savetext.us/Giving-Tuesday2?mk=33265268
66.220.23.67301 Moved Permanently 1.4 kB URL User Request GET HTTP/2 savetext.us/Giving-Tuesday2?mk=33265268
IP 66.220.23.67:443
Certificate IssuerZeroSSL
Subjectsavetext.us
Fingerprint58:50:39:4B:E7:5C:00:D8:EC:CF:FA:A7:41:6B:9F:9A:97:9A:D0:26
ValidityMon, 13 Nov 2023 00:00:00 GMT - Sun, 11 Feb 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (627)
Hash cda4a43f408f8cfaed8b261e37db85dd
5997d7afbb40775a02bb32efa25a5330f2a4bcea
036d8667eb6bedb014ad1d3673421ed149e5858f5133e3db8e8b90f52018a976
GET /Giving-Tuesday2?mk=33265268 HTTP/1.1
Host: savetext.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
alt-svc: h3=":443"; ma=2592000
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
cloudflare-cdn-cache-control: max-age=900, stale-if-error=86400
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 16:08:35 GMT
location: https://mcrw4f6qcvp3py3ldk7swss13k28.pub.sfmc-content.com/5rly4zhmenu?url=https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
referrer-policy: unsafe-url
server: Caddy
status: 301 Moved Permanently
x-content-type-options: nosniff
x-lighttpd-longurl: https://mcrw4f6qcvp3py3ldk7swss13k28.pub.sfmc-content.com/5rly4zhmenu?url=https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
x-robots-tag: noindex
x-tinyurl-redirect: eyJpdiI6ImhYMk1GSlJpVzBnbng4ckcraUpRYnc9PSIsInZhbHVlIjoiTjg1OUk2WnpGKy9NS3JUYkk3VTB5cC9uYytMYnNDRXIyOEU4YlhHM25lSGxKSTdibUlMcURGR1d4TjZQZnp0SDFqSDNDTDJzejFkNll5WTY5d1Qrdmc9PSIsIm1hYyI6IjUzNGFhOTIwODZmMWFjYjMzMmIzNzJiMjJlNmQ0ZGQ3ZDU1YzdjYmQ1Yjc1ZjRiODUyZTc1ZTg4Yzg2OTNlM2QiLCJ0YWciOiIifQ==
x-tinyurl-redirect-type: redirect
x-xss-protection: 1; mode=block
content-length: 1422
X-Firefox-Spdy: h2
mcrw4f6qcvp3py3ldk7swss13k28.pub.sfmc-content.com/5rly4zhmenu?url=https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
13.110.204.31302 Found 337 B URL User Request GET HTTP/1.1 mcrw4f6qcvp3py3ldk7swss13k28.pub.sfmc-content.com/5rly4zhmenu?url=https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
IP 13.110.204.31:443
Certificate IssuerDigiCert Inc
Subject*.pub.sfmc-content.com
Fingerprint39:38:70:30:67:9F:06:90:9B:FE:83:1D:0A:65:80:E5:0B:05:3A:83
ValiditySat, 01 Apr 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ced840b4c2eaef0e78938cd7461dcb11
c23174867689fb1004999558f2bf63aa209cfdb1
331ed08ebb084362ae561c4cfb6e5c55e440f61e6c4ef9d1d82f15923c9cc466
GET /5rly4zhmenu?url=https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268 HTTP/1.1
Host: mcrw4f6qcvp3py3ldk7swss13k28.pub.sfmc-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Date: Mon, 04 Dec 2023 16:08:35 GMT
Connection: close
Content-Length: 337
status.geotrust.com/
192.229.221.95 471 B IP 192.229.221.95:0
Hash dddead331fcd3fe80c4b22e55a01a91f
9e5b271576c6d6f58853ae6a71f047c25c1f1d29
7e555801a11ddbec1c6116c6c1074b6b3ecb8b4c8fe09372212526897642cf52
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5908
Cache-Control: max-age=7200
Content-Type: application/ocsp-response
Date: Mon, 04 Dec 2023 16:08:36 GMT
Last-Modified: Mon, 04 Dec 2023 14:30:08 GMT
Server: ECAcc (amb/6A94)
X-Cache: HIT
Content-Length: 471
cdnjs.cloudflare.com/ajax/libs/fancybox/2.1.5/jquery.fancybox.min.css
104.17.25.14200 OK 955 B URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/fancybox/2.1.5/jquery.fancybox.min.css
IP 104.17.25.14:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (3885), with no line terminators
Hash d7b336b9735d553126c374715bd6dd41
bae79ef61b23b0a9e20ebad9a701de5bfa9f6fd1
6a5ed4bb4bb22800c5f3d7057a35cbdd8bb49686d8df119a8452122aa7b40b80
GET /ajax/libs/fancybox/2.1.5/jquery.fancybox.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 16:08:37 GMT
content-type: text/css; charset=utf-8
content-length: 955
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e58-f2d"
last-modified: Mon, 04 May 2020 16:10:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 552225
expires: Sat, 23 Nov 2024 16:08:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B1ogavH%2FfPmM5a980j%2BAAX79Katr9W3gI9tRZ3m52UA%2B%2FpEAImCtgVLJeiqkT5UvEoyrzdCaUB9mbOxNMjkjmKfDp%2F6z71VpNbZCrkJk8xh%2F591JCcep58tsgRzGABIvFDIguMba"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 83054f21f8ba0b51-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
74.123.154.123200 200 70 kB URL User Request GET HTTP/1.1 support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
IP 74.123.154.123:443
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (52255), with CRLF, LF line terminators
Hash 99822b77b9a33cbd51e0a222a69b5cb6
311a93d641974ef51258e9660ae05b7353205170
2f96f93900af71a91aadd182ac314adb721b673bba4bc5066400d688b4b2323d
