etag: "1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8ab9e3904f019be0-FRA

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/d4baf0c7eb55d11091f6206be6d59cd712148513/static/frs/ 126 KB
37 KB 62ms
60ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/d4baf0c7eb55d11091f6206be6d59cd712148513/static/frs/libs.min.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77f177f73099e6933b404f3a37207c780375850ae31b9880941973a25f24bf1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.salvationarmyalm.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 01:41:55 GMT
content-encoding: gzip
via: 1.1 bafbf16eb63b1b2d01d7de86535488ec.cloudfront.net (CloudFront)
x-amz-version-id: 91k2trcHg1BgyJtJTq0UWM2w1YAr7zi0
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: VIE50-P2
age: 6220
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 23 Jul 2024 23:45:47 GMT
server: cloudflare
etag: W/"a8012f9f7570a61f693cb21e5daafdfa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 8ab9e38fef099b80-FRA
x-amz-cf-id: uxDhG5C5PF8W7sQ2mvWSqVyJz8aYa1nqE6HbyvxnQbY3v5IN8QbKOQ==

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/d4baf0c7eb55d11091f6206be6d59cd712148513/static/frs/ 341 KB
69 KB 43ms
42ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/d4baf0c7eb55d11091f6206be6d59cd712148513/static/frs/module.min.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec77ae83f7de3783de442576612676963c6a468a1c9e3d3a974203db6a42f366

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.salvationarmyalm.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 01:41:55 GMT
content-encoding: gzip
via: 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront)
x-amz-version-id: bLVFjgVEBtInObvnW.cmRryLn.XBsWOw
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P10
age: 6220
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 23 Jul 2024 23:45:47 GMT
server: cloudflare
etag: W/"397b3a125dfde093f794e39ccca275eb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 8ab9e38fef0a9b80-FRA
x-amz-cf-id: dnQr5M6lE4nZtAm01zEvHB6j5dXSezu6pzvK4VQhFz0TmjDltQkcXw==

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/d4baf0c7eb55d11091f6206be6d59cd712148513/static/global/ 2 MB
418 KB 38ms
37ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/d4baf0c7eb55d11091f6206be6d59cd712148513/static/global/module.min.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e93bd1a6f2cf12f0a4925f60f0d5b8ee48ef2a8c14932c4a03a5827af28fccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.salvationarmyalm.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 01:41:55 GMT
content-encoding: gzip
via: 1.1 5745df1556226d8fd37c4e294e779bda.cloudfront.net (CloudFront)
x-amz-version-id: GfkM9VFDh_C8K4WRd2ie49N.YB.GnpE.
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: VIE50-P2
age: 6262
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 23 Jul 2024 23:45:47 GMT
server: cloudflare
etag: W/"dba6db0c928071c4102af2b10e01ef80"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 8ab9e38fef0b9b80-FRA
x-amz-cf-id: g-tymDFM4UY6jvH5GyGs8q-sAL4iamhm-jcBnT77nOV8C1L0G03Nag==

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/d4baf0c7eb55d11091f6206be6d59cd712148513/static/global/ 1 MB
425 KB 43ms
42ms Script
application/javascript 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/d4baf0c7eb55d11091f6206be6d59cd712148513/static/global/libs.min.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e87327f6273792deacbf13ba7062a87d4be4ceeda531b3a953554e8e1139b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.salvationarmyalm.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 01:41:55 GMT
content-encoding: gzip
via: 1.1 004e894746bfb0d8f9e19ef0400dda24.cloudfront.net (CloudFront)
x-amz-version-id: 0Qew3gWEOL3f3sc45b3FDcrh44yGcTh8
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P10
age: 6263
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 23 Jul 2024 23:45:47 GMT
server: cloudflare
etag: W/"28bc0ee9cbe8a385be878572ed34a82d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 8ab9e38fef0c9b80-FRA
x-amz-cf-id: sbfCxNvMFLJ8suvScKRwkoDLWr5l4f4tobyOVyn5q815EFvDDQiw2A==

GET
DATA 200
OK truncated Show response
/ 0
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 / Show response
js.stripe.com/v3/ 633 KB
155 KB 120ms
29ms Script
text/javascript 52.222.214.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-61.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

58dc93b248d6fa83469e9f883475175f5167ded4cf2d4d2e2001a3c3681de2ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.salvationarmyalm.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 01:41:33 GMT
content-encoding: br
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 23
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 30 Jul 2024 22:52:50 GMT
server: Cloudfront
etag: W/"4af8a7f7ea0d52111cd824082334fdd1"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: GjCY874_U0JCIZgwK_39-tdRX1Vw__VH76s-4fg8yZ0P8tIue2Uc9Q==

GET
H2 200 ddplugin.js Show response
files.doublethedonation.com/app/ 471 KB
121 KB 24ms
23ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/app/ddplugin.js
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C94) /
Resource Hash: 6ce49514b9d4e842b63f7b0f03fcbd74113bb99b67fe5c771c4bbd4e3b17a148

