act.newyearnewchoices.com Open in urlscan Pro
151.101.193.91 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://act.newyearnewchoices.com/
Submission Tags: phishingrod
Submission: On February 22 via api (February 22nd 2024, 1:02:01 am UTC) from DE — Scanned from DE

Summary HTTP 100 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 16 domains to perform 100 HTTP transactions. The main IP is 151.101.193.91, located in United States and belongs to FASTLY, US. The main domain is act.newyearnewchoices.com.
TLS certificate: Issued by Certainly Intermediate R1 on February 2nd 2024. Valid for: a month.

This is the only time act.newyearnewchoices.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
50	151.101.193.91 151.101.193.91	54113 (FASTLY) (FASTLY)
8	99.86.4.9 99.86.4.9	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:e6:... 2606:4700:e6::ac40:cf26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3030::ac43:b94c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
2	13.248.139.42 13.248.139.42	16509 (AMAZON-02) (AMAZON-02)
7	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	44.241.26.175 44.241.26.175	16509 (AMAZON-02) (AMAZON-02)
4	3.121.250.91 3.121.250.91	16509 (AMAZON-02) (AMAZON-02)
1	34.241.202.139 34.241.202.139	16509 (AMAZON-02) (AMAZON-02)
100	20

50 151.101.193.91 (United States)

ASN54113 (FASTLY, US)

act.newyearnewchoices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 99.86.4.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-9.fra6.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e6::ac40:cf26 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::ac43:b94c (United States)

ASN13335 (CLOUDFLARENET, US)

file-cdn.mercyforanimals.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.139.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae1d37305401c759d.awsglobalaccelerator.com

payments.braintree-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.241.26.175 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-26-175.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.121.250.91 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-250-91.eu-central-1.compute.amazonaws.com

client-analytics.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.202.139 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: api-34-241-202-139.stripe.com

api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	newyearnewchoices.com act.newyearnewchoices.com	6 MB
19	stripe.com js.stripe.com — Cisco Umbrella Rank: 1356 q.stripe.com — Cisco Umbrella Rank: 8764 m.stripe.com — Cisco Umbrella Rank: 1289 api.stripe.com — Cisco Umbrella Rank: 13717 r.stripe.com — Cisco Umbrella Rank: 4802	439 KB
4	braintreegateway.com client-analytics.braintreegateway.com — Cisco Umbrella Rank: 9714	720 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45 region1.google-analytics.com — Cisco Umbrella Rank: 2000	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	352 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 191	74 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	216 B
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1444	16 KB
2	braintree-api.com payments.braintree-api.com — Cisco Umbrella Rank: 10602	1 KB
2	mercyforanimals.org file-cdn.mercyforanimals.org	18 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1212	84 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5654	408 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 113	355 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48	990 B
0	gospringboard.io Failed rms.gospringboard.io Failed
100	16

	Domain	Requested by
50	act.newyearnewchoices.com	act.newyearnewchoices.com
8	js.stripe.com	act.newyearnewchoices.com js.stripe.com
4	client-analytics.braintreegateway.com	act.newyearnewchoices.com
4	q.stripe.com	act.newyearnewchoices.com
4	www.googletagmanager.com	act.newyearnewchoices.com www.googletagmanager.com
3	r.stripe.com	js.stripe.com
3	m.stripe.com	m.stripe.network
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	www.facebook.com	act.newyearnewchoices.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	payments.braintree-api.com	act.newyearnewchoices.com
2	file-cdn.mercyforanimals.org	act.newyearnewchoices.com
2	use.fontawesome.com	act.newyearnewchoices.com use.fontawesome.com
1	api.stripe.com	js.stripe.com
1	www.google.de	act.newyearnewchoices.com
1	www.google.com	act.newyearnewchoices.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.googleapis.com	act.newyearnewchoices.com
0	rms.gospringboard.io Failed	act.newyearnewchoices.com
100	21

This site contains links to these domains. Also see Links.

Domain
www.mercyforanimals.org
act.mercyforanimals.org
app.overflow.co
mercyforanimals.org

Subject Issuer	Validity	Valid
act.mercyforanimals.in Certainly Intermediate R1	`2024-02-02` - `2024-03-03`	a month	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-02-07` - `2024-05-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
mercyforanimals.org GTS CA 1P5	`2024-02-09` - `2024-05-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
payments.braintree-api.com DigiCert SHA2 Extended Validation Server CA	`2023-08-23` - `2024-09-22`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-12-20` - `2024-03-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-01` - `2024-02-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-22` - `2024-03-21`	3 months	crt.sh
client-analytics.braintreegateway.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-24` - `2025-01-23`	a year	crt.sh
api.stripe.com DigiCert SHA2 Extended Validation Server CA	`2024-01-02` - `2024-04-04`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://act.newyearnewchoices.com/
Frame ID: 471FB11BFAE7B954649F847A82733670
Requests: 77 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-2d75091b71fd377dac06bf852d8d9149.html
Frame ID: E2ED20632A8E552984125834DB2F15F0
Requests: 10 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 01BF912DDF120F4D0C5C1D60CAB8AE7D
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 36F67A5052C5A88445AB267BEE839BFF
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

They need you. | Mercy For Animals

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

100
Requests

98 %
HTTPS

58 %
IPv6

16
Domains

21
Subdomains

20
IPs

4
Countries

7534 kB
Transfer

10769 kB
Size

11
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mercyforanimals.org/home

Search URL Search Domain Scan URL

URL: https://act.mercyforanimals.org/page/she-needs-you/donation-form-14
Title: Do you want to make a gift in Canadian dollars? Click here.

Search URL Search Domain Scan URL

URL: https://app.overflow.co/mercyforanimals/stock
Title: Donate Stock with Overflow

Search URL Search Domain Scan URL

URL: https://mercyforanimals.org/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://mercyforanimals.org/ways-to-give-3/#common-questions
Title: If you have questions about your gift or would like more information, please visit our FAQ section.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

100 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
act.newyearnewchoices.com/ 81 KB
16 KB 144ms
34ms Document
text/html 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

c3bc152f79afb41c945b772ca1eecc040a1d72f466f0da6e6a8c07f4916bc33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 45
cache-control: public, max-age=3600
content-encoding: gzip
content-language: en
content-length: 15679
content-type: text/html; charset=utf-8
date: Thu, 22 Feb 2024 01:01:51 GMT
etag: "1708563665-1"
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Thu, 22 Feb 2024 01:01:05 GMT
link: </page/she-needs-you/donation-form-13>; rel="canonical",</node/1035>; rel="shortlink"
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
vary: Cookie,Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 2, 1
x-content-type-options: nosniff nosniff
x-served-by: cache-iad-kjyo7100135-IAD, cache-fra-eddf8230052-FRA
x-timer: S1708563711.288269,VS0,VE1

GET
H2 200 css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css
act.newyearnewchoices.com/files/mfa/css/ 7 KB
2 KB 158ms
156ms Stylesheet
text/css 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://act.newyearnewchoices.com/files/mfa/css/css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

c44fab5ab25ff9f9dc07aced65f77686ec6a831bb858efaac266ba5deaf7d26e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
x-cache: MISS, MISS
content-length: 2217
x-served-by: cache-iad-kcgs7200068-IAD, cache-fra-eddf8230052-FRA
last-modified: Tue, 23 Jan 2024 11:44:02 GMT
server: Apache
x-timer: S1708563711.332008,VS0,VE106
etag: "8a9-60f9b7676ed88"
vary: Accept-encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 css_P13TPSCRyFsaf6cEoyj1hnwQmOLSMi22rY7---reLQ0.css
act.newyearnewchoices.com/files/mfa/css/ 2 KB
933 B 144ms
142ms Stylesheet
text/css 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://act.newyearnewchoices.com/files/mfa/css/css_P13TPSCRyFsaf6cEoyj1hnwQmOLSMi22rY7---reLQ0.css

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

3f5dd33d2091c85b1a7fa704a328f5867c1098e2d2322db6ad8efefbeade2d0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
x-cache: MISS, MISS
content-length: 712
x-served-by: cache-iad-kiad7000105-IAD, cache-fra-eddf8230052-FRA
last-modified: Tue, 23 Jan 2024 11:53:45 GMT
server: Apache
x-timer: S1708563711.333692,VS0,VE101
etag: "2c8-60f9b9941fc90"
vary: Accept-encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 css_d_JQcl3gdIg6V0IIwcqB__9ypY46WVQJ1WqFNdpEr4A.css
act.newyearnewchoices.com/files/mfa/css/ 5 KB
2 KB 210ms
208ms Stylesheet
text/css 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://act.newyearnewchoices.com/files/mfa/css/css_d_JQcl3gdIg6V0IIwcqB__9ypY46WVQJ1WqFNdpEr4A.css

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

77f250725de074883a574208c1ca81ffff72a58e3a595409d56a8535da44af80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
x-cache: MISS, MISS
content-length: 1578
x-served-by: cache-iad-kcgs7200056-IAD, cache-fra-eddf8230052-FRA
last-modified: Tue, 23 Jan 2024 11:44:02 GMT
server: Apache
x-timer: S1708563711.333707,VS0,VE113
etag: "62a-60f9b7677f340"
vary: Accept-encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 css_MqAvKLMUAFITuRtzJDvVFsUm1dBAyjImJluxyjBdT3U.css
act.newyearnewchoices.com/files/mfa/css/ 213 KB
29 KB 146ms
144ms Stylesheet
text/css 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://act.newyearnewchoices.com/files/mfa/css/css_MqAvKLMUAFITuRtzJDvVFsUm1dBAyjImJluxyjBdT3U.css