GET /site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268 HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 200
Date: Mon, 04 Dec 2023 16:08:36 GMT
Server: Apache
X-Content-Type-Options: nosniff
Cache-Control: no-cache, no-store
Pragma: no-cache
Set-Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b; Path=/; Secure; HttpOnly
JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b; Path=/site/
JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b;Path=/site/CRConsAPI; Secure; SameSite=None
JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b;Path=/site/CrmRest; Secure; SameSite=None
JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b;Path=/site/AnonymousLogin; Secure; SameSite=None
JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b;Path=/site/CRDonationAPI; Secure; SameSite=None
Content-Security-Policy: frame-ancestors 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com; report-uri https://support.savethechildren.org/site/XFrameViolation
X-Frame-Options: allow-from 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com
Keep-Alive: timeout=15, max=468
Connection: Keep-Alive
Content-Type: text/html;charset=ISO-8859-1
Content-Encoding: gzip
Transfer-Encoding: chunked
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js
23.38.200.237200 OK 105 kB URL GET HTTP/2 assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js
IP 23.38.200.237:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectassets.adobedtm.com
Fingerprint8E:2F:9F:94:55:93:C2:B5:58:37:E8:D3:02:3C:23:AF:BA:E7:1D:EA
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (32761)
Size 105 kB (105137 bytes)
Hash 2a5d35e77c33d158ed1269fac6dbbb04
1b5b38bf19d9499f8487b55ec76f18527a63a633
df884044c86808bf30916cf519c59bfb9b16174de4097188053d338ead81952f
GET /a9de570d9caa/b01a1f4bb0c4/launch-d47d2de11878.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "2a5d35e77c33d158ed1269fac6dbbb04:1699559964.600648"
last-modified: Thu, 09 Nov 2023 19:59:24 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 04 Dec 2023 17:08:37 GMT
date: Mon, 04 Dec 2023 16:08:37 GMT
content-length: 105137
access-control-allow-origin: https://support.savethechildren.org
timing-allow-origin: *
X-Firefox-Spdy: h2
consent.cookiebot.com/uc.js
23.72.139.51200 OK 34 kB URL GET HTTP/2 consent.cookiebot.com/uc.js
IP 23.72.139.51:443
ASN #20940 Akamai International B.V.
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectconsent.cookiebot.com
Fingerprint56:33:CA:77:EA:BC:73:51:03:77:3B:70:7C:00:AF:45:02:85:85:98
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65499)
Hash aac56c7f29e16e1e97e0130f5e2fa1ab
1b2c81da14aac3caf2ce108ed24a4f73a5255c55
e670474d3ff2eb57099f8590c87e2fef7478ba7971bc2d36c2b156ce3fd22c47
GET /uc.js HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 29 Nov 2023 14:10:00 GMT
accept-ranges: bytes
etag: "5c27a8bdcd22da1:0"
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 33834
cache-control: public, max-age=160
expires: Mon, 04 Dec 2023 16:11:17 GMT
date: Mon, 04 Dec 2023 16:08:37 GMT
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2
support.savethechildren.org/yui3/yui/yui-min.js
74.123.154.123200 OK 6.4 kB URL GET HTTP/1.1 support.savethechildren.org/yui3/yui/yui-min.js
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (6015)
Hash 827fb971c21ab8d4610d8f1fed4e2cd0
3757be2e7bb5b66418bb02d6c6a665cb4140df2a
db4bb1e314a04c52d8ad52c3a66ce793a012910e88d90295767ec52d75a4d72f
GET /yui3/yui/yui-min.js HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:37 GMT
Server: Apache
Last-Modified: Fri, 28 May 2010 16:44:29 GMT
ETag: "3baa-487aa3880d540"
Accept-Ranges: bytes
ntCoent-Length: 15274
Keep-Alive: timeout=15, max=486
Connection: Keep-Alive
Content-Type: application/x-javascript
Cache-Control: private
Content-Encoding: gzip
Content-Length: 6402
support.savethechildren.org/css/UserGlobalStyle.css
74.123.154.123200 OK 6.9 kB URL GET HTTP/1.1 support.savethechildren.org/css/UserGlobalStyle.css
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (22960)
Hash bcb5ce978d8b36d0a0a04e383bd70ef6
898d41b61d81df9a09c0d046636e2145e6316b31
86d95dcf819cd9f7ae82162e2c393d939f12fafaba93129517a5e8f42e62fba8
GET /css/UserGlobalStyle.css HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:37 GMT
Server: Apache
Last-Modified: Thu, 21 Mar 2019 17:07:00 GMT
ETag: "5dce-5849dc4339500"
Accept-Ranges: bytes
ntCoent-Length: 24014
Keep-Alive: timeout=15, max=485
Connection: Keep-Alive
Content-Type: text/css
Cache-Control: private
Content-Encoding: gzip
Content-Length: 6878