Request headers

Referer: https://give.salvationarmyalm.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 31 Jul 2024 01:41:55 GMT
content-encoding: gzip
content-md5: 2FEoSvjd2t4OfxhMEjinKA==
age: 961
x-cache: HIT
content-length: 124067
x-ms-lease-status: unlocked
last-modified: Mon, 29 Jul 2024 23:53:50 GMT
server: ECAcc (frc/4C94)
etag: 0x8DCB029B1DD5CE2
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-ms-request-id: a7d8a0ba-801e-0080-5ce8-e2ba01000000
cache-control: public, max-age=3600;
x-ms-version: 2009-09-19
expires: Wed, 31 Jul 2024 02:41:55 GMT

GET
H3 200 cm.css
transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ 18 KB
4 KB 41ms
40ms Stylesheet
text/css 2606:4700:3108::ac42:2b3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/cm.css

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b3c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6d9c998d282b72839626d04f7ec860468718f9a52eb3b8ccf875880850f06d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.salvationarmyalm.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 01:41:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 45869
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"4653efb6fdcd020c835d33f39c067885"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=60
access-control-max-age: 86400
cf-ray: 8ab9e3924c891951-FRA
timing-allow-origin: *
expires: Wed, 31 Jul 2024 01:42:56 GMT

GET
H3 200 en.json Show response
transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/ 9 KB
2 KB 233ms
232ms Fetch
application/json 2606:4700:3108::ac42:2b3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/en.json

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b3c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87e983de6f1538e9755ec8aac56df1106c437766e28a5ff93058d4da9c175888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.salvationarmyalm.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 01:41:56 GMT
content-encoding: br
x-content-type-options: nosniff
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
etag: W/"44ec9032b44c3e0822329462247b0f2c"
expect-ct: max-age=86400, enforce
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
timing-allow-origin: *
cf-ray: 8ab9e3924ce45d97-FRA

GET
H2 200 favicon.ico
give.salvationarmyalm.org/ 1 KB
840 B 469ms
469ms Other
image/x-icon 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmyalm.org/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4927189087d2b4fbdf2077302bd45f8c0124b20b7f71e7c35ca7999614bd6ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Request headers

Referer: https://give.salvationarmyalm.org/campaign/the-salvation-army-meridian-online-kettle/c497809
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 01:41:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 24 Jul 2024 00:00:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
server: cloudflare
etag: W/"47e-190e209de80"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/x-icon
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kadbcfbw6jIIUKobKqfTwN5sy6IwLEpDSUQAsmiGycq9GdI5VYe9%2BUjgA2%2B3IvG04InkEk49ZlxyOdQnkNk6C0LM6cMiwiUziBv6XGJw4etCHWZ2fUdHd9bOEvJyo09C%2ByIi0FBrxG4d9Y7wyPPMXJvA6E%2FEb3uZ"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 8ab9e393687f9f4c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 sdk.js Show response
give.salvationarmyalm.org/sso/ 13 KB
4 KB 31ms
29ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmyalm.org/sso/sdk.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d39925ef67eade1d934c80d29003d06f87846f08713e6645be61cf7a7c0d3008

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.salvationarmyalm.org/campaign/the-salvation-army-meridian-online-kettle/c497809
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 01:41:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 976
cf-polished: origSize=27028
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 31 Jul 2024 01:24:54 GMT
cf-bgj: minify
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BPKLDS5w1MTeLQCCUixT90IIIx2Uf8znkXC6RkpZRH1JtOzyecQ2E746JCKgL6FfgWQ9nlk%2Fxx5ELP1Sr0Gb2C7s%2FRn8vIaqK2as1oCHt5UWhAYgbjDCdVn%2FLXYc9uYmqTcXmrs1LITNqZcqr%2FEDRHOsJCwWU5d%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8ab9e393988f9f4c-FRA
expires: Wed, 31 Jul 2024 01:44:54 GMT

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ 88 KB
31 KB 137ms
28ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer: https://give.salvationarmyalm.org/
Origin: https://give.salvationarmyalm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 01:41:56 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2473892
x-cache: HIT, HIT
content-length: 30957
x-served-by: cache-lga13629-LGA, cache-fra-etou8220130-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1722390117.550792,VS0,VE0
etag: W/"28feccc0-15e40"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 2, 11260

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame BF20 0
0 73ms
24ms Document
text/html 52.222.214.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-25.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.salvationarmyalm.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 834
alt-svc: h3=":443"; ma=86400
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 31 Jul 2024 01:28:04 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 26 Jul 2024 20:06:53 GMT
origin-agent-cluster: ?1
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
x-amz-cf-id: e4_JO4B6CIaYco-FWE3rNnQ6q26bVWhvT2QwEMlTNGkBBTKx1ExBLw==
x-amz-cf-pop: FRA56-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 2 KB
1 KB 103ms
36ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LcwtHkpAAAAABHUXtvKCZQ645083zUdeimy8NlP

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

353d9fcb741d603278fcc6a6a11c29ac1d78dbf4f5110c2e142d0be15b7992e3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.salvationarmyalm.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 01:41:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 31 Jul 2024 01:41:56 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 121ms
43ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0a1e7c0eaf59d6f3eba201c7ce0f90706c13840b2b121c7d6f15fd48b8f2ebdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://give.salvationarmyalm.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 01:41:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 31 Jul 2024 01:41:56 GMT