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

32a02f28b314005213b91b73243bd516c526d5d040ca3226265bb1ca305d4f75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
x-cache: MISS, MISS
content-length: 29041
x-served-by: cache-iad-kjyo7100122-IAD, cache-fra-eddf8230052-FRA
last-modified: Thu, 01 Feb 2024 16:50:58 GMT
server: Apache
x-timer: S1708563711.333683,VS0,VE103
etag: "7171-61054ccc12050"
vary: Accept-encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 css_Ph3b7GzeJ3EMLTCHQKig11uWeoJ83O7NkDf5m5A5L6M.css
act.newyearnewchoices.com/files/mfa/css/ 2 KB
880 B 255ms
253ms Stylesheet
text/css 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://act.newyearnewchoices.com/files/mfa/css/css_Ph3b7GzeJ3EMLTCHQKig11uWeoJ83O7NkDf5m5A5L6M.css

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

3e1ddbec6cde27710c2d308740a8a0d75b967a827cdceecd9037f99b90392fa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
x-cache: MISS, MISS
content-length: 628
x-served-by: cache-iad-kjyo7100077-IAD, cache-fra-eddf8230052-FRA
last-modified: Tue, 23 Jan 2024 11:53:45 GMT
server: Apache
x-timer: S1708563711.333374,VS0,VE124
etag: "274-60f9b994363f0"
vary: Accept-encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 js_JDqIMQUwCziAIyAXFlXIbQ-XTrwzmjGSKLnZE2Prk74.js Show response
act.newyearnewchoices.com/files/mfa/js/ 130 KB
45 KB 188ms
186ms Script
text/javascript 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://act.newyearnewchoices.com/files/mfa/js/js_JDqIMQUwCziAIyAXFlXIbQ-XTrwzmjGSKLnZE2Prk74.js

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

243a883105300b38802320171655c86d0f974ebc339a319228b9d91363eb93be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
x-cache: MISS, MISS
content-length: 45819
x-served-by: cache-iad-kjyo7100123-IAD, cache-fra-eddf8230052-FRA
last-modified: Tue, 23 Jan 2024 11:44:02 GMT
server: Apache
x-timer: S1708563711.333370,VS0,VE111
etag: "b2fb-60f9b767a5c70"
vary: Accept-encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 js_WyMYd3SRedptBdMDBRwnrYvMdkv7J58SMZZL6mQxjdU.js Show response
act.newyearnewchoices.com/files/mfa/js/ 306 KB
81 KB 256ms
254ms Script
text/javascript 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://act.newyearnewchoices.com/files/mfa/js/js_WyMYd3SRedptBdMDBRwnrYvMdkv7J58SMZZL6mQxjdU.js

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

5b231877749179da6d05d303051c27ad8bcc764bfb279f1231964bea64318dd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
x-cache: MISS, MISS
content-length: 82321
x-served-by: cache-iad-kcgs7200077-IAD, cache-fra-eddf8230052-FRA
last-modified: Tue, 16 Jan 2024 11:30:22 GMT
server: Apache
x-timer: S1708563711.333354,VS0,VE142
etag: "14191-60f0e74bbc730"
vary: Accept-encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 js_zX12wXoioTUl_561tth_TuKLGJfYzifj6T0MWYi6Dz0.js Show response
act.newyearnewchoices.com/files/mfa/js/ 3 KB
1 KB 211ms
209ms Script
text/javascript 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://act.newyearnewchoices.com/files/mfa/js/js_zX12wXoioTUl_561tth_TuKLGJfYzifj6T0MWYi6Dz0.js

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

cd7d76c17a22a13525ff9eb5b6d87f4ee28b1897d8ce27e3e93d0c5988ba0f3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
x-cache: MISS, MISS
content-length: 955
x-served-by: cache-iad-kiad7000172-IAD, cache-fra-eddf8230052-FRA
last-modified: Tue, 16 Jan 2024 11:25:42 GMT
server: Apache
x-timer: S1708563711.333342,VS0,VE116
etag: "3bb-60f0e640e4700"
vary: Accept-encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 js__O96_yPH9fUh1C3CQvHbcc_48GOjmUWm2t8abJA3q0A.js Show response
act.newyearnewchoices.com/files/mfa/js/ 60 KB
12 KB 158ms
157ms Script
text/javascript 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://act.newyearnewchoices.com/files/mfa/js/js__O96_yPH9fUh1C3CQvHbcc_48GOjmUWm2t8abJA3q0A.js

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

fcef7aff23c7f5f521d42dc242f1db71cff8f063a39945a6dadf1a6c9037ab40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
x-cache: MISS, MISS
content-length: 11680
x-served-by: cache-iad-kcgs7200054-IAD, cache-fra-eddf8230052-FRA
last-modified: Tue, 23 Jan 2024 11:53:46 GMT
server: Apache
x-timer: S1708563711.333336,VS0,VE109
etag: "2da0-60f9b994509d0"
vary: Accept-encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 v3 Show response
js.stripe.com/ 600 KB
148 KB 125ms
48ms Script
text/javascript 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

14ae13e024eceb5c9d5510d6d6290d0188ed4a15f48f99a03067cceeb006ba73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 01:01:40 GMT
content-encoding: br
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 12
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Wed, 21 Feb 2024 21:35:56 GMT
server: Cloudfront
etag: W/"fca098a5b245c578da5e4ca3be84ec9b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: 547R5A_gx15-gOhbkoU90OHDPfG4rOCmsJglv6TZ820BgxMkQ9HSDw==

GET
H2 200 js_yvbAtBj6N3Btp_AShYNw--5YhCmyew32JjB3l6vktdI.js Show response
act.newyearnewchoices.com/files/mfa/js/ 187 KB
39 KB 226ms
225ms Script
text/javascript 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://act.newyearnewchoices.com/files/mfa/js/js_yvbAtBj6N3Btp_AShYNw--5YhCmyew32JjB3l6vktdI.js

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

caf6c0b418fa37706da7f012858370fbee588429b27b0df626307797abe4b5d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
x-cache: MISS, MISS
content-length: 39442
x-served-by: cache-iad-kiad7000031-IAD, cache-fra-eddf8230052-FRA
last-modified: Thu, 01 Feb 2024 16:50:58 GMT
server: Apache
x-timer: S1708563711.353288,VS0,VE102
etag: "9a12-61054ccc381b0"
vary: Accept-encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 js_bMNcqAqOcpVB4VGYw6F9HDONHfb363vwhq0fr67kcxM.js Show response
act.newyearnewchoices.com/files/mfa/js/ 28 KB
7 KB 211ms
210ms Script
text/javascript 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://act.newyearnewchoices.com/files/mfa/js/js_bMNcqAqOcpVB4VGYw6F9HDONHfb363vwhq0fr67kcxM.js

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

6cc35ca80a8e729541e15198c3a17d1c338d1df6f7eb7bf086ad1fafaee47313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
x-cache: MISS, MISS
content-length: 7514
x-served-by: cache-iad-kcgs7200127-IAD, cache-fra-eddf8230052-FRA
last-modified: Tue, 23 Jan 2024 11:44:02 GMT
server: Apache
x-timer: S1708563711.353263,VS0,VE98
etag: "1d5a-60f9b767e2918"
vary: Accept-encoding, Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
93 KB 186ms
114ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DW3MLMSQ5V

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

39394f3f301e71331ef3e4d7a6e1e3bb7ad7fa1d8f87b1974ed2ef2bca0da540

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 01:01:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95141
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 22 Feb 2024 01:01:51 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.5.0/css/ 50 KB
11 KB 373ms
298ms Stylesheet
text/css 2606:4700:e6::ac40:cf26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by: Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

Referer: https://act.newyearnewchoices.com/
Origin: https://act.newyearnewchoices.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 01:01:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1cc6c92172d124fbd305ba3d8e263333"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6lEhFuL0b9SQ8XYXh67OvWJ%2FRyR8cUwDAQeR2FVgOfUcMPupNx6mjnJy1GBrzZwcd1colbwEbJDebv8kOFqyGt7rKtaMdN4HF96%2FPuFHnlB%2FRW7IzIVJgDBQZJeOSuey6yyqUkrlBlWLaN3ILCT7tEo"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 85934cdc4cfdb8e4-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 MFA-logo.png
act.newyearnewchoices.com/files/mfa/ 26 KB
26 KB 255ms
254ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/files/mfa/MFA-logo.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

020ee500ec1243a95eb00ceaa7140de14ff9549ba0adc87233ddba37bddde2d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
age: 0
x-cache: MISS, MISS
content-length: 26825
x-served-by: cache-iad-kiad7000112-IAD, cache-fra-eddf8230052-FRA
last-modified: Thu, 29 Jul 2021 20:51:10 GMT
server: Apache
x-timer: S1708563711.353235,VS0,VE110
etag: "68c9-5c84943402b80"
content-type: image/png
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 Flag_of_Canada.png
file-cdn.mercyforanimals.org/mercy4animals.wpengine.com/sites/450/2021/11/ 9 KB
10 KB 848ms
737ms Image
image/png 2606:4700:3030::ac43:b94c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file-cdn.mercyforanimals.org/mercy4animals.wpengine.com/sites/450/2021/11/Flag_of_Canada.png
Requested by: Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b94c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19fd1776de32a4661efcf987288c6a407ee1776f92eff8b94d369b4b8d0c1645

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 01:01:52 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPpy8IuEXH9BerM4ORyHEi3UtNmDpYNqclBlpSau6m--dVhmoG5UIz1A8Zmn3eQ8J8LoFp8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 9291
last-modified: Wed, 24 Nov 2021 19:30:45 GMT
server: cloudflare
etag: "83a5cc37ee4424e90780d73a230645b6"
vary: Origin, Accept-Encoding
x-goog-generation: 1637782245151441
content-type: image/png
x-goog-hash: crc32c=6eV6/w==, md5=g6XMN+5EJOkHgNc6IwZFtg==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=slczgh%2B%2F5th%2B12pLkrfp3au4e7enHKXCRZ8CmgHNT8%2BOMxaKk7J5LhHxSxNq9t4VSpUTqinQC4qS2e7ATxMili4sQkeTSsLX2bLl66QeSeZy6%2BmgodbNBMH8XKye8BKedhUfxqyieK05cEdNMBj8GBwclKqbEXUI7NH%2B"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 9291
accept-ranges: bytes
cf-ray: 85934cdc8d6e6637-AMS
expires: Thu, 22 Feb 2024 02:01:52 GMT