support.savethechildren.org/css/responsive/ResponsiveBase.css
74.123.154.123200 OK 3.3 kB URL GET HTTP/1.1 support.savethechildren.org/css/responsive/ResponsiveBase.css
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (7166)
Hash 463c3490216a5c1a3e2a1395dbfcd1df
fb936e3436c38372dad45bfcbd3bdf9de57ea9ff
e1273a5e5ca6d6af7d88f9b231577008ca093f7950b46b601e1a2a9d203ea759
GET /css/responsive/ResponsiveBase.css HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:37 GMT
Server: Apache
Last-Modified: Mon, 09 May 2016 22:09:59 GMT
ETag: "1e21-5327011c9e67e"
Accept-Ranges: bytes
ntCoent-Length: 7713
Keep-Alive: timeout=15, max=467
Connection: Keep-Alive
Content-Type: text/css
Cache-Control: private
Content-Encoding: gzip
Content-Length: 3270
support.savethechildren.org/js/convio/modules.js?version=2.9.2
74.123.154.123200 OK 2.8 kB URL GET HTTP/1.1 support.savethechildren.org/js/convio/modules.js?version=2.9.2
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (15310)
Hash 358c35f53c75b8913f88502390979d77
12d24faf35fa91a586b604fb1b8ee40616d30776
92b916180eb277a221edd8bd413a3bea62799023084ac968aacd211cad5ba320
GET /js/convio/modules.js?version=2.9.2 HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:37 GMT
Server: Apache
Last-Modified: Wed, 22 Mar 2023 05:22:26 GMT
ETag: "3c1e-5f776587e9f0c"
Accept-Ranges: bytes
ntCoent-Length: 15390
Keep-Alive: timeout=15, max=459
Connection: Keep-Alive
Content-Type: application/x-javascript
Cache-Control: private
Content-Encoding: gzip
Content-Length: 2752
support.savethechildren.org/js/utils.js
74.123.154.123200 OK 9.9 kB URL GET HTTP/1.1 support.savethechildren.org/js/utils.js
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (742)
Hash 05b2f6831d97fa7e86a4e71abe8c8d6b
9ffc2129895c2a12ed78dc896859e7bfeb34c77f
56fb1bf075613aa1e61d6cf81fe7ae08d45fe7a16689d118bfa06e17600ac4cc
GET /js/utils.js HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:37 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2016 07:01:46 GMT
ETag: "7f46-540ecf2687f1e"
Accept-Ranges: bytes
ntCoent-Length: 32582
Keep-Alive: timeout=15, max=477
Connection: Keep-Alive
Content-Type: application/x-javascript
Cache-Control: private
Content-Encoding: gzip
Content-Length: 9855
support.savethechildren.org/js/obs_comp_rollup.js
74.123.154.123200 OK 2.5 kB URL GET HTTP/1.1 support.savethechildren.org/js/obs_comp_rollup.js
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (468)
Hash 6999763dea2af949aadaeb12fea4e370
a56b7cbc5626412c9f0ebea3a0a79184d3f115ad
957f312f39ed8ba93485141af5af501f1d2b7b372433d8ac77b0923a5c584204
GET /js/obs_comp_rollup.js HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:37 GMT
Server: Apache
Last-Modified: Tue, 07 Feb 2012 18:21:34 GMT
ETag: "2936-4b863d94fc780"
Accept-Ranges: bytes
ntCoent-Length: 10550
Keep-Alive: timeout=15, max=263
Connection: Keep-Alive
Content-Type: application/x-javascript
Cache-Control: private
Content-Encoding: gzip
Content-Length: 2548
support.savethechildren.org/css/themes/default.css
74.123.154.123200 OK 1.3 kB URL GET HTTP/1.1 support.savethechildren.org/css/themes/default.css
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Hash 805dac7487321f680d17362b0ccbe516
5f54c9f2832baca1c23f73e1be190c2b7a116218
135ae3e7f5e9b6c501a48f208ab55f701c066f5543fc4d7d64ef766cc722fae9
GET /css/themes/default.css HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:37 GMT
Server: Apache
Last-Modified: Wed, 24 Jul 2013 19:12:15 GMT
ETag: "11df-4e246affca1c0"
Accept-Ranges: bytes
ntCoent-Length: 4575
Keep-Alive: timeout=15, max=488
Connection: Keep-Alive
Content-Type: text/css
Cache-Control: private
Content-Encoding: gzip
Content-Length: 1256
support.savethechildren.org/css/themes/alphacube.css
74.123.154.123200 OK 748 B URL GET HTTP/1.1 support.savethechildren.org/css/themes/alphacube.css
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Hash 6dc6988f8ccdefd1ae8615d06653c159
1b71ce27423b8324fe6c966842c816e71cf1130f
dddb90184d87f59b1a025fa9b460ef0b25fbaa3ea192a83d31535dbb20ec10ad
GET /css/themes/alphacube.css HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:37 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2009 21:55:41 GMT
ETag: "a58-479c5ef879140"
Accept-Ranges: bytes
Cteonnt-Length: 2648
Keep-Alive: timeout=15, max=482
Connection: Keep-Alive
Content-Type: text/css
Cache-Control: private
Content-Encoding: gzip
Content-Length: 748
support.savethechildren.org/css/responsive/DonFormResponsive.css
74.123.154.123200 OK 1.5 kB URL GET HTTP/1.1 support.savethechildren.org/css/responsive/DonFormResponsive.css
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (4749)