GET
H2 200 initial-feed Show response
give.salvationarmyalm.org/frs-api/campaigns/497809/ 2 KB
1 KB 584ms
583ms XHR
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmyalm.org/frs-api/campaigns/497809/initial-feed?with=member,linkable&per_page=5&sort=linkable_effective_at:desc,linkable_id:desc&campaignId=497809

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fa32d1863bf72cb4e7be98ffc3934cbaf04f98237674b9f2ea62a5250cecbd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: 9H8lJYGD-N7kpWOoIP79IovjYiwM4YoHN0Uw
tracestate: 423787@nr=0-1-423787-363751183-897937b36dd034d8----1722390116792
traceparent: 00-bddb163a51a9cdf200be4b169eb2df63-897937b36dd034d8-01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI4OTc5MzdiMzZkZDAzNGQ4IiwidHIiOiJiZGRiMTYzYTUxYTljZGYyMDBiZTRiMTY5ZWIyZGY2MyIsInRpIjoxNzIyMzkwMTE2NzkyfX0=
Accept: application/json, text/plain, */*
csrf-token: 9H8lJYGD-N7kpWOoIP79IovjYiwM4YoHN0Uw
Referer: https://give.salvationarmyalm.org/campaign/the-salvation-army-meridian-online-kettle/c497809

Response headers

date: Wed, 31 Jul 2024 01:41:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"985-6fEXK9l9XD6J5EHozCqLpfDIXQI"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iMOJubmEgKXtaMTgQNK7Za2ZCTpLlvN1%2BL99DDc9SR5UkkByAh4YC3ckMkwBFhVhZrHRbYYwRiuz9QwYdbdWTyZp5KvF4BOf7cbLp13y8d97IAQxx8H%2BF%2B6sZnZwUnpMFgzUPbiAAfd8botUXzH9SI13OoJwtgYq"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8ab9e39609b79f4c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 user-icon.png
give.salvationarmyalm.org/static/global/images/ 2 KB
2 KB 82ms
80ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.salvationarmyalm.org/static/global/images/user-icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.salvationarmyalm.org/campaign/the-salvation-army-meridian-online-kettle/c497809
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 01:41:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=4588
content-disposition: inline; filename="user-icon.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2024
last-modified: Fri, 14 Jun 2024 23:32:00 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "666cd2f0-11ec"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m%2BatUxPbvNI8Ll4KCo%2B7ukgoOj8ZWWJMN9IeGj7A52%2BDNKajyY8GM5%2FrlipBKBBbHzERExFZEns9KY9jIyOA%2FnBco3YGg5j8UdbLJrEaLIZ%2FIJ3XhmTCQAIau0RA9CJfbbIg8GeM34Bttvq7fV0N0iEG3Jbx9pnv"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8ab9e39619c39f4c-FRA
expires: Wed, 02 Jul 2025 23:54:33 GMT

GET
H2 200 79f4a74e-12f1-11eb-8c87-0afa8c0fef11.png
assets.classy.org/6692515/ 5 KB
5 KB 60ms
51ms Image
image/webp 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/6692515/79f4a74e-12f1-11eb-8c87-0afa8c0fef11.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e41aba35d6bd03eff2ce570ef823ce1f65b227129e9bf12349805e96a180163

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.salvationarmyalm.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 01:41:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ea7cd71b17e29a29176686830f1a76c4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: iY3N0L6wFKvb8a9SFBXkQKhyMeXXX6AF
age: 102874
x-amz-cf-pop: FRA56-P12
cf-polished: origFmt=png, origSize=10635
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="79f4a74e-12f1-11eb-8c87-0afa8c0fef11.webp"
content-length: 4668
last-modified: Tue, 20 Oct 2020 16:29:52 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "c99df30a8e69f6b96f4b6f1b3f7341bd"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 8ab9e3962aa89b80-FRA
x-amz-cf-id: tV1ConhqhvJjHPL3r0UPslh7_BOuPR-SzaokVkGdnR0_QaMvTr1ctg==

GET
H2 200 37e61a4a-6848-11ee-9888-0a4794d2ace7.png
assets.classy.org/10110876/ 601 KB
602 KB 72ms
63ms Image
image/webp 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/10110876/37e61a4a-6848-11ee-9888-0a4794d2ace7.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52d82ee3f63036d976281b7a0904d1d6926c0959c3d8601ec25fc5e59bcfbdc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.salvationarmyalm.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 01:41:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b9b04d42286133992b582a519d8da04e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: ThWOoytufQZBxwU12QPNwRsId3S6EOB2
age: 102874
x-amz-cf-pop: FRA56-P12
cf-polished: origFmt=png, origSize=1331175
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="37e61a4a-6848-11ee-9888-0a4794d2ace7.webp"
content-length: 615236
last-modified: Wed, 11 Oct 2023 15:09:50 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "72dbe335e35d3e10ddffef9196d46672"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 8ab9e3962aad9b80-FRA
x-amz-cf-id: yMNJr_2jjSjXjJtXbmT6nXG1abiceflm4CX5vMYVq3KhYunbEfsduA==