GET
H2 200 padlock.png
act.newyearnewchoices.com/sites/all/modules/springboard/fundraiser/modules/fundraiser_webform/images/ 151 B
291 B 141ms
141ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/sites/all/modules/springboard/fundraiser/modules/fundraiser_webform/images/padlock.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

ca17697042f4b65cfbd37638ef574652e0e18aefcad70ae502212d430270efd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100051-IAD, cache-fra-eddf8230052-FRA
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
last-modified: Wed, 31 Jan 2024 21:49:38 GMT
server: Apache
age: 0
x-timer: S1708563712.642316,VS0,VE99
etag: "97-61044dafb8080"
x-cache: MISS, MISS
content-type: image/png
accept-ranges: bytes
content-length: 151
x-cache-hits: 0, 0

GET
H2 200 bbb-mfa-2023.png
act.newyearnewchoices.com/files/mfa/ 323 KB
324 KB 269ms
267ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/files/mfa/bbb-mfa-2023.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

9dcb2d5a77e215af7fd15f03b9e44145cb5681332b85686b4e80985027f76698

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
age: 0
x-cache: MISS, MISS
content-length: 331137
x-served-by: cache-iad-kcgs7200136-IAD, cache-fra-eddf8230052-FRA
last-modified: Wed, 20 Sep 2023 21:44:37 GMT
server: Apache
x-timer: S1708563712.673722,VS0,VE126
etag: "50d81-605d14825bb40"
content-type: image/png
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 2023-MFA-Candid-Seal_0.png
act.newyearnewchoices.com/files/mfa/ 7 KB
7 KB 141ms
139ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/files/mfa/2023-MFA-Candid-Seal_0.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

c27c693cd045449dc636d3c86e7aaebd44af77098cd2fc311cef54c1efa4e81c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
age: 0
x-cache: MISS, MISS
content-length: 7205
x-served-by: cache-iad-kjyo7100066-IAD, cache-fra-eddf8230052-FRA
last-modified: Wed, 18 Jan 2023 19:28:18 GMT
server: Apache
x-timer: S1708563712.673742,VS0,VE99
etag: "1c25-5f28ed1853880"
content-type: image/png
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 2022-top-rated-awards-badge-embed.png
file-cdn.mercyforanimals.org/mercy4animals.wpengine.com/sites/517/2022/08/ 7 KB
8 KB 722ms
720ms Image
image/png 2606:4700:3030::ac43:b94c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file-cdn.mercyforanimals.org/mercy4animals.wpengine.com/sites/517/2022/08/2022-top-rated-awards-badge-embed.png
Requested by: Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b94c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e284fc95f7d50b46d7fb635d09e675ca284a691adf43d105b71b725a6100999

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 01:01:52 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPpICAHt03IWwSAlzqLWRgxxSuniof3Vf6HfmWqbDXGKJgkJzlWnxGE58sFsifCCHB8iiFY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 7520
last-modified: Wed, 17 Aug 2022 16:02:13 GMT
server: cloudflare
etag: "d51c1ad87c7671b0481fbad1ebc965a5"
vary: Origin, Accept-Encoding
x-goog-generation: 1660752133449298
content-type: image/png
x-goog-hash: crc32c=wC4P4Q==, md5=1Rwa2Hx2cbBIH7rR68llpQ==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FIqWyJcWEo6EhMH9E5utAdndfr5vGHC4bIJQAMfXxIqzwqif%2FmQFaJmVhsK76is2eLSXKhN3IddeTC4q1CHDnM7GkggJLN18S10bjeya2ZZIzvS8DGX3guuL16uBympRri38E5Bxum6qm4m6cfaZ6u8TaH1m1kp1IrEF"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 7520
accept-ranges: bytes
cf-ray: 85934cddfe726637-AMS
expires: Thu, 22 Feb 2024 02:01:52 GMT

GET
H2 200 1_env_partner.png
act.newyearnewchoices.com/files/mfa/ 71 KB
71 KB 169ms
168ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/files/mfa/1_env_partner.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

70b63035515ac244d2d33fcf8be28ddd0654558535543c0e8831e29eda0f8a85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
age: 0
x-cache: MISS, MISS
content-length: 72244
x-served-by: cache-iad-kcgs7200146-IAD, cache-fra-eddf8230052-FRA
last-modified: Wed, 05 Oct 2022 13:05:43 GMT
server: Apache
x-timer: S1708563712.674350,VS0,VE107
etag: "11a34-5ea493bf557c0"
content-type: image/png
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 ABC.png
act.newyearnewchoices.com/files/mfa/ 16 KB
16 KB 268ms
267ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/files/mfa/ABC.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

a59a9e65af9a1309cf4438617984606723feb5bf2dc54ccf785dd1a5a8587887

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
age: 0
x-cache: MISS, MISS
content-length: 16425
x-served-by: cache-iad-kcgs7200145-IAD, cache-fra-eddf8230052-FRA
last-modified: Mon, 19 Dec 2022 18:41:06 GMT
server: Apache
x-timer: S1708563712.674133,VS0,VE107
etag: "4029-5f032a97b1480"
content-type: image/png
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 cn-new.png
act.newyearnewchoices.com/files/mfa/ 102 KB
102 KB 214ms
213ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/files/mfa/cn-new.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

8bdd0bd9d3b37cd0aca3491755a4cea0f41090ced3ab96bdd055fbde82b795f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
age: 0
x-cache: MISS, MISS
content-length: 104133
x-served-by: cache-iad-kiad7000027-IAD, cache-fra-eddf8230052-FRA
last-modified: Mon, 19 Dec 2022 18:41:07 GMT
server: Apache
x-timer: S1708563712.674085,VS0,VE107
etag: "196c5-5f032a98a56c0"
content-type: image/png
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 CharityWatch_Seal_RGB_WEB_hi-res.png
act.newyearnewchoices.com/files/mfa/ 34 KB
34 KB 152ms
151ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/files/mfa/CharityWatch_Seal_RGB_WEB_hi-res.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

a702c1d17f3e92feef286fa2f533c8cc439b0deeaf33f02c81946e6654122095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
age: 0
x-cache: MISS, MISS
content-length: 34910
x-served-by: cache-iad-kiad7000028-IAD, cache-fra-eddf8230052-FRA
last-modified: Tue, 28 Mar 2023 00:08:43 GMT
server: Apache
x-timer: S1708563712.674066,VS0,VE101
etag: "885e-5f7eaa993d8c0"
content-type: image/png
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 206 KB
73 KB 119ms
47ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MFFHHGK

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ef8dac9914befdef0e45167b0c9cb96e1edf87047eac13e2e22f10ba1bf71522

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 01:01:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74747
x-xss-protection: 0
last-modified: Thu, 22 Feb 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 22 Feb 2024 01:01:51 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
990 B 112ms
41ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:500,700

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/files/mfa/css/css_MqAvKLMUAFITuRtzJDvVFsUm1dBAyjImJluxyjBdT3U.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

19d59f03c930bd4a4779b1e411db69eaf7722da3063fc773553bb590f8a0f8c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Feb 2024 01:01:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 22 Feb 2024 00:03:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Feb 2024 01:01:51 GMT

GET
H2 200 Gotham-Book.woff2
act.newyearnewchoices.com/files/mfa/ 14 KB
14 KB 160ms
160ms Font
font/woff2 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://act.newyearnewchoices.com/files/mfa/Gotham-Book.woff2

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/files/mfa/css/css_MqAvKLMUAFITuRtzJDvVFsUm1dBAyjImJluxyjBdT3U.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

0f5b5294c285bceb66e98b19cd891cd1273034e116e7ef92e77618b3c64ccf1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://act.newyearnewchoices.com/files/mfa/css/css_MqAvKLMUAFITuRtzJDvVFsUm1dBAyjImJluxyjBdT3U.css
Origin: https://act.newyearnewchoices.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
age: 0
x-cache: MISS, MISS
content-length: 13828
x-served-by: cache-iad-kjyo7100028-IAD, cache-fra-eddf8230052-FRA
last-modified: Thu, 29 Jul 2021 21:21:47 GMT
server: Apache
x-timer: S1708563712.674078,VS0,VE102
etag: "3604-5c849b0be90c0"
content-type: font/woff2
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 credit-card.png
act.newyearnewchoices.com/sites/all/themes/springboard_themes/springboard_frontend/img/templates/ 3 KB
3 KB 225ms
224ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/sites/all/themes/springboard_themes/springboard_frontend/img/templates/credit-card.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/files/mfa/css/css_MqAvKLMUAFITuRtzJDvVFsUm1dBAyjImJluxyjBdT3U.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

9c301048d2f6d7740392c8cca42bd6f53fabb21c8ff92a82e510b0dd9c3a46c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/files/mfa/css/css_MqAvKLMUAFITuRtzJDvVFsUm1dBAyjImJluxyjBdT3U.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200027-IAD, cache-fra-eddf8230052-FRA
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
last-modified: Wed, 31 Jan 2024 21:49:38 GMT
server: Apache
age: 0
x-timer: S1708563712.716964,VS0,VE98
etag: "a0f-61044dafb8080"
x-cache: MISS, MISS
content-type: image/png
accept-ranges: bytes
content-length: 2575
x-cache-hits: 0, 0

GET
H2 200 paypal.png
act.newyearnewchoices.com/sites/all/themes/springboard_themes/springboard_frontend/img/templates/ 2 KB
3 KB 225ms
224ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/sites/all/themes/springboard_themes/springboard_frontend/img/templates/paypal.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/files/mfa/css/css_MqAvKLMUAFITuRtzJDvVFsUm1dBAyjImJluxyjBdT3U.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

90334a765f331b0057bda6976d556f14e1795fb8a8dafd9259c4f8cf3fd50a26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/files/mfa/css/css_MqAvKLMUAFITuRtzJDvVFsUm1dBAyjImJluxyjBdT3U.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200137-IAD, cache-fra-eddf8230052-FRA
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
last-modified: Wed, 31 Jan 2024 21:49:38 GMT
server: Apache
age: 0
x-timer: S1708563712.716949,VS0,VE96
etag: "927-61044dafb8080"
x-cache: MISS, MISS
content-type: image/png
accept-ranges: bytes
content-length: 2343
x-cache-hits: 0, 0