Hash 9df573ab59ad630fc37745e5f2c6b69d
807cbcd95f8a954b3bb12e694a08924c9f3563fe
7fad060874c6d715e53ae10e92ebca22aebe769bc8efcf8454c9f9802be8de78
GET /css/responsive/DonFormResponsive.css HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:38 GMT
Server: Apache
Last-Modified: Mon, 09 May 2016 22:10:00 GMT
ETag: "13f6-5327011d94446"
Accept-Ranges: bytes
ntCoent-Length: 5110
Keep-Alive: timeout=15, max=495
Connection: Keep-Alive
Content-Type: text/css
Cache-Control: private
Content-Encoding: gzip
Content-Length: 1519
support.savethechildren.org/css/FormComponentsBehavior.css
74.123.154.123200 OK 1.6 kB URL GET HTTP/1.1 support.savethechildren.org/css/FormComponentsBehavior.css
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (4432)
Hash f312851baa4b99d2d4acaf13f8fff7ad
545afbeabb420a3690db8ba58d01c44096dc88f3
b2d71a40f6794578a24e2c5c049734e609b43044b97adf3d8701780c26c9f083
GET /css/FormComponentsBehavior.css HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:38 GMT
Server: Apache
Last-Modified: Mon, 30 Jan 2023 10:44:12 GMT
ETag: "12be-5f378e54df5cc"
Accept-Ranges: bytes
ntCoent-Length: 4798
Keep-Alive: timeout=15, max=465
Connection: Keep-Alive
Content-Type: text/css
Cache-Control: private
Content-Encoding: gzip
Content-Length: 1564
support.savethechildren.org/js/FormComponentsBehavior.js
74.123.154.123200 OK 4.2 kB URL GET HTTP/1.1 support.savethechildren.org/js/FormComponentsBehavior.js
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (634)
Hash 9a0106b1e4cf1ac361c0e0ec313371f4
7f60b11f8825a5de298c1e8905cc4e9305977f08
4edb816a596f9a4a768c41f9f21b5b2bcfb74f80f913a7f40b899c2d05ec1719
GET /js/FormComponentsBehavior.js HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:38 GMT
Server: Apache
Last-Modified: Wed, 24 Oct 2007 07:30:01 GMT
ETag: "38fd-43d3815db5040"
Accept-Ranges: bytes
ntCoent-Length: 14589
Keep-Alive: timeout=15, max=443
Connection: Keep-Alive
Content-Type: application/x-javascript
Cache-Control: private
Content-Encoding: gzip
Content-Length: 4166
support.savethechildren.org/js/don_level_elements.js
74.123.154.123200 OK 1.6 kB URL GET HTTP/1.1 support.savethechildren.org/js/don_level_elements.js
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (385)
Hash e0cf5923e9b0a2b7235ef4efb21d4d2e
0d1ace6c0a1fe1fcdaa0a1e5d9f94a042df00c2f
2344bf11d8936ea401e4024d5e8f2060095264d179d34ee2388c6832c603ea27
GET /js/don_level_elements.js HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:38 GMT
Server: Apache
Last-Modified: Tue, 14 Jul 2009 19:17:27 GMT
ETag: "1195-46eaf4a04bfc0"
Accept-Ranges: bytes
ntCoent-Length: 4501
Keep-Alive: timeout=15, max=438
Connection: Keep-Alive
Content-Type: application/x-javascript
Cache-Control: private
Content-Encoding: gzip
Content-Length: 1554
support.savethechildren.org/js/don_premium_elements.js
74.123.154.123200 OK 3.1 kB URL GET HTTP/1.1 support.savethechildren.org/js/don_premium_elements.js
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (768)
Hash ef9690b6cb60214721433b87fd14028c
498addab00756967ff73e38eb926db6dd20389da
69bffd1a8ad326cbe635c1aa4501526b180044052ff34fe3c407763bc90e0930
GET /js/don_premium_elements.js HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:38 GMT
Server: Apache
Last-Modified: Wed, 16 Apr 2008 22:18:29 GMT
ETag: "2abd-44b04e57d7740"
Accept-Ranges: bytes
ntCoent-Length: 10941
Keep-Alive: timeout=15, max=442
Connection: Keep-Alive
Content-Type: application/x-javascript
Cache-Control: private
Content-Encoding: gzip
Content-Length: 3121
support.savethechildren.org/js/donations2.js
74.123.154.123200 OK 1.1 kB URL GET HTTP/1.1 support.savethechildren.org/js/donations2.js
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (1026)
Hash bc23a01b60321055d4c21fe1fc60632e
70c6df56a33db30a9f04296e9ab4442d249c3f9a
9cdd1eae85ce614b8b8ae27bd5d03dc82f0fe2e9ed1f39bd48975c9e9e52993b
GET /js/donations2.js HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:38 GMT
Server: Apache
Last-Modified: Tue, 07 Feb 2012 18:21:34 GMT
ETag: "163b-4b863d94fc780"
Accept-Ranges: bytes
ntCoent-Length: 5691
Keep-Alive: timeout=15, max=464
Connection: Keep-Alive
Content-Type: application/x-javascript
Cache-Control: private
Content-Encoding: gzip
Content-Length: 1118
doublethedonation.com/api/css/ddplugin.css
23.96.109.67200 OK 13 kB URL GET HTTP/2 doublethedonation.com/api/css/ddplugin.css
IP 23.96.109.67:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerLet's Encrypt
Subjectdoublethedonation.com
Fingerprint46:95:69:EA:93:24:64:81:FD:96:17:CF:6B:8C:37:99:80:F1:63:04
ValidityMon, 30 Oct 2023 19:00:32 GMT - Sun, 28 Jan 2024 19:00:31 GMT