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 63fd0620-6848-11ee-9e1d-0a11a7de761b.jpg
assets.classy.org/10110876/ 211 KB
212 KB 62ms
54ms Image
image/webp 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/10110876/63fd0620-6848-11ee-9e1d-0a11a7de761b.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c3d40afd4827f6e54f772c0faee97b0d6f38393b3ed80571ac2e1004c9aa71d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.salvationarmyalm.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 01:41:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 43be4ee3b8e339e1d27addbbdc49a4d4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: 6110mL79VQfdYM99iN8xmAhdwzQx4tXI
age: 102874
x-amz-cf-pop: FRA56-P12
cf-polished: qual=85, origFmt=jpeg, origSize=239798
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="63fd0620-6848-11ee-9e1d-0a11a7de761b.webp"
content-length: 216220
last-modified: Wed, 11 Oct 2023 15:11:03 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "0ba2fee27c8e141f0db1e96743e340c3"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 8ab9e3962aa99b80-FRA
x-amz-cf-id: IAQNjPPL1PL6SDUV9ed20ltkZRRSLIcnidrFO7Ekpsj8Bv9KLJabdw==

GET
H2 200 7ed48df4-67aa-11ee-95f3-0e3c0e33691f.jpg
assets.classy.org/10110876/ 40 KB
41 KB 73ms
66ms Image
image/webp 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/10110876/7ed48df4-67aa-11ee-95f3-0e3c0e33691f.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5df4e63befc6c999e410b2fe754185fb8c6dab2e78541d8e66861476cfdf0049

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.salvationarmyalm.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 01:41:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b4c8f37704271e217979234a38712c42.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-version-id: UlfRR1UkYgYw699iGY55U3nIdEVjDM6P
x-amz-cf-pop: FRA56-P12
cf-polished: qual=85, origFmt=jpeg, origSize=165977
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="7ed48df4-67aa-11ee-95f3-0e3c0e33691f.webp"
content-length: 41384
last-modified: Tue, 10 Oct 2023 20:20:47 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "caf8699a771abd00b05dae4d911f967b"
vary: Accept, Accept-Encoding
content-type: image/webp
accept-ranges: bytes
cf-ray: 8ab9e3962aaa9b80-FRA
x-amz-cf-id: dnwU5ccR2aNDBVnXNhQ15gLL1sf42AUK-eMAmUZAq6gGrwUTD8Z8cw==

GET
H2 200 8e23b64a-67aa-11ee-8756-0ac3bfa08715.jpg
assets.classy.org/10110876/ 22 KB
22 KB 69ms
63ms Image
image/webp 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/10110876/8e23b64a-67aa-11ee-8756-0ac3bfa08715.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

568919f10ad62a7b6811efe003e7c54cde3209073cb501c2330fe0a0a31a21fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.salvationarmyalm.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 01:41:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0140ca34c2d577c2578595f0c9e0050e.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-version-id: N7QfCC5FuFbKb_FaI806BoR9c0hRBh9K
x-amz-cf-pop: FRA56-P12
cf-polished: qual=85, origFmt=jpeg, origSize=121187
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="8e23b64a-67aa-11ee-8756-0ac3bfa08715.webp"
content-length: 22392
last-modified: Tue, 10 Oct 2023 20:21:13 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "6c3b9116f61bf00b11feae5fa3becde4"
vary: Accept, Accept-Encoding
content-type: image/webp
accept-ranges: bytes
cf-ray: 8ab9e3962aac9b80-FRA
x-amz-cf-id: b-eeAAXIBHUws-IhoaqMIZuVpsyN3G_EoN1fhvEi7j9kZi3wpo39tA==

GET
H2 200 e1251cb2-67aa-11ee-affa-0a58a9feac02.jpg
assets.classy.org/10110876/ 23 KB
23 KB 73ms
67ms Image
image/webp 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/10110876/e1251cb2-67aa-11ee-affa-0a58a9feac02.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a69fd5c4047037dda7d46df449bb0acab960f6efd78f32eef8c8df23bbe30b5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.salvationarmyalm.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 01:41:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 ee047aee7532c119ede08bf41f5f0762.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-version-id: Y1tx950Ht2yX_sPMJeUiXZTHJNZxT45W
x-amz-cf-pop: FRA56-P12
cf-polished: qual=85, origFmt=jpeg, origSize=118452
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="e1251cb2-67aa-11ee-affa-0a58a9feac02.webp"
content-length: 23166
last-modified: Tue, 10 Oct 2023 20:23:32 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "41ae927e6fbebdef616086dad559a06a"
vary: Accept, Accept-Encoding
content-type: image/webp
accept-ranges: bytes
cf-ray: 8ab9e3962aab9b80-FRA
x-amz-cf-id: GL_II3VoAnMgKpabQnABd68EFaN6f6ckGwSPWzGlwodk1n0k05s4Lw==

GET
H2 200 6ffc19ae-67ab-11ee-a142-0a924f69a789.jpg
assets.classy.org/10110876/ 27 KB
28 KB 60ms
60ms Image
image/webp 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/10110876/6ffc19ae-67ab-11ee-a142-0a924f69a789.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