GET
H2 200 bank-account.png
act.newyearnewchoices.com/sites/all/themes/springboard_themes/springboard_frontend/img/templates/ 898 B
1017 B 225ms
225ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/sites/all/themes/springboard_themes/springboard_frontend/img/templates/bank-account.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/files/mfa/css/css_MqAvKLMUAFITuRtzJDvVFsUm1dBAyjImJluxyjBdT3U.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

f9db89376b035b63954f5b8a4abdef693e8a5fc26540a844102cf9bbe4a09904

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/files/mfa/css/css_MqAvKLMUAFITuRtzJDvVFsUm1dBAyjImJluxyjBdT3U.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200086-IAD, cache-fra-eddf8230052-FRA
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
last-modified: Wed, 31 Jan 2024 21:49:38 GMT
server: Apache
age: 0
x-timer: S1708563712.716964,VS0,VE118
etag: "382-61044dafb8080"
x-cache: MISS, MISS
content-type: image/png
accept-ranges: bytes
content-length: 898
x-cache-hits: 0, 0

GET
H2 200 apple-pay.png
act.newyearnewchoices.com/sites/all/themes/springboard_themes/springboard_frontend/img/templates/ 1 KB
1 KB 225ms
225ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/sites/all/themes/springboard_themes/springboard_frontend/img/templates/apple-pay.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/files/mfa/css/css_MqAvKLMUAFITuRtzJDvVFsUm1dBAyjImJluxyjBdT3U.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

e4e4793845d12dc4cdc83ef651f925bdd85ddf29ba27b41d30f5c634fd7f5bea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/files/mfa/css/css_MqAvKLMUAFITuRtzJDvVFsUm1dBAyjImJluxyjBdT3U.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000177-IAD, cache-fra-eddf8230052-FRA
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
last-modified: Wed, 31 Jan 2024 21:49:38 GMT
server: Apache
age: 0
x-timer: S1708563712.716946,VS0,VE102
etag: "557-61044dafb8080"
x-cache: MISS, MISS
content-type: image/png
accept-ranges: bytes
content-length: 1367
x-cache-hits: 0, 0

GET
H2 200 Gotham-Bold.woff2
act.newyearnewchoices.com/files/mfa/ 13 KB
13 KB 224ms
224ms Font
font/woff2 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://act.newyearnewchoices.com/files/mfa/Gotham-Bold.woff2

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/files/mfa/css/css_MqAvKLMUAFITuRtzJDvVFsUm1dBAyjImJluxyjBdT3U.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

519deadda6b1fcb9fa036d2fb899f01a45ec3012a393db6a0fc00ef2cc4ea368

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://act.newyearnewchoices.com/files/mfa/css/css_MqAvKLMUAFITuRtzJDvVFsUm1dBAyjImJluxyjBdT3U.css
Origin: https://act.newyearnewchoices.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
age: 0
x-cache: MISS, MISS
content-length: 13240
x-served-by: cache-iad-kiad7000091-IAD, cache-fra-eddf8230052-FRA
last-modified: Thu, 29 Jul 2021 21:21:46 GMT
server: Apache
x-timer: S1708563712.717423,VS0,VE108
etag: "33b8-5c849b0af4e80"
content-type: font/woff2
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

OPTIONS
H2 200 graphql
payments.braintree-api.com/ Frame 0
0 167ms
54ms Preflight 13.248.139.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.248.139.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,braintree-version,content-type
Access-Control-Request-Method: POST
Origin: https://act.newyearnewchoices.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-headers: authorization,braintree-version,content-type
access-control-allow-methods: GET,DELETE,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://act.newyearnewchoices.com
access-control-max-age: 1800
date: Thu, 22 Feb 2024 01:01:51 GMT
paypal-debug-id: 63aba691a6d84
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: DENY

POST
H2 200 graphql Show response
payments.braintree-api.com/ 1 KB
1 KB 662ms
662ms XHR
application/json 13.248.139.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/files/mfa/js/js_WyMYd3SRedptBdMDBRwnrYvMdkv7J58SMZZL6mQxjdU.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.248.139.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

6d3499bd54810a0740db8cf6e277359c2c230e11ea23658b4747c668c09826e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://act.newyearnewchoices.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Authorization: Bearer production_ktsgd5fv_vk8fn2ytdnbr5kn2
Braintree-Version: 2018-05-10
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 01:01:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
server: nginx
vary: Braintree-Version, Accept-Encoding
braintree-version: 2016-10-07
content-type: application/json
access-control-allow-origin: https://act.newyearnewchoices.com
paypal-debug-id: c0735df288ea4
cache-control: no-cache, no-store
x-frame-options: DENY
content-length: 764

GET get
rms.gospringboard.io/k97avDZZzRpRJokbdoaQDz4hfRqidTD7/ 0
0

POST
H2 200 new_cookie Show response
act.newyearnewchoices.com/js/springboard_cookie/ 185 B
366 B 533ms
533ms XHR
application/json 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://act.newyearnewchoices.com/js/springboard_cookie/new_cookie

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/files/mfa/js/js_JDqIMQUwCziAIyAXFlXIbQ-XTrwzmjGSKLnZE2Prk74.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

91f7dc6a01858c8be373845ce0ce675c2cb892f4630778d6630f0cc26094f6bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://act.newyearnewchoices.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-served-by: cache-fra-eddf8230052-FRA
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:52 GMT
via: 1.1 varnish
server: Apache
x-timer: S1708563712.748926,VS0,VE406
vary: Accept-Encoding
x-cache: MISS
content-type: application/json; charset=utf-8
accept-ranges: bytes
content-length: 176
x-cache-hits: 0

GET
H2 200 controller-2d75091b71fd377dac06bf852d8d9149.html Show response
js.stripe.com/v3/ Frame E2ED 325 B
1 KB 44ms
44ms Document
text/html 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-2d75091b71fd377dac06bf852d8d9149.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a871cd0bf110f4079204d6e0d651895b1dc47aa36808196778a41d0c048ee7e6

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://act.newyearnewchoices.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 31
cache-control: max-age=60, stale-while-revalidate=900
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 22 Feb 2024 01:01:22 GMT
etag: "2d75091b71fd377dac06bf852d8d9149"
last-modified: Wed, 21 Feb 2024 21:02:37 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
x-amz-cf-id: pSvA-tnIqgqyxKVreBzA0t-n-mwEy62OalU6xFhaaF3fVbOHPmDA9A==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 get_token Show response
act.newyearnewchoices.com/js/springboard_fraud/ 135 B
284 B 417ms
417ms XHR
application/json 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://act.newyearnewchoices.com/js/springboard_fraud/get_token

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/files/mfa/js/js_JDqIMQUwCziAIyAXFlXIbQ-XTrwzmjGSKLnZE2Prk74.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

3001dff4af308fa38c9b7f281605158b111c9421452e02fbc0fcf07c4a37cf00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://act.newyearnewchoices.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-served-by: cache-fra-eddf8230052-FRA
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:52 GMT
via: 1.1 varnish
server: Apache
x-timer: S1708563712.754724,VS0,VE311
vary: Accept-Encoding
x-cache: MISS
content-type: application/json; charset=utf-8
accept-ranges: bytes
content-length: 140
x-cache-hits: 0

GET
H2 200 Donation%20Form-Desktop%20%281%29_2.png
act.newyearnewchoices.com/files/mfa/ 3 MB
3 MB 726ms
726ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/files/mfa/Donation%20Form-Desktop%20%281%29_2.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

dc4cdbeb9b04ca78ea0aa0124c815554d358af659558ba8a90c3f73b5159b839

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:52 GMT
age: 0
x-cache: MISS, MISS
content-length: 2644395
x-served-by: cache-iad-kjyo7100108-IAD, cache-fra-eddf8230052-FRA
last-modified: Mon, 14 Feb 2022 21:34:01 GMT
server: Apache
x-timer: S1708563712.759339,VS0,VE620
etag: "2859ab-5d8012cc18440"
content-type: image/png
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ 72 KB
73 KB 527ms
527ms Font
font/woff2 2606:4700:e6::ac40:cf26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2

Request headers

Referer: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Origin: https://act.newyearnewchoices.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 01:01:52 GMT
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "fb493903265cad425ccdf8e04fc2de61"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=09Ao2m0YGtDcEY0z7hBhdeJKxkiofsvuSCr5bfrgR4FTZa0AmoxIgr3WKN3DbXcCSrIPDvnaG0%2FM8TFuly8IY3A%2BSFdk0ADGEKdXru82PWIY%2BNJ5Af5IKFQwddxWwbqMYBetnYqq8xjP7EDHfeATEzYk"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 85934cde7ea9b8e4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 73852

GET
H2 200 MFA-logo-light.png
act.newyearnewchoices.com/files/mfa/ 26 KB
26 KB 214ms
210ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/files/mfa/MFA-logo-light.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