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65517), with no line terminators
Hash 6518bac2b7aa6fc972aec21d610027fd
7a960327793956f21310b2f9b332f4e83f23801f
c10d13a29fca8e48333f10be721d9f9840926fa4ece25e0cbb89ac8556a88eef
GET /api/css/ddplugin.css HTTP/1.1
Host: doublethedonation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 16:08:37 GMT
content-type: text/css; charset=utf-8
content-length: 13197
last-modified: Thu, 30 Nov 2023 17:56:26 GMT
vary: Accept-Encoding
etag: "6568ccca-338d"
content-encoding: br
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
cache-control: public, max-age=3600;
X-Firefox-Spdy: h2
doublethedonation.com/api/js/ddplugin.js
23.96.109.67200 OK 99 kB URL GET HTTP/2 doublethedonation.com/api/js/ddplugin.js
IP 23.96.109.67:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerLet's Encrypt
Subjectdoublethedonation.com
Fingerprint46:95:69:EA:93:24:64:81:FD:96:17:CF:6B:8C:37:99:80:F1:63:04
ValidityMon, 30 Oct 2023 19:00:32 GMT - Sun, 28 Jan 2024 19:00:31 GMT
File type ASCII text, with very long lines (1253)
Hash 8fce4794eaac5a350cdb8f45d1736237
fef83869c5fc4acc7f878a709469b4341159b45e
78ef91351242065c5e49b2833c002edb964c4f27724ab80490bf9ba0c657ef57
GET /api/js/ddplugin.js HTTP/1.1
Host: doublethedonation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 16:08:37 GMT
content-type: text/javascript; charset=utf-8
content-length: 98664
last-modified: Thu, 30 Nov 2023 17:56:24 GMT
vary: Accept-Encoding
etag: "6568ccc8-18168"
content-encoding: br
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
cache-control: public, max-age=3600;
X-Firefox-Spdy: h2
support.savethechildren.org/css/CustomStyle.css
74.123.154.123200 OK 0 B URL GET HTTP/1.1 support.savethechildren.org/css/CustomStyle.css
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /css/CustomStyle.css HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:38 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2016 19:14:33 GMT
ETag: "0-52db69fe8c594"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=15, max=492
Connection: Keep-Alive
Content-Type: text/css
support.savethechildren.org/css/CustomWysiwygStyle.css
74.123.154.123200 OK 0 B URL GET HTTP/1.1 support.savethechildren.org/css/CustomWysiwygStyle.css
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /css/CustomWysiwygStyle.css HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:38 GMT
Server: Apache
Last-Modified: Thu, 10 Mar 2016 19:14:33 GMT
ETag: "0-52db69fe3c365"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=15, max=461
Connection: Keep-Alive
Content-Type: text/css
doublethedonation.com/api/fontello/css/fontello.css
23.96.109.67200 OK 14 kB URL GET HTTP/2 doublethedonation.com/api/fontello/css/fontello.css
IP 23.96.109.67:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerLet's Encrypt
Subjectdoublethedonation.com
Fingerprint46:95:69:EA:93:24:64:81:FD:96:17:CF:6B:8C:37:99:80:F1:63:04
ValidityMon, 30 Oct 2023 19:00:32 GMT - Sun, 28 Jan 2024 19:00:31 GMT
Hash dc46e7f60f25a176d0e74e1242e33d4e
4f9fd509d1e53453b4976f87652f468d7b153515
80c9827e15777b93d54c692ec57e8d59cf6080df4a4c76a014a60aa0812bbbc0
GET /api/fontello/css/fontello.css HTTP/1.1
Host: doublethedonation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doublethedonation.com/api/css/ddplugin.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 16:08:38 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 30 Nov 2023 17:54:56 GMT
vary: Accept-Encoding
etag: W/"6568cc70-18f3"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
cache-control: public, max-age=3600;
content-encoding: br
X-Firefox-Spdy: h2
dx2eq2oh924g4.cloudfront.net/js/stc-site-alerts.js
54.230.241.208200 OK 5.0 kB URL GET HTTP/2 dx2eq2oh924g4.cloudfront.net/js/stc-site-alerts.js
IP 54.230.241.208:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (9525)
Hash 6d89f2afea5f1ed9a144cdd5c4ead0a6
797daa55a63eef877e6324121ec1b42c9daa993f
8af2260f1a79aab404e66c303365b923f0d7f1cfcc4aa045e5e501bfa437e255
GET /js/stc-site-alerts.js HTTP/1.1
Host: dx2eq2oh924g4.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 30 Nov 2023 23:16:11 GMT
last-modified: Thu, 30 Nov 2023 22:55:02 GMT
etag: W/"7ebaeacc5b77468d87e291d5168da8a5"
x-amz-server-side-encryption: AES256
cache-control: max-age=604801
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: T4ilU5KMcf0Nr6yONvawG8WmEXky9zrVbwPHGUAOCSHEDCQbE358zA==
age: 319947
X-Firefox-Spdy: h2
support.savethechildren.org/images/visa_small.gif
74.123.154.123200 OK 1.5 kB URL GET HTTP/1.1 support.savethechildren.org/images/visa_small.gif