134440a12b612a19cc71aa2a439b8898c137289b3cd9bef897b4f0135e064f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.salvationarmyalm.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 01:41:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8a7cd2920ac4cbceb2a8f9a130562a4c.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-version-id: M.RN1uqWeOLoclDdM36Jxo5BeZrXthnE
x-amz-cf-pop: FRA56-P12
cf-polished: qual=85, origFmt=jpeg, origSize=117538
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="6ffc19ae-67ab-11ee-a142-0a924f69a789.webp"
content-length: 27806
last-modified: Tue, 10 Oct 2023 20:27:32 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "55c3aaff6d5488b5701db1ad70e4ba0e"
vary: Accept, Accept-Encoding
content-type: image/webp
accept-ranges: bytes
cf-ray: 8ab9e3967ad19b80-FRA
x-amz-cf-id: 9SjC8w1NEHlUNspFDGOcl8pfD68Aw-RNe6TyMYPtIhZ1d955-PmY7A==

GET
H2 200 fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/d4baf0c7eb55d11091f6206be6d59cd712148513/static/fonts/ 65 KB
66 KB 101ms
53ms Font
binary/octet-stream 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/d4baf0c7eb55d11091f6206be6d59cd712148513/static/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/d4baf0c7eb55d11091f6206be6d59cd712148513/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/d4baf0c7eb55d11091f6206be6d59cd712148513/static/frs/main.css
Origin: https://give.salvationarmyalm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 01:41:56 GMT
x-amz-version-id: 0uNxBamKnk5YddH04S0ZyRfkf4unlzWo
via: 1.1 38dab0d877593711162f7409f4fc8fca.cloudfront.net (CloudFront)
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P10
age: 72976
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 66624
last-modified: Tue, 23 Jul 2024 23:45:47 GMT
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
accept-ranges: bytes
cf-ray: 8ab9e3968b1e8ff2-FRA
x-amz-cf-id: 3uSaVQtriLiVJu84hqcue8Ur0QrBIbk6fsWccjGDO5Md-l-70XXBXw==

GET
H2 200 ClassyIcons.woff
prod-frs.content.classy.org/prod/d4baf0c7eb55d11091f6206be6d59cd712148513/static/global/fonts/ 42 KB
43 KB 159ms
111ms Font
binary/octet-stream 2606:4700::6812:c55f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/d4baf0c7eb55d11091f6206be6d59cd712148513/static/global/fonts/ClassyIcons.woff

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/d4baf0c7eb55d11091f6206be6d59cd712148513/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dbc4d4921d60c9db076ea516677a51ef2e788b01c21ffa0424d9d6187278e12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/d4baf0c7eb55d11091f6206be6d59cd712148513/static/frs/main.css
Origin: https://give.salvationarmyalm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 01:41:56 GMT
x-amz-version-id: lCRmx4DtvnZcd8teTuqphLgavDWPqJ8r
via: 1.1 1a45d1e1304c39dfa9b034c2308f4976.cloudfront.net (CloudFront)
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
age: 72236
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 43184
last-modified: Tue, 23 Jul 2024 23:45:47 GMT
server: cloudflare
etag: "c90aa52f64347a078925011cef0c1a97"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
accept-ranges: bytes
cf-ray: 8ab9e3968b1f8ff2-FRA
x-amz-cf-id: HM9vAvITpfImqbskIMLbTzo4OqvICPbnP-B5pev1nkcC3vD8mBvnow==

POST
H2 200 rum Show response
give.salvationarmyalm.org/cdn-cgi/ 0
41 B 29ms
28ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmyalm.org/cdn-cgi/rum?

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
Referer: https://give.salvationarmyalm.org/campaign/the-salvation-army-meridian-online-kettle/c497809
tracestate: 423787@nr=0-1-423787-363751183-6cabc19589b5fbc8----1722390116829
traceparent: 00-6ebf22702cd8606333fceddc05a29020-6cabc19589b5fbc8-01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI2Y2FiYzE5NTg5YjVmYmM4IiwidHIiOiI2ZWJmMjI3MDJjZDg2MDYzMzNmY2VkZGMwNWEyOTAyMCIsInRpIjoxNzIyMzkwMTE2ODI5fX0=
content-type: application/json

Response headers

date: Wed, 31 Jul 2024 01:41:56 GMT
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8ab9e39649d89f4c-FRA
x-frame-options: DENY

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 93ms
35ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20b8f82923f15420d50977d8efde324e462ddde5affcdfafa9ac126660838127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://give.salvationarmyalm.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jul 2024 01:41:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jul 2024 00:52:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jul 2024 01:41:56 GMT