548e8e4dd613d72d44baaaf605bc5855ca593e31956d09f0662a1152b95448fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
age: 0
x-cache: MISS, MISS
content-length: 26764
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-eddf8230052-FRA
last-modified: Thu, 29 Jul 2021 20:51:10 GMT
server: Apache
x-timer: S1708563712.781560,VS0,VE111
etag: "688c-5c84943402b80"
content-type: image/png
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 Open-Cage-Icon.png
act.newyearnewchoices.com/files/mfa/ 13 KB
13 KB 214ms
210ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/files/mfa/Open-Cage-Icon.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

c663f7dbd6e9dcd14c255def30286c72d1d9a2be14c5214bbbbfad9c6b33e4e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
age: 0
x-cache: MISS, MISS
content-length: 13235
x-served-by: cache-iad-kjyo7100134-IAD, cache-fra-eddf8230052-FRA
last-modified: Wed, 05 Oct 2022 13:05:44 GMT
server: Apache
x-timer: S1708563712.781554,VS0,VE102
etag: "33b3-5ea493c049a00"
content-type: image/png
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 Sprout-Icons.png
act.newyearnewchoices.com/files/mfa/ 12 KB
12 KB 213ms
209ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/files/mfa/Sprout-Icons.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

b62b4bc75d93e6f616d6ad4897db2c8ca03f7a05343da178e4e7f2f92c2f25ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
age: 0
x-cache: MISS, MISS
content-length: 12588
x-served-by: cache-iad-kiad7000138-IAD, cache-fra-eddf8230052-FRA
last-modified: Wed, 05 Oct 2022 13:05:44 GMT
server: Apache
x-timer: S1708563712.782144,VS0,VE97
etag: "312c-5ea493c049a00"
content-type: image/png
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 Progress-Icon.png
act.newyearnewchoices.com/files/mfa/ 16 KB
16 KB 213ms
210ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/files/mfa/Progress-Icon.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

c722283d703cf73b84ab8abdce4067323f2e2612b50f76ec1c8c3cf3be87a843

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
age: 0
x-cache: MISS, MISS
content-length: 16012
x-served-by: cache-iad-kiad7000176-IAD, cache-fra-eddf8230052-FRA
last-modified: Wed, 05 Oct 2022 13:05:44 GMT
server: Apache
x-timer: S1708563712.782129,VS0,VE99
etag: "3e8c-5ea493c049a00"
content-type: image/png
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 anniversary_1.png
act.newyearnewchoices.com/files/mfa/ 220 KB
220 KB 274ms
270ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/files/mfa/anniversary_1.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

8ab843f3a7082e36fc2af63adaf01783b0a8b3d4fac7539a797878e3a3078a4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
age: 0
x-cache: MISS, MISS
content-length: 224861
x-served-by: cache-iad-kjyo7100174-IAD, cache-fra-eddf8230052-FRA
last-modified: Fri, 06 Aug 2021 22:44:40 GMT
server: Apache
x-timer: S1708563712.782142,VS0,VE117
etag: "36e5d-5c8ebc7e38600"
content-type: image/png
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 birthday_1.png
act.newyearnewchoices.com/files/mfa/ 271 KB
271 KB 273ms
270ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/files/mfa/birthday_1.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

6b39cff5fbd19ac37fb9d8d916f6dc8bd2347d148fef069577156e64d2aba9fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
age: 0
x-cache: MISS, MISS
content-length: 277023
x-served-by: cache-iad-kiad7000114-IAD, cache-fra-eddf8230052-FRA
last-modified: Fri, 06 Aug 2021 22:44:40 GMT
server: Apache
x-timer: S1708563712.782111,VS0,VE113
etag: "43a1f-5c8ebc7e38600"
content-type: image/png
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 birthday_2.png
act.newyearnewchoices.com/files/mfa/ 34 KB
35 KB 274ms
271ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/files/mfa/birthday_2.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

2bea63d40de62998992b8a331baeff42cd852bcd6d6003045cd578c006abcd4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
age: 0
x-cache: MISS, MISS
content-length: 35200
x-served-by: cache-iad-kjyo7100043-IAD, cache-fra-eddf8230052-FRA
last-modified: Fri, 06 Aug 2021 22:44:39 GMT
server: Apache
x-timer: S1708563712.791222,VS0,VE117
etag: "8980-5c8ebc7d443c0"
content-type: image/png
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 congratulations_1.png
act.newyearnewchoices.com/files/mfa/ 68 KB
68 KB 274ms
271ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/files/mfa/congratulations_1.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

4b0f0fc55fb67dd9470c29e804a5e2f780074b435a17fbea8b0fbec3308ab36d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
age: 0
x-cache: MISS, MISS
content-length: 69572
x-served-by: cache-iad-kjyo7100091-IAD, cache-fra-eddf8230052-FRA
last-modified: Fri, 06 Aug 2021 22:44:40 GMT
server: Apache
x-timer: S1708563712.790506,VS0,VE123
etag: "10fc4-5c8ebc7e38600"
content-type: image/png
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 congratulations_2.png
act.newyearnewchoices.com/files/mfa/ 248 KB
248 KB 275ms
272ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/files/mfa/congratulations_2.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

dc9cac29e98b34fa915e5c8a8a6281e2b71895f9f4e583bde1e58f33ff06149f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
age: 0
x-cache: MISS, MISS
content-length: 253746
x-served-by: cache-iad-kiad7000164-IAD, cache-fra-eddf8230052-FRA
last-modified: Fri, 06 Aug 2021 22:44:40 GMT
server: Apache
x-timer: S1708563712.791180,VS0,VE130
etag: "3df32-5c8ebc7e38600"
content-type: image/png
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 fathersday_1.png
act.newyearnewchoices.com/files/mfa/ 256 KB
256 KB 274ms
272ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/files/mfa/fathersday_1.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

bb3d354903bad685ec588f059ef855319734e34a444921a48909a1b400623c38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
age: 0
x-cache: MISS, MISS
content-length: 261775
x-served-by: cache-iad-kiad7000047-IAD, cache-fra-eddf8230052-FRA
last-modified: Mon, 25 Apr 2022 17:24:41 GMT
server: Apache
x-timer: S1708563712.790930,VS0,VE130
etag: "3fe8f-5dd7dd9f64840"
content-type: image/png
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 fathersday_2.png
act.newyearnewchoices.com/files/mfa/ 66 KB
66 KB 276ms
273ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/files/mfa/fathersday_2.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

4fc7aa4648f3c25e561d22fbd6f02b99744dc13bbcbfce4894e2658442ca7752

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
age: 0
x-cache: MISS, MISS
content-length: 67118
x-served-by: cache-iad-kiad7000150-IAD, cache-fra-eddf8230052-FRA
last-modified: Mon, 25 Apr 2022 17:24:41 GMT
server: Apache
x-timer: S1708563712.790791,VS0,VE157
etag: "1062e-5dd7dd9f64840"
content-type: image/png
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 mothersday_1.png
act.newyearnewchoices.com/files/mfa/ 278 KB
278 KB 394ms
391ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/files/mfa/mothersday_1.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

d14826c466668fe90ddf805e9f8960f1e50a12cbe0bc0db5ff892ded2cf496fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:52 GMT
age: 0
x-cache: MISS, MISS
content-length: 284300
x-served-by: cache-iad-kjyo7100115-IAD, cache-fra-eddf8230052-FRA
last-modified: Wed, 20 Apr 2022 22:23:26 GMT
server: Apache
x-timer: S1708563712.790472,VS0,VE249
etag: "4568c-5dd1d712b3380"
content-type: image/png
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 mothersday_2.png
act.newyearnewchoices.com/files/mfa/ 68 KB
68 KB 273ms
271ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/files/mfa/mothersday_2.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

e77f5b710656bed66e5d489f93598f3b148074874752ffc9b0b1a84fd89da5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
age: 0
x-cache: MISS, MISS
content-length: 69850
x-served-by: cache-iad-kjyo7100048-IAD, cache-fra-eddf8230052-FRA
last-modified: Wed, 20 Apr 2022 22:23:27 GMT
server: Apache
x-timer: S1708563712.790505,VS0,VE118
etag: "110da-5dd1d713a75c0"
content-type: image/png
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 sympathy_1.png
act.newyearnewchoices.com/files/mfa/ 57 KB
57 KB 273ms
270ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/files/mfa/sympathy_1.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

7db4ce471d5770dd11e377b073ac745f5b9b6241b09abc81d6b20f9afbe1d6f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
age: 0
x-cache: MISS, MISS
content-length: 57928
x-served-by: cache-iad-kjyo7100055-IAD, cache-fra-eddf8230052-FRA
last-modified: Fri, 06 Aug 2021 22:44:46 GMT
server: Apache
x-timer: S1708563712.790977,VS0,VE109
etag: "e248-5c8ebc83f1380"
content-type: image/png
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 thanks_1.png
act.newyearnewchoices.com/files/mfa/ 249 KB
250 KB 275ms
273ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/files/mfa/thanks_1.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

f9eeac9b9f7e7ff2efd17a22d7640aab2c129759d936bcd3bbf3ce394c668639

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
age: 0
x-cache: MISS, MISS
content-length: 255467
x-served-by: cache-iad-kjyo7100042-IAD, cache-fra-eddf8230052-FRA
last-modified: Fri, 06 Aug 2021 22:44:46 GMT
server: Apache
x-timer: S1708563712.791103,VS0,VE145
etag: "3e5eb-5c8ebc83f1380"
content-type: image/png
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 thanks_2.png
act.newyearnewchoices.com/files/mfa/ 263 KB
263 KB 274ms
272ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/files/mfa/thanks_2.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

769c9aa5763a293bd414f67327dfe5b7d2726d4357ab253757845b461067389a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
age: 0
x-cache: MISS, MISS
content-length: 269196
x-served-by: cache-iad-kiad7000159-IAD, cache-fra-eddf8230052-FRA
last-modified: Wed, 21 Dec 2022 00:38:31 GMT
server: Apache
x-timer: S1708563712.790226,VS0,VE138
etag: "41b8c-5f04bc58b2fc0"
content-type: image/png
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 thanks_3.png
act.newyearnewchoices.com/files/mfa/ 269 KB
270 KB 274ms
272ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/files/mfa/thanks_3.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

208b2650b3abad4ae0b4550fb5aed2e019cbda92748ace81dc7ad2c5885baeaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
age: 0
x-cache: MISS, MISS
content-length: 275572
x-served-by: cache-iad-kjyo7100099-IAD, cache-fra-eddf8230052-FRA
last-modified: Wed, 21 Dec 2022 00:38:31 GMT
server: Apache
x-timer: S1708563712.790814,VS0,VE131
etag: "43474-5f04bc58b2fc0"
content-type: image/png
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 thinking_1.png
act.newyearnewchoices.com/files/mfa/ 264 KB
264 KB 273ms
271ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/files/mfa/thinking_1.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

c5c581fca77ee2494d2006e5a7a9622edb44eb822b607d3094462a53f865ea8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
age: 0
x-cache: MISS, MISS
content-length: 270232
x-served-by: cache-iad-kcgs7200024-IAD, cache-fra-eddf8230052-FRA
last-modified: Fri, 06 Aug 2021 22:44:46 GMT
server: Apache
x-timer: S1708563712.790478,VS0,VE125
etag: "41f98-5c8ebc83f1380"
content-type: image/png
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 thinking_2.png
act.newyearnewchoices.com/files/mfa/ 53 KB
54 KB 271ms
270ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/files/mfa/thinking_2.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