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type GIF image data, version 89a, 39 x 27\012- data
Hash 84675959a7ea81917b4971dff0c97136
ef5ad7ca974bbdd7104b599757e2790ddaf3c895
db303c3d5b39371bb91fbc688df6e18f93a067713146f617ef27157b7ee38f74
GET /images/visa_small.gif HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:38 GMT
Server: Apache
Last-Modified: Mon, 22 Aug 2016 16:24:57 GMT
ETag: "5f7-53aab7d324d98"
Accept-Ranges: bytes
Content-Length: 1527
Keep-Alive: timeout=15, max=489
Connection: Keep-Alive
Content-Type: image/gif
support.savethechildren.org/images/discovercard_sm.gif
74.123.154.123200 OK 1.5 kB URL GET HTTP/1.1 support.savethechildren.org/images/discovercard_sm.gif
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type GIF image data, version 89a, 39 x 27\012- data
Hash 4c56e5a5e5fb3c2538c35ba3e7d25f36
95283d2209e589f7bdf10a301774f3578b3f332e
fbfc0cc592809f83bfde605255dafd78f525d1cee0f807973122895fe49e1c06
GET /images/discovercard_sm.gif HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:38 GMT
Server: Apache
Last-Modified: Mon, 22 Aug 2016 16:24:58 GMT
ETag: "607-53aab7d37bc48"
Accept-Ranges: bytes
Content-Length: 1543
Keep-Alive: timeout=15, max=438
Connection: Keep-Alive
Content-Type: image/gif
support.savethechildren.org/images/card_amex_cvv.png
74.123.154.123200 OK 3.6 kB URL GET HTTP/1.1 support.savethechildren.org/images/card_amex_cvv.png
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type PNG image data, 208 x 98, 8-bit colormap, non-interlaced\012- data
Hash 643e3b4a8b0af1acab51ce7c94b96a90
7da16675128835836579242036e055967ce87742
9f1452b78e9dda47be12aca96738dea2114ade0fd9fe474ee3af364c0fcf766e
GET /images/card_amex_cvv.png HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:38 GMT
Server: Apache
Last-Modified: Fri, 23 Sep 2016 17:56:22 GMT
ETag: "dec-53d307f081aa0"
Accept-Ranges: bytes
Content-Length: 3564
Keep-Alive: timeout=15, max=301
Connection: Keep-Alive
Content-Type: image/png
support.savethechildren.org/images/amex_small.gif
74.123.154.123200 OK 1.6 kB URL GET HTTP/1.1 support.savethechildren.org/images/amex_small.gif
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type GIF image data, version 89a, 39 x 27\012- data
Hash 8a48a2eb8b200c9b095cf3922585874a
0eae8d1cdb86b4cd2932408f6507bdd6e45b85ae
9449ccf781bff1869fad09bc28ea4214e40fa767895eebc6fb37cf66cb4d27bd
GET /images/amex_small.gif HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:38 GMT
Server: Apache
Last-Modified: Mon, 22 Aug 2016 16:24:57 GMT
ETag: "631-53aab7d2b75f9"
Accept-Ranges: bytes
Content-Length: 1585
Keep-Alive: timeout=15, max=479
Connection: Keep-Alive
Content-Type: image/gif
support.savethechildren.org/images/payment/paypal-logo.png
74.123.154.123200 OK 2.2 kB URL GET HTTP/1.1 support.savethechildren.org/images/payment/paypal-logo.png
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type PNG image data, 41 x 27, 8-bit/color RGBA, non-interlaced\012- data
Hash d9ef0c60dc2c45c8c30e704a8c6c5893
28d98fabaf110e27a474e3815f52a9e7771fe5af
0f2dd730bc56ea9d8d0ee9c7ec142ec0e5ccb384da3fb24f94414aa7ccd9b48b
GET /images/payment/paypal-logo.png HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:38 GMT
Server: Apache
Last-Modified: Wed, 17 Aug 2016 21:28:55 GMT
ETag: "8a7-53a4b27108d50"
Accept-Ranges: bytes
Content-Length: 2215
Keep-Alive: timeout=15, max=456
Connection: Keep-Alive
Content-Type: image/png
support.savethechildren.org/images/card_visa_cvv.png
74.123.154.123200 OK 3.0 kB URL GET HTTP/1.1 support.savethechildren.org/images/card_visa_cvv.png
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type PNG image data, 208 x 98, 8-bit colormap, non-interlaced\012- data
Hash a7b352699252abfad031de7ae1638be0
6904c6c086c757547156eb40d08193e40328f6ca
a0e2f66644877655cd362b939852cb71181baecf71fd3dc2a1df419030809a3c
GET /images/card_visa_cvv.png HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:38 GMT
Server: Apache
Last-Modified: Fri, 23 Sep 2016 17:56:23 GMT
ETag: "bc1-53d307f185651"
Accept-Ranges: bytes
Content-Length: 3009
Keep-Alive: timeout=15, max=499
Connection: Keep-Alive
Content-Type: image/png
dx2eq2oh924g4.cloudfront.net/js/stc-analytics-data-layer.js?t=2022-12-14
54.230.241.208200 OK 11 kB URL GET HTTP/2 dx2eq2oh924g4.cloudfront.net/js/stc-analytics-data-layer.js?t=2022-12-14
IP 54.230.241.208:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 6d6cfe71ef5907ca60e89396e615741e
2d95feddbd2c8f637b16cfa505fed04454dd2d34
6321a42f7e7bb40bd927a9cf6be7b042bb371f247716d6a9d6446788a7fd8884
GET /js/stc-analytics-data-layer.js?t=2022-12-14 HTTP/1.1