GET
H2 200 iframeResizer.17b3e8f66abcbf803ee0eb0adc771137.js Show response
give.salvationarmyalm.org/sso/ssobuild/js/ 12 KB
5 KB 41ms
39ms XHR
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmyalm.org/sso/ssobuild/js/iframeResizer.17b3e8f66abcbf803ee0eb0adc771137.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8913290a4db258fa9e0d3fd267fb61666aa81f82b1a459ba098352c427a57c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-9b6b1bea9d789ebc----1722390116885
traceparent: 00-b77c5966a528425c18237a9f417f09eb-9b6b1bea9d789ebc-01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI5YjZiMWJlYTlkNzg5ZWJjIiwidHIiOiJiNzdjNTk2NmE1Mjg0MjVjMTgyMzdhOWY0MTdmMDllYiIsInRpIjoxNzIyMzkwMTE2ODg1fX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://give.salvationarmyalm.org/campaign/the-salvation-army-meridian-online-kettle/c497809
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 31 Jul 2024 01:41:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11239456
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 18 Mar 2024 23:37:46 GMT
cf-bgj: minify
server: cloudflare
etag: W/"65f8d04a-316e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hW%2B88edl4BQtN1ShXlMO6bTeFdo1rO85IFv6yXe9tBL3u83L0YcCox76QmcavVwtS9ayC9omCCMwkuW0dEA7hwM4X1ArMUvG6qc8Pmdc94qZ7bYsMEihtJJ%2BupftmViiWGLJk%2FRK0UZLutY3pONc4P4fDk%2BBWC91"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 8ab9e39699f89f4c-FRA
expires: Sat, 22 Mar 2025 19:05:31 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/ 533 KB
213 KB 85ms
21ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/recaptcha__de.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19df4102c07ecfc86052b3ba527e800df1b34fff4b23a7cde8268f6de0729e03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://give.salvationarmyalm.org/
Origin: https://give.salvationarmyalm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 18:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26128
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 216982
x-xss-protection: 0
last-modified: Mon, 22 Jul 2024 21:52:36 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Jul 2025 18:26:28 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/250a2ff7/www-widgetapi.vflset/ 31 KB
11 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/250a2ff7/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d62d92fc71c40f02a1066308be107a2bb1d2d46aeec9801dd0343175ca273d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://give.salvationarmyalm.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 20:34:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18471
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10518
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 04:18:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 30 Jul 2025 20:34:05 GMT

GET
H2 200 status Show response
give.salvationarmyalm.org/sso/ 90 B
1 KB 498ms
498ms XHR
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://give.salvationarmyalm.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery361021555624900851145_1722390116882&_=1722390116883

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6ab41293e93c6f2bfa8c7033a8acd52e97b017fd60da2500104936269ff330c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.classy.org;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-48e4d3157b8fe3b3----1722390116942
traceparent: 00-5fd157ca3ac618a0b6454870b94bd31a-48e4d3157b8fe3b3-01
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI0OGU0ZDMxNTdiOGZlM2IzIiwidHIiOiI1ZmQxNTdjYTNhYzYxOGEwYjY0NTQ4NzBiOTRiZDMxYSIsInRpIjoxNzIyMzkwMTE2OTQyfX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://give.salvationarmyalm.org/campaign/the-salvation-army-meridian-online-kettle/c497809
X-Requested-With: XMLHttpRequest

Response headers

date: Wed, 31 Jul 2024 01:41:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: frame-ancestors 'self' https://*.classy.org;
p3p: CP="Classy does not have a P3P policy."
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BBaLO7nhxzgdyZ1uOGLg7iYe%2BBYsAH1X1biYFua6uWcYkbRoF%2FhT8wf4nfxz6dUyy0EgbcCeSSclDdLhq770myXfAi8lpzBtcx9l2w%2BG1WFqX5PYFoDTzchLViZ3NxCSlOjZs6cO%2BSBuRp%2BkI%2F0CGx0f50dMeY22"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, private
cf-ray: 8ab9e396fa2e9f4c-FRA

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
30 KB 76ms
21ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.salvationarmyalm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 15:12:12 GMT
x-content-type-options: nosniff
age: 37785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 15:12:12 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
0 77ms
77ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.salvationarmyalm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 15:12:12 GMT
x-content-type-options: nosniff
age: 37785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 15:12:12 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
0 77ms
77ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.salvationarmyalm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 15:12:12 GMT
x-content-type-options: nosniff
age: 37785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 15:12:12 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/ 32 KB
32 KB 98ms
44ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.salvationarmyalm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 12:21:31 GMT
x-content-type-options: nosniff
age: 48026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32492
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:20:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 12:21:31 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/ 32 KB
0 110ms
110ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.salvationarmyalm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 12:21:31 GMT
x-content-type-options: nosniff
age: 48026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32492
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:20:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 12:21:31 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
0 99ms
99ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.salvationarmyalm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 15:12:12 GMT
x-content-type-options: nosniff
age: 37785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 15:12:12 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
0 99ms
99ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://give.salvationarmyalm.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 15:12:12 GMT
x-content-type-options: nosniff
age: 37785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 15:12:12 GMT

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame F838 0
0 84ms
41ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcwtHkpAAAAABHUXtvKCZQ645083zUdeimy8NlP&co=aHR0cHM6Ly9naXZlLnNhbHZhdGlvbmFybXlhbG0ub3JnOjQ0Mw..&hl=de&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&size=invisible&cb=rj6lnm5eccl5