35f0ede7d9f65849be9c103153d1b0e0c728954ccc369ac8240446ab16ac617e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
age: 0
x-cache: MISS, MISS
content-length: 54677
x-served-by: cache-iad-kcgs7200101-IAD, cache-fra-eddf8230052-FRA
last-modified: Fri, 06 Aug 2021 22:44:46 GMT
server: Apache
x-timer: S1708563712.790163,VS0,VE104
etag: "d595-5c8ebc83f1380"
content-type: image/png
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 valday_1.png
act.newyearnewchoices.com/files/mfa/ 189 KB
190 KB 273ms
271ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/files/mfa/valday_1.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

381b076ffd1336064582e3fb03c87de586de69ae85a7a8471bd2a57e5e4be568

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
age: 0
x-cache: MISS, MISS
content-length: 193940
x-served-by: cache-iad-kcgs7200147-IAD, cache-fra-eddf8230052-FRA
last-modified: Wed, 09 Feb 2022 16:49:23 GMT
server: Apache
x-timer: S1708563712.790136,VS0,VE126
etag: "2f594-5d7989d9f0ac0"
content-type: image/png
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 valday_2.png
act.newyearnewchoices.com/files/mfa/ 166 KB
167 KB 274ms
272ms Image
image/png 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.newyearnewchoices.com/files/mfa/valday_2.png

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

f86c530bb683a3ec69bd2ab61e5668ca54a09c3b5aa92cd972ee1d56a12759cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 01:01:51 GMT
age: 0
x-cache: MISS, MISS
content-length: 170464
x-served-by: cache-iad-kcgs7200117-IAD, cache-fra-eddf8230052-FRA
last-modified: Wed, 09 Feb 2022 16:49:23 GMT
server: Apache
x-timer: S1708563712.790133,VS0,VE145
etag: "299e0-5d7989d9f0ac0"
content-type: image/png
access-control-allow-origin: https://act.newyearnewchoices.com
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 01BF 200 B
1 KB 44ms
43ms Document
text/html 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://act.newyearnewchoices.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 408
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 22 Feb 2024 00:55:04 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 16 Feb 2024 21:04:47 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
x-amz-cf-id: h2EByjL9mMECJajXP-IW-pKmtAn-swfpn5yPUgn_USRsDekhoPZAGA==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 shared-9c997d7885039d4d44007951f5740ddb.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E2ED 536 KB
117 KB 49ms
48ms Script
text/javascript 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-9c997d7885039d4d44007951f5740ddb.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-2d75091b71fd377dac06bf852d8d9149.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e087169af88bdd64e3a6fd5662302eb1ce32e14cb4384762ce40c400a1aaffec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-2d75091b71fd377dac06bf852d8d9149.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 00:05:09 GMT
content-encoding: br
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 3402
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Wed, 21 Feb 2024 21:02:50 GMT
server: Cloudfront
etag: W/"c7f761b156d21ac54cd27f08507ba72f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: W4ESJeoFu_7DmHHK7B1CZfXZ_SoZqLUhn7HJpeCD0l5AIN8lBq8W8A==

GET
H2 200 controller-6c46cc2b61d1c7e5fc58c19801d13136.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E2ED 697 KB
163 KB 77ms
76ms Script
text/javascript 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-6c46cc2b61d1c7e5fc58c19801d13136.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-2d75091b71fd377dac06bf852d8d9149.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

940e331bde5a2f368b94e91185b27976d5a004f54738cade7b46b1171e0ac984

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-2d75091b71fd377dac06bf852d8d9149.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 00:05:09 GMT
content-encoding: br
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 3409
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Wed, 21 Feb 2024 21:02:47 GMT
server: Cloudfront
etag: W/"ccc41ed16482f3f7edb074ab93cdbbb1"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: kA0AC-X1k6N237C5Txu2qtm5m-zWp9Qf8-aYslGTuo9Y1OCn_15Inw==

POST
H2 200 csp-report
q.stripe.com/ Frame E2ED 0
717 B 663ms
219ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 22 Feb 2024 01:01:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1708563712340458
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1708563712339889
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 01BF 526 B
1 KB 98ms
97ms Script
text/javascript 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 00:55:04 GMT
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 408
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
content-length: 526
last-modified: Fri, 16 Feb 2024 21:04:46 GMT
server: Cloudfront
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 4Hxw0F6E7OMKsApzt9MzNESWlgCGQSZfimIcw53seNOCCAkZcmeqwQ==

POST
H2 200 csp-report
q.stripe.com/ Frame 01BF 0
717 B 638ms
219ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 22 Feb 2024 01:01:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1708563712340863
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1708563712339978
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 01BF 0
717 B 642ms
223ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 22 Feb 2024 01:01:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1708563712341115
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1708563712340236
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 120ms
37ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFFHHGK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 21 Feb 2024 23:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4422
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 22 Feb 2024 01:48:09 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 214 KB
58 KB 116ms
39ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFFHHGK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 22 Feb 2024 01:01:51 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57257
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: FQ1SWpUEESGnRg4PZcrHBaqfzVriLpmPtMRV8G0bZCusmcWgYQ00oMLtpTZNt93LMskekX1BQ5D8z2cvkXPAXg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 280 KB
93 KB 61ms
61ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-DW3MLMSQ5V&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFFHHGK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

88228adb74510c4a48552b8bd399ea5b5359253bff740f543c2f2cb852b34af4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 01:01:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95122
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 22 Feb 2024 01:01:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
93 KB 53ms
53ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DW3MLMSQ5V&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFFHHGK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac12127bb9dc370b447a4f6c42efb2668fc57ba61a3cffef2275173ffd6f7154

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 01:01:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95086
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 22 Feb 2024 01:01:51 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
260 B 125ms
42ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DW3MLMSQ5V&gtm=45je42h0v9173308720z8849786062za200&_p=1708563711324&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=522632064.1708563712&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708563711&sct=1&seg=0&dl=https%3A%2F%2Fact.newyearnewchoices.com%2F&dt=They%20need%20you.%20%7C%20Mercy%20For%20Animals&en=Page%20view&_fv=1&_nsi=1&_ss=1&tfd=740
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DW3MLMSQ5V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 01:01:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://act.newyearnewchoices.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame E2ED 474 B
919 B 138ms
46ms Fetch
application/json 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9c997d7885039d4d44007951f5740ddb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f14850bd37330029434db0aaa4a2c855764df1bb92107be2c25aa786652f5f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-2d75091b71fd377dac06bf852d8d9149.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 22 Feb 2024 01:01:30 GMT
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 23
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
content-length: 474
last-modified: Wed, 21 Feb 2024 21:35:57 GMT
server: Cloudfront
etag: "fd46fd953274e092a5d64f34489bb095"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: BD5cf8KuFCfwkg3K0g9XMQ4PNGTkWvdUduk7PbFVT3WWGEIBVk7mSQ==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame E2ED 474 B
917 B 132ms
46ms Fetch
application/json 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9c997d7885039d4d44007951f5740ddb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f14850bd37330029434db0aaa4a2c855764df1bb92107be2c25aa786652f5f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-2d75091b71fd377dac06bf852d8d9149.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 22 Feb 2024 01:01:30 GMT
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 23
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
content-length: 474
last-modified: Wed, 21 Feb 2024 21:35:57 GMT
server: Cloudfront
etag: "fd46fd953274e092a5d64f34489bb095"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: END-bQbGGLJajOGmBHcIkff9HMQHe7WoV-QoiK_-SMt1yY-RtvvZyw==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 36F6 930 B
1 KB 151ms
45ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 22 Feb 2024 01:01:52 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 3
x-content-type-options: nosniff
x-request-id: 38db051c-0969-4dfe-b4cd-283a4963440e
x-served-by: cache-fra-etou8220115-FRA
x-timer: S1708563712.101023,VS0,VE0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
215 B 41ms
39ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1894578072&t=pageview&_s=1&dl=https%3A%2F%2Fact.newyearnewchoices.com%2F&ul=en-us&de=UTF-8&dt=They%20need%20you.%20%7C%20Mercy%20For%20Animals&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=1064704728&gjid=1259462409&cid=522632064.1708563712&tid=UA-87656-1&_gid=771531106.1708563712&_r=1&_slc=1&gtm=45He42h0n81MFFHHGKv849786062za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=1776865253

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://act.newyearnewchoices.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 01:01:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://act.newyearnewchoices.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
355 B 128ms
45ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-87656-1&cid=522632064.1708563712&jid=1064704728&gjid=1259462409&_gid=771531106.1708563712&_u=YADAAAAAAAAAAC~&z=1641699627

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://act.newyearnewchoices.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 22 Feb 2024 01:01:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://act.newyearnewchoices.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 822324977878230 Show response
connect.facebook.net/signals/config/ 62 KB
13 KB 108ms
108ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/822324977878230?v=2.9.147&r=stable&domain=act.newyearnewchoices.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cf31f1811a7a69ce60edc3c61a0bef8f1c211ad435d5f1331625f22520c0ab32

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 22 Feb 2024 01:01:52 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: Bcgs/ehfx+/os9EXIpw4DP6EvkeCxdYDiskZQbTE10wtTdbuxaYRMRmKYOnsTWStRB28gdYj6gNp9NMVipDj6A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 36F6 0
492 B 305ms
217ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 22 Feb 2024 01:01:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1708563712340496
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1708563712339932
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 36F6 87 KB
15 KB 47ms
47ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Thu, 22 Feb 2024 01:01:52 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 200
x-cache: HIT
content-length: 15509
x-request-id: 0e472d8c-1197-43d2-8010-80e7a70d77ca
x-served-by: cache-fra-etou8220115-FRA
server: Fastly
x-timer: S1708563712.150182,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 44