Host: dx2eq2oh924g4.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 30 Nov 2023 23:06:17 GMT
last-modified: Thu, 02 Mar 2023 16:37:32 GMT
etag: W/"1798d833bb8cca7fe4df6452ea8645dc"
x-amz-server-side-encryption: AES256
cache-control: max-age=604801
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: axyc1fEWBoYXu0ebsydslcnwDlr56h4aigjn8A7YRnh0XXEAGGkAHA==
age: 320541
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v40/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYjMdZwl.woff2
216.58.207.227200 OK 18 kB URL GET HTTP/2 fonts.gstatic.com/s/oswald/v40/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYjMdZwl.woff2
IP 216.58.207.227:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 17720, version 1.0\012- data
Hash f25428be2078a780f584e977765cb2fa
63b08035a39f17610a04de671c1d56e33bddf627
29ebdbb570753623b8ed9a6d19f4c79fb42b2481c21cb4141eb055b7d177e79a
GET /s/oswald/v40/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYjMdZwl.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://support.savethechildren.org
DNT: 1
Connection: keep-alive
Referer: https://dx2eq2oh924g4.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17720
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 19:08:00 GMT
expires: Thu, 28 Nov 2024 19:08:00 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 10 Aug 2021 00:17:45 GMT
content-type: font/woff2
age: 421238
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
support.savethechildren.org/images/mastercd_small.gif
74.123.154.123200 OK 1.6 kB URL GET HTTP/1.1 support.savethechildren.org/images/mastercd_small.gif
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type GIF image data, version 89a, 39 x 27\012- data
Hash 0dbd7e7c14396f765d946e89bc95969b
f2875c5976e94f2344aa059fb906d11a8b9098f0
a18e784fb3201a4ce31830f8ca4918b2de835115e7ca09f676dc93b761acb0a3
GET /images/mastercd_small.gif HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:38 GMT
Server: Apache
Last-Modified: Mon, 22 Aug 2016 16:24:58 GMT
ETag: "624-53aab7d3fc790"
Accept-Ranges: bytes
Content-Length: 1572
Keep-Alive: timeout=15, max=499
Connection: Keep-Alive
Content-Type: image/gif
www.googletagmanager.com/gtm.js?id=GTM-MFG5K96
216.58.207.200200 OK 98 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-MFG5K96
IP 216.58.207.200:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (22840)
Hash f304aea57bcc9169da68159c2b76e24f
60e0eebb1be7c73a6bbdb30792bfe4c47d629388
0c519ffeb5c9db78297c78d09b30c81b1ee04293bfb72b64ca1e90ed877d7aac
GET /gtm.js?id=GTM-MFG5K96 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 04 Dec 2023 16:08:38 GMT
expires: Mon, 04 Dec 2023 16:08:38 GMT
cache-control: private, max-age=900
last-modified: Mon, 04 Dec 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 98147
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
support.savethechildren.org/images/content/pagebuilder/Giving_Tuesday-logo_DonationForm.png
74.123.154.123200 OK 20 kB URL GET HTTP/1.1 support.savethechildren.org/images/content/pagebuilder/Giving_Tuesday-logo_DonationForm.png
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type PNG image data, 1139 x 130, 8-bit/color RGBA, non-interlaced\012- data
Hash 3abed3a714e580ab84d3eee5a2791697
2fe1cf19a8f061f161909b3cb0a702c0cbcfd338
fb433c5ee07f349e684fc1eefad88704f0bb8daa1522675ac35569db3f072091
GET /images/content/pagebuilder/Giving_Tuesday-logo_DonationForm.png HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:38 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 22:51:57 GMT
ETag: "4ff7-5ed8a3406e3a1"
Accept-Ranges: bytes
Content-Length: 20471
Keep-Alive: timeout=15, max=465
Connection: Keep-Alive
Content-Type: image/png
dx2eq2oh924g4.cloudfront.net/js/stc-vendor.js?v=4.67.0
54.230.241.208200 OK 225 kB URL GET HTTP/2 dx2eq2oh924g4.cloudfront.net/js/stc-vendor.js?v=4.67.0
IP 54.230.241.208:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Size 225 kB (225073 bytes)
Hash cce9cf9759fd2b6900793ba7d06cd7bf
dfe5e2860d72861c06d2d24eb0881f6c39360b55
e3ad97c2ae9b20b46ec184e13f48c794bafabdaf4857a59eeb0ee9f4628d9340
GET /js/stc-vendor.js?v=4.67.0 HTTP/1.1
Host: dx2eq2oh924g4.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 30 Nov 2023 23:06:17 GMT
last-modified: Thu, 30 Nov 2023 22:55:02 GMT
etag: W/"f438c044984a79104d7e3888c30b8dfa"
x-amz-server-side-encryption: AES256
cache-control: max-age=604801
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ORVwX9dxZkp5W23FaW2bPPhnFwfQrgrK5lWsn_XfeB11Qol_3ClzkA==
age: 320541
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
216.58.207.227200 OK 14 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