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_ne0wnAeu-t08-XysNUV4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.salvationarmyalm.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-_ne0wnAeu-t08-XysNUV4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jul 2024 01:41:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 individual_default_image.png
give.salvationarmyalm.org/static/global/images/ 2 KB
3 KB 69ms
69ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://give.salvationarmyalm.org/static/global/images/individual_default_image.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.salvationarmyalm.org/campaign/the-salvation-army-meridian-online-kettle/c497809
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 01:41:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=4588
content-disposition: inline; filename="individual_default_image.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2024
last-modified: Tue, 23 Jul 2024 23:43:52 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "66a04038-11ec"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bwdbs6fWDaSSNBhh%2FAAru3liO2ajyAaTS6YzN9AZG4BMmmrfvFYTd3iUKCMF%2FS3iR4tXRtUF2UYkdFm3B7uye3wnm1iwcrAQChsmUG6%2BxmuL4BYJ6VF6De%2Fn5W3L7A9KQtxj0F7G2nVVbZjgtJfkWI%2FLi%2FzmtgTZ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8ab9e399ebc99f4c-FRA
expires: Tue, 29 Jul 2025 19:33:54 GMT

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.classy.org/	1969-12-31 23:59:59	Name: CSRF-TOKEN Value: yB783oFt-kv0q5Imto5FLwqOMOVYs9yMJUJ0
www.classy.org/	1970-01-21 08:02:30	Name: connect.sid Value: s%3As-kW4quN8WknuN4wEvp2BJaLkmX196ox.F65I66zDRPxE5lMHET9aKFM75eEyxZP%2BYZTK8u7oz04
.classy.org/	1970-01-20 22:26:31	Name: __cf_bm Value: jVecnTXUafGnwNocJO.LRMadurEd5jNtbx8YQ8JJcjA-1722390114-1.0.1.1-b5HTj2hKUs30xez1DkTzHqkqOX7.2VRVTn6TrL3CdeggZjKdLeFFi4k2_uxIMtS3XsvmRRciE9nuXZ5gSI5wxA
.classy.org/	1969-12-31 23:59:59	Name: _cfuvid Value: w5O.fedoWaH1Aal7Aqwcrs.ghkEY9_3bYELAs1xOAdY-1722390114281-0.0.1.1-604800000
give.salvationarmyalm.org/	1970-01-21 08:02:30	Name: connect.sid Value: s%3AWlKA4dM-nAwog1T8-mg_PVuwxfPsxMdr.yj3L1NrFhoZvA6uQkjRooaTYaMInNNn822Lxdo7%2BTuM
.salvationarmyalm.org/	1969-12-31 23:59:59	Name: _cfuvid Value: h3jxdPbeckGhL.P5UcZ7SBV.Yyi6xCttgxDPMZ7MqJQ-1722390115302-0.0.1.1-604800000
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: DlsnLqYj8dU
.youtube.com/	1970-01-21 02:45:42	Name: VISITOR_INFO1_LIVE Value: PxCw37wVCLw
.youtube.com/	1970-01-21 02:45:42	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgWw%3D%3D
give.salvationarmyalm.org/	1969-12-31 23:59:59	Name: CSRF-TOKEN Value: 3MdQtM84-4A26PIB3k_CGF655ZM_2bsEzmEI
give.salvationarmyalm.org/	1970-01-20 22:26:31	Name: XSRF-TOKEN Value: eyJpdiI6Im5EZGpZQmt5NW5penBZdGpNNGdKT0E9PSIsInZhbHVlIjoiMGlBekxBUmJEQWtyRWpOK29pV0VjMVh6SjVMdUdZZzFkbEdzdjFtUDFpN0ZnK0V4Q0tETEtKRFBneDlyV2oveE5jdDN2VlZuTktwZ0x1NVVYekJ0RHI4ZWxGNHpVQ1ZxanBudmttQVZLZ2pZUU1lOEFuSDZkVElwSmFNaXhsd0wiLCJtYWMiOiJlMjhjMWM4MWE0ZjI1ZTNjMzlmM2MzM2U3Mjc2MTBlZThiODNkMmU3M2VkM2JiZWY2YTUxYTZkNmU2MzEzOTBhIiwidGFnIjoiIn0%3D
give.salvationarmyalm.org/	1969-12-31 23:59:59	Name: sid Value: eyJpdiI6IjdtL1YxVkxiSjhmWW0vOTlzeVRpNUE9PSIsInZhbHVlIjoidTZ2R2k1WnpOOWdFT0tFVDA3VVFrUHN5K0Q2SVRxRzhmUkxaOHdUSmhSbmJHTDdJS3dyMkV6bHFXaHRWamVTNlBEaWJ0QnNQY2JKakRVRDZUUWREOVBqQ2E4RCtRSUEzVERDRm9UbkU3RDhDU1lkRzRtUjNRNVJ3Nlo1MWFXVHAiLCJtYWMiOiJmYmExM2NhZjIxZWYxOTk0YTYxN2ViMzZkMzVlMjc0NWU5MTRlMTQ5NTcyZWIxYWMzZTg4YzIxNjk1NDVkODVhIiwidGFnIjoiIn0%3D
m.stripe.com/	1970-01-21 08:02:30	Name: m Value: 86c21445-4548-4ba1-9e85-48d03dca733c5490bc
.give.salvationarmyalm.org/	1970-01-21 07:12:06	Name: __stripe_mid Value: 60bacbdf-54c0-4d2b-9f63-82e33ebb3efeb30b8c
.give.salvationarmyalm.org/	1970-01-20 22:26:31	Name: __stripe_sid Value: ef1d25bb-ae3b-4ceb-8f2e-ff140edb306bd51ade