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 115ms
42ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-87656-1&cid=522632064.1708563712&jid=1064704728&_u=YADAAAAAAAAAAC~&z=1171274974

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 01:01:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 117ms
43ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-87656-1&cid=522632064.1708563712&jid=1064704728&_u=YADAAAAAAAAAAC~&z=1171274974

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 01:01:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1516273432023152 Show response
connect.facebook.net/signals/config/ 23 KB
3 KB 80ms
79ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1516273432023152?v=2.9.147&r=stable&domain=act.newyearnewchoices.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100%2C175%2C174%2C176%2C181%2C182%2C183%2C179%2C171%2C116%2C118%2C170%2C172%2C107%2C137%2C129%2C132%2C113%2C166%2C206%2C101%2C111%2C207%2C144%2C105%2C127%2C120%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

34b4c908ae7e591ccdc241d1a475dd411f76b4bbee2c80efd7f2f861e1a44a79

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 22 Feb 2024 01:01:52 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: pYgkGcoZm6XptsN65rfmaq7Khlx5NUAd/l9p7OfnWdmyfUTnhQFlKHcGFSTqBiq+VMzGFdVohBii/lOzsLaeFA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 99ms
32ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=822324977878230&ev=PageView&dl=https%3A%2F%2Fact.newyearnewchoices.com%2F&rl=&if=false&ts=1708563712183&sw=1600&sh=1200&v=2.9.147&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1708563712181.551263157&cs_est=true&ler=empty&cdl=API_unavailable&it=1708563712056&coo=false&tm=1&exp=e1&rqm=GET

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 22 Feb 2024 01:01:52 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame 36F6 156 B
668 B 645ms
217ms XHR
application/json 44.241.26.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.241.26.175 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-241-26-175.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

ced3e87b6b44d95584f6d0b22932b68539c329eb5d9c02843a13dd60d1d2b1d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 22 Feb 2024 01:01:52 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1708563712756302
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1708563712755746
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 32ms
32ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1516273432023152&ev=PageView&dl=https%3A%2F%2Fact.newyearnewchoices.com%2F&rl=&if=false&ts=1708563712266&sw=1600&sh=1200&v=2.9.147&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1708563712181.551263157&cs_est=true&ler=empty&cdl=API_unavailable&it=1708563712056&coo=false&tm=1&exp=e1&rqm=GET

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 22 Feb 2024 01:01:52 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H/1.1 200
OK vk8fn2ytdnbr5kn2
client-analytics.braintreegateway.com/ Frame 0
0 192ms
47ms Preflight 3.121.250.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/vk8fn2ytdnbr5kn2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.121.250.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-121-250-91.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://act.newyearnewchoices.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://act.newyearnewchoices.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Thu, 22 Feb 2024 01:01:52 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK vk8fn2ytdnbr5kn2 Show response
client-analytics.braintreegateway.com/ 0
360 B 46ms
46ms XHR
text/plain 3.121.250.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/vk8fn2ytdnbr5kn2

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/files/mfa/js/js_WyMYd3SRedptBdMDBRwnrYvMdkv7J58SMZZL6mQxjdU.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.121.250.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-121-250-91.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://act.newyearnewchoices.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 22 Feb 2024 01:01:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://act.newyearnewchoices.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK vk8fn2ytdnbr5kn2 Show response
client-analytics.braintreegateway.com/ 0
360 B 47ms
47ms XHR
text/plain 3.121.250.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/vk8fn2ytdnbr5kn2

Requested by

Host: act.newyearnewchoices.com
URL: https://act.newyearnewchoices.com/files/mfa/js/js_WyMYd3SRedptBdMDBRwnrYvMdkv7J58SMZZL6mQxjdU.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.121.250.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-121-250-91.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://act.newyearnewchoices.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 22 Feb 2024 01:01:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://act.newyearnewchoices.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

OPTIONS
H/1.1 200
OK vk8fn2ytdnbr5kn2
client-analytics.braintreegateway.com/ Frame 0
0 193ms
48ms Preflight 3.121.250.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/vk8fn2ytdnbr5kn2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.121.250.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-121-250-91.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://act.newyearnewchoices.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://act.newyearnewchoices.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Thu, 22 Feb 2024 01:01:52 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

POST
H2 200 session Show response
api.stripe.com/v1/radar/ Frame E2ED 42 B
854 B 3194ms
3042ms Fetch
application/json 34.241.202.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.stripe.com/v1/radar/session

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9c997d7885039d4d44007951f5740ddb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.241.202.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

api-34-241-202-139.stripe.com

Software

nginx /

Resource Hash

3fedcee3c2cafd2855df3602cd5c9ac955bb47222b9fde4f5d79f6e7c85ffd8b

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=v1%2Fradar%2Fsession; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

original-request: req_T9an3Il7oFmmoO
date: Thu, 22 Feb 2024 01:01:53 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=v1%2Fradar%2Fsession; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
stripe-should-retry: false
stripe-version: 2020-03-02
strict-transport-security: max-age=63072000; includeSubDomains; preload
request-id: req_T9an3Il7oFmmoO
content-length: 42
server: nginx
x-stripe-routing-context-priority-tier: livemode
access-control-max-age: 300
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json
access-control-allow-origin: https://js.stripe.com
idempotency-key: 3d81bf09-5249-4778-a7d4-187188649f46
access-control-expose-headers: Request-Id, Stripe-Manage-Version, Stripe-Should-Retry, X-Stripe-External-Auth-Required, X-Stripe-Privileged-Session-Required
cache-control: no-cache, no-store
access-control-allow-credentials: true
vary: Origin
timing-allow-origin: https://js.stripe.com

POST
H2 200 6 Show response
m.stripe.com/ Frame 36F6 156 B
667 B 3185ms
3184ms XHR
application/json 44.241.26.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.241.26.175 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-241-26-175.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

ced3e87b6b44d95584f6d0b22932b68539c329eb5d9c02843a13dd60d1d2b1d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 22 Feb 2024 01:01:52 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1708563712979499
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1708563712979256
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame 36F6 156 B
667 B 3189ms
3188ms XHR
application/json 44.241.26.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.241.26.175 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-241-26-175.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

ced3e87b6b44d95584f6d0b22932b68539c329eb5d9c02843a13dd60d1d2b1d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 22 Feb 2024 01:01:53 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1708563713029431
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1708563713028945
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 b Show response
r.stripe.com/ Frame E2ED 0
273 B 3277ms
3265ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9c997d7885039d4d44007951f5740ddb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 22 Feb 2024 01:01:56 GMT
x-stripe-server-envoy-start-time-us: 1708563716147650
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1708563716147375
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame E2ED 0
273 B 3277ms
3265ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9c997d7885039d4d44007951f5740ddb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 22 Feb 2024 01:01:56 GMT
x-stripe-server-envoy-start-time-us: 1708563716147675
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 7
x-stripe-client-envoy-start-time-us: 1708563716147165
access-control-allow-credentials: true
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 39ms
38ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DW3MLMSQ5V&gtm=45je42h0v9173308720za200&_p=1708563711324&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=522632064.1708563712&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=2&sid=1708563711&sct=1&seg=1&dl=https%3A%2F%2Fact.newyearnewchoices.com%2F&dt=They%20need%20you.%20%7C%20Mercy%20For%20Animals&en=page_view&_ee=1&_et=1&tfd=5745
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DW3MLMSQ5V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.newyearnewchoices.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Feb 2024 01:01:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://act.newyearnewchoices.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 b Show response
r.stripe.com/ Frame E2ED 0
273 B 221ms
221ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-9c997d7885039d4d44007951f5740ddb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 22 Feb 2024 01:01:57 GMT
x-stripe-server-envoy-start-time-us: 1708563717187043
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1708563717186240
access-control-allow-credentials: true
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: rms.gospringboard.io
URL: https://rms.gospringboard.io/k97avDZZzRpRJokbdoaQDz4hfRqidTD7/get?cookie_prefix=gift_string&host=act.newyearnewchoices.com

Domain: rms.gospringboard.io
URL: https://rms.gospringboard.io/k97avDZZzRpRJokbdoaQDz4hfRqidTD7/get?&host=act.newyearnewchoices.com

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
act.newyearnewchoices.com/	1969-12-31 23:59:59	Name: cookies_enabled Value: 1
.newyearnewchoices.com/	1970-01-21 04:12:03	Name: _ga Value: GA1.1.522632064.1708563712
.newyearnewchoices.com/	1970-01-21 04:12:03	Name: _ga_DW3MLMSQ5V Value: GS1.1.1708563711.1.1.1708563711.0.0.0
.act.newyearnewchoices.com/	1970-01-21 04:12:03	Name: _ga Value: GA1.3.522632064.1708563712
.act.newyearnewchoices.com/	1970-01-20 18:37:30	Name: _gid Value: GA1.3.771531106.1708563712
.act.newyearnewchoices.com/	1970-01-20 18:36:03	Name: _gat_UA-87656-1 Value: 1
.newyearnewchoices.com/	1970-01-20 20:45:39	Name: _fbp Value: fb.1.1708563712181.551263157
act.newyearnewchoices.com/	1970-01-21 04:12:03	Name: Springboard Value: mT7Ou4xOx7c070qrtTu9jYf5kvzuJsQce2BReOx%2Bub0PQk3%2FykQ4LksLqJBjlDfZ
m.stripe.com/	1970-01-21 04:12:03	Name: m Value: fe045077-c50c-4f17-822b-ff5ba58c238bc37cac
.act.newyearnewchoices.com/	1970-01-21 03:21:39	Name: __stripe_mid Value: 5600e969-885c-4e5d-9ae5-15eb36d49ddf6b1b95
.act.newyearnewchoices.com/	1970-01-20 18:36:05	Name: __stripe_sid Value: 818faabb-e5d4-460c-a09b-0dbfd75929e5e0c020