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://files.doublethedonation.com/fontello/css/fontello.css Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.classy.org
code.jquery.com
files.doublethedonation.com
fonts.googleapis.com
fonts.gstatic.com
give.salvationarmyalm.org
htp.tokenex.com
js.stripe.com
meridianemptystocking.org
prod-frs.content.classy.org
static.cloudflareinsights.com
transcend-cdn.com
unpkg.com
www.classy.org
www.google.com
www.gstatic.com
www.youtube.com
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:3037::ac43:b0df
2606:4700:3108::ac42:2b3c
2606:4700::6810:5049
2606:4700::6811:f6cb
2606:4700::6812:c55f
2a00:1450:4001:809::200a
2a00:1450:4001:811::200e
2a00:1450:4001:829::2003
2a00:1450:4001:829::2004
2a00:1450:4001:831::2003
2a04:4e42:400::649
2a06:98c1:3121::3
52.143.247.24
52.222.214.25
52.222.214.61
0a1e7c0eaf59d6f3eba201c7ce0f90706c13840b2b121c7d6f15fd48b8f2ebdc
0e562cfda9a2c721f7565dc3c81b675733cac3443c6d9763392bf9905aa5fe7f
134440a12b612a19cc71aa2a439b8898c137289b3cd9bef897b4f0135e064f1c
19df4102c07ecfc86052b3ba527e800df1b34fff4b23a7cde8268f6de0729e03
1e87327f6273792deacbf13ba7062a87d4be4ceeda531b3a953554e8e1139b65
20b8f82923f15420d50977d8efde324e462ddde5affcdfafa9ac126660838127
2d62d92fc71c40f02a1066308be107a2bb1d2d46aeec9801dd0343175ca273d8
353d9fcb741d603278fcc6a6a11c29ac1d78dbf4f5110c2e142d0be15b7992e3
3c3d40afd4827f6e54f772c0faee97b0d6f38393b3ed80571ac2e1004c9aa71d
4927189087d2b4fbdf2077302bd45f8c0124b20b7f71e7c35ca7999614bd6ab1
52d82ee3f63036d976281b7a0904d1d6926c0959c3d8601ec25fc5e59bcfbdc0
532173ebc9f5c9d64e69fb5acc20de586e0a4a61aad62ea24a09842d61a3710a
568919f10ad62a7b6811efe003e7c54cde3209073cb501c2330fe0a0a31a21fd
58dc93b248d6fa83469e9f883475175f5167ded4cf2d4d2e2001a3c3681de2ec
5df4e63befc6c999e410b2fe754185fb8c6dab2e78541d8e66861476cfdf0049
5e41aba35d6bd03eff2ce570ef823ce1f65b227129e9bf12349805e96a180163
60891a54df49aac87f56b67ebcd37582eae4b01e7b20b35b5b141a5ddd7e66c5
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
6ce49514b9d4e842b63f7b0f03fcbd74113bb99b67fe5c771c4bbd4e3b17a148
77f177f73099e6933b404f3a37207c780375850ae31b9880941973a25f24bf1f
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
87e983de6f1538e9755ec8aac56df1106c437766e28a5ff93058d4da9c175888
88e1adb2e8e32354415362df007b778b691f6dc9c496a60fe6a996af0096c361
8913290a4db258fa9e0d3fd267fb61666aa81f82b1a459ba098352c427a57c37
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407
8dbc4d4921d60c9db076ea516677a51ef2e788b01c21ffa0424d9d6187278e12
8e93bd1a6f2cf12f0a4925f60f0d5b8ee48ef2a8c14932c4a03a5827af28fccd
9fa32d1863bf72cb4e7be98ffc3934cbaf04f98237674b9f2ea62a5250cecbd6
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a69fd5c4047037dda7d46df449bb0acab960f6efd78f32eef8c8df23bbe30b5d
b6ab41293e93c6f2bfa8c7033a8acd52e97b017fd60da2500104936269ff330c
bc3b9802300980c5512d466ec6beb2ce4f85792bac38475bf83fd58206c8ea8e
c6d9c998d282b72839626d04f7ec860468718f9a52eb3b8ccf875880850f06d5
c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d39925ef67eade1d934c80d29003d06f87846f08713e6645be61cf7a7c0d3008
d83d76a4815b4df9e90eddd40e37d3dcf3b459fc0f0c1b899803bf952597f819
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec77ae83f7de3783de442576612676963c6a468a1c9e3d3a974203db6a42f366
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

give.salvationarmyalm.org Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

100 %HTTPS

81 %IPv6

14 Domains

17 Subdomains

16 IPs

2 Countries

2973 kBTransfer

8856 kBSize

15 Cookies

2 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

give.salvationarmyalm.org Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

100 %
HTTPS

81 %
IPv6

14
Domains

17
Subdomains

16
IPs

2
Countries

2973 kB
Transfer

8856 kB
Size

15
Cookies

50 HTTP transactions
2 data transactions