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
javascript	error	URL: https://act.newyearnewchoices.com/ Message: Access to XMLHttpRequest at 'https://rms.gospringboard.io/k97avDZZzRpRJokbdoaQDz4hfRqidTD7/get?&host=act.newyearnewchoices.com' from origin 'https://act.newyearnewchoices.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://rms.gospringboard.io/k97avDZZzRpRJokbdoaQDz4hfRqidTD7/get?&host=act.newyearnewchoices.com Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://act.newyearnewchoices.com/ Message: Access to XMLHttpRequest at 'https://rms.gospringboard.io/k97avDZZzRpRJokbdoaQDz4hfRqidTD7/get?cookie_prefix=gift_string&host=act.newyearnewchoices.com' from origin 'https://act.newyearnewchoices.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://rms.gospringboard.io/k97avDZZzRpRJokbdoaQDz4hfRqidTD7/get?cookie_prefix=gift_string&host=act.newyearnewchoices.com Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://connect.facebook.net/signals/config/822324977878230?v=2.9.147&r=stable&domain=act.newyearnewchoices.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 105) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://act.newyearnewchoices.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://act.newyearnewchoices.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://act.newyearnewchoices.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://act.newyearnewchoices.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://act.newyearnewchoices.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

act.newyearnewchoices.com
api.stripe.com
client-analytics.braintreegateway.com
connect.facebook.net
file-cdn.mercyforanimals.org
fonts.googleapis.com
js.stripe.com
m.stripe.com
m.stripe.network
payments.braintree-api.com
q.stripe.com
r.stripe.com
region1.google-analytics.com
rms.gospringboard.io
stats.g.doubleclick.net
use.fontawesome.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
rms.gospringboard.io
13.248.139.42
151.101.0.176
151.101.193.91
2001:4860:4802:34::36
2606:4700:3030::ac43:b94c
2606:4700:e6::ac40:cf26
2a00:1450:4001:80b::200e
2a00:1450:4001:812::2004
2a00:1450:4001:812::2008
2a00:1450:4001:813::2003
2a00:1450:4001:81c::200a
2a00:1450:400c:c00::9a
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.121.250.91
34.241.202.139
44.241.26.175
54.187.119.242
99.86.4.9
020ee500ec1243a95eb00ceaa7140de14ff9549ba0adc87233ddba37bddde2d6
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
0f5b5294c285bceb66e98b19cd891cd1273034e116e7ef92e77618b3c64ccf1c
14ae13e024eceb5c9d5510d6d6290d0188ed4a15f48f99a03067cceeb006ba73
19d59f03c930bd4a4779b1e411db69eaf7722da3063fc773553bb590f8a0f8c0
19fd1776de32a4661efcf987288c6a407ee1776f92eff8b94d369b4b8d0c1645
208b2650b3abad4ae0b4550fb5aed2e019cbda92748ace81dc7ad2c5885baeaf
243a883105300b38802320171655c86d0f974ebc339a319228b9d91363eb93be
2bea63d40de62998992b8a331baeff42cd852bcd6d6003045cd578c006abcd4f
2e284fc95f7d50b46d7fb635d09e675ca284a691adf43d105b71b725a6100999
3001dff4af308fa38c9b7f281605158b111c9421452e02fbc0fcf07c4a37cf00
32a02f28b314005213b91b73243bd516c526d5d040ca3226265bb1ca305d4f75
34b4c908ae7e591ccdc241d1a475dd411f76b4bbee2c80efd7f2f861e1a44a79
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
35f0ede7d9f65849be9c103153d1b0e0c728954ccc369ac8240446ab16ac617e
381b076ffd1336064582e3fb03c87de586de69ae85a7a8471bd2a57e5e4be568
39394f3f301e71331ef3e4d7a6e1e3bb7ad7fa1d8f87b1974ed2ef2bca0da540
3e1ddbec6cde27710c2d308740a8a0d75b967a827cdceecd9037f99b90392fa3
3f5dd33d2091c85b1a7fa704a328f5867c1098e2d2322db6ad8efefbeade2d0d
3fedcee3c2cafd2855df3602cd5c9ac955bb47222b9fde4f5d79f6e7c85ffd8b
4b0f0fc55fb67dd9470c29e804a5e2f780074b435a17fbea8b0fbec3308ab36d
4fc7aa4648f3c25e561d22fbd6f02b99744dc13bbcbfce4894e2658442ca7752
519deadda6b1fcb9fa036d2fb899f01a45ec3012a393db6a0fc00ef2cc4ea368
548e8e4dd613d72d44baaaf605bc5855ca593e31956d09f0662a1152b95448fe
5b231877749179da6d05d303051c27ad8bcc764bfb279f1231964bea64318dd5
6b39cff5fbd19ac37fb9d8d916f6dc8bd2347d148fef069577156e64d2aba9fb
6cc35ca80a8e729541e15198c3a17d1c338d1df6f7eb7bf086ad1fafaee47313
6d3499bd54810a0740db8cf6e277359c2c230e11ea23658b4747c668c09826e8
70b63035515ac244d2d33fcf8be28ddd0654558535543c0e8831e29eda0f8a85
769c9aa5763a293bd414f67327dfe5b7d2726d4357ab253757845b461067389a
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
77f250725de074883a574208c1ca81ffff72a58e3a595409d56a8535da44af80
7db4ce471d5770dd11e377b073ac745f5b9b6241b09abc81d6b20f9afbe1d6f0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88228adb74510c4a48552b8bd399ea5b5359253bff740f543c2f2cb852b34af4
8ab843f3a7082e36fc2af63adaf01783b0a8b3d4fac7539a797878e3a3078a4a
8bdd0bd9d3b37cd0aca3491755a4cea0f41090ced3ab96bdd055fbde82b795f4
90334a765f331b0057bda6976d556f14e1795fb8a8dafd9259c4f8cf3fd50a26
91f7dc6a01858c8be373845ce0ce675c2cb892f4630778d6630f0cc26094f6bf
940e331bde5a2f368b94e91185b27976d5a004f54738cade7b46b1171e0ac984
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9c301048d2f6d7740392c8cca42bd6f53fabb21c8ff92a82e510b0dd9c3a46c3
9dcb2d5a77e215af7fd15f03b9e44145cb5681332b85686b4e80985027f76698
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
a59a9e65af9a1309cf4438617984606723feb5bf2dc54ccf785dd1a5a8587887
a702c1d17f3e92feef286fa2f533c8cc439b0deeaf33f02c81946e6654122095
a871cd0bf110f4079204d6e0d651895b1dc47aa36808196778a41d0c048ee7e6
ac12127bb9dc370b447a4f6c42efb2668fc57ba61a3cffef2275173ffd6f7154
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b62b4bc75d93e6f616d6ad4897db2c8ca03f7a05343da178e4e7f2f92c2f25ef
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bb3d354903bad685ec588f059ef855319734e34a444921a48909a1b400623c38
c27c693cd045449dc636d3c86e7aaebd44af77098cd2fc311cef54c1efa4e81c
c3bc152f79afb41c945b772ca1eecc040a1d72f466f0da6e6a8c07f4916bc33b
c44fab5ab25ff9f9dc07aced65f77686ec6a831bb858efaac266ba5deaf7d26e
c5c581fca77ee2494d2006e5a7a9622edb44eb822b607d3094462a53f865ea8a
c663f7dbd6e9dcd14c255def30286c72d1d9a2be14c5214bbbbfad9c6b33e4e8
c722283d703cf73b84ab8abdce4067323f2e2612b50f76ec1c8c3cf3be87a843
ca17697042f4b65cfbd37638ef574652e0e18aefcad70ae502212d430270efd1
caf6c0b418fa37706da7f012858370fbee588429b27b0df626307797abe4b5d2
cd7d76c17a22a13525ff9eb5b6d87f4ee28b1897d8ce27e3e93d0c5988ba0f3d
ced3e87b6b44d95584f6d0b22932b68539c329eb5d9c02843a13dd60d1d2b1d2
cf31f1811a7a69ce60edc3c61a0bef8f1c211ad435d5f1331625f22520c0ab32
d14826c466668fe90ddf805e9f8960f1e50a12cbe0bc0db5ff892ded2cf496fd
dc4cdbeb9b04ca78ea0aa0124c815554d358af659558ba8a90c3f73b5159b839
dc9cac29e98b34fa915e5c8a8a6281e2b71895f9f4e583bde1e58f33ff06149f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e087169af88bdd64e3a6fd5662302eb1ce32e14cb4384762ce40c400a1aaffec
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e4793845d12dc4cdc83ef651f925bdd85ddf29ba27b41d30f5c634fd7f5bea
e77f5b710656bed66e5d489f93598f3b148074874752ffc9b0b1a84fd89da5a4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8dac9914befdef0e45167b0c9cb96e1edf87047eac13e2e22f10ba1bf71522
f14850bd37330029434db0aaa4a2c855764df1bb92107be2c25aa786652f5f2c
f86c530bb683a3ec69bd2ab61e5668ca54a09c3b5aa92cd972ee1d56a12759cb
f9db89376b035b63954f5b8a4abdef693e8a5fc26540a844102cf9bbe4a09904
f9eeac9b9f7e7ff2efd17a22d7640aab2c129759d936bcd3bbf3ce394c668639
fcef7aff23c7f5f521d42dc242f1db71cff8f063a39945a6dadf1a6c9037ab40

act.newyearnewchoices.com Open in urlscan Pro 151.101.193.91 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

100 Requests

98 %HTTPS

58 %IPv6

16 Domains

21 Subdomains

20 IPs

4 Countries

7534 kBTransfer

10769 kBSize

11 Cookies

5 Outgoing links

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

act.newyearnewchoices.com Open in urlscan Pro
151.101.193.91 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

98 %
HTTPS

58 %
IPv6

16
Domains

21
Subdomains

20
IPs

4
Countries

7534 kB
Transfer

10769 kB
Size

11
Cookies

100 HTTP transactions
0 data transactions