IP 216.58.207.227:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 14176, version 1.0\012- data
Hash c8dcbaf22349dba5061d93607ca9b37c
548040e31d6eef3d621157a3b3ae5b0be5618460
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
GET /s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://support.savethechildren.org
DNT: 1
Connection: keep-alive
Referer: https://dx2eq2oh924g4.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14176
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 02:02:47 GMT
expires: Fri, 29 Nov 2024 02:02:47 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 10 Aug 2021 00:18:59 GMT
content-type: font/woff2
age: 396351
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
consentcdn.cookiebot.com/sdk/bc-v4.min.html
104.110.3.72200 OK 392 B URL GET HTTP/2 consentcdn.cookiebot.com/sdk/bc-v4.min.html
IP 104.110.3.72:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subject*.cookiebot.com
Fingerprint88:F1:D8:EB:8E:DD:6F:53:9A:31:C3:FE:59:0E:68:FE:24:2F:84:EB
ValidityMon, 17 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (627), with no line terminators
Hash 3d08665fa4c7bcf9fa2dcbbc7efe1d0f
ba57ecee011a4b99d4bb56707325c8e4d0fb8a2b
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
GET /sdk/bc-v4.min.html HTTP/1.1
Host: consentcdn.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
x-akamai-transformed: 9 - 0 pmb=mRUM,1
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=30266053
expires: Mon, 18 Nov 2024 23:22:51 GMT
date: Mon, 04 Dec 2023 16:08:38 GMT
content-length: 392
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701706118702_388255644_334761505_35_1550_2_8_21";dur=1
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v20/S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
216.58.207.227200 OK 15 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v20/S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2
IP 216.58.207.227:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 14864, version 1.0\012- data
Hash 39f3863d4eb52624b5938903040114b6
db000838c364730489cb4c4941b464df44a3e432
fe4bbdad1d6dff75cde79f8afc07f29502bd4708cb0ce5f552083c3d81ba8382
GET /s/lato/v20/S6u8w4BMUTPHjxsAXC-qNiXg7Q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://support.savethechildren.org
DNT: 1
Connection: keep-alive
Referer: https://dx2eq2oh924g4.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14864
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:40:47 GMT
expires: Fri, 29 Nov 2024 05:40:47 GMT
cache-control: public, max-age=31536000
age: 383271
last-modified: Tue, 10 Aug 2021 00:19:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RC2bd87301eb114379b56ad60b1e4c5bc9-source.min.js
23.38.200.237200 OK 378 B URL GET HTTP/2 assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RC2bd87301eb114379b56ad60b1e4c5bc9-source.min.js
IP 23.38.200.237:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectassets.adobedtm.com
Fingerprint8E:2F:9F:94:55:93:C2:B5:58:37:E8:D3:02:3C:23:AF:BA:E7:1D:EA
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (518)
Hash 03cafc578f81598b225dc44738016e8e
3bc951bd36205682b230b681720ea6cc83b8b884
1c179a7e658ef1d9b7ecb9625413a5d8df377bc898e5888484a96c7f529c7ca0
GET /a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RC2bd87301eb114379b56ad60b1e4c5bc9-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "252a0685667d75f706f7ad6305aaf74d:1699559965.281264"
last-modified: Thu, 09 Nov 2023 19:59:25 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 04 Dec 2023 17:08:38 GMT
date: Mon, 04 Dec 2023 16:08:38 GMT
content-length: 378
access-control-allow-origin: https://support.savethechildren.org
timing-allow-origin: *
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
142.250.74.35200 OK 191 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (563)
Size 191 kB (190682 bytes)
Hash 23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://support.savethechildren.org
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 03 Dec 2023 11:52:30 GMT
expires: Mon, 02 Dec 2024 11:52:30 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 101768
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
support.savethechildren.org/favicon.ico
74.123.154.123200 OK 4.2 kB URL GET HTTP/1.1 support.savethechildren.org/favicon.ico
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 925690ba9cbbcabab6b172c2ef30b000
2a6066e48e7be7543c3653fed3b195f21fe3169f
a929fc5d76c18aa575f003b48d582d211c5f3b62d3bcd2238d71a3ca5bf3a5d3
GET /favicon.ico HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b; AMCV_6B0E659F56A9E70D7F000101%40AdobeOrg=179643557%7CMCIDTS%7C19696%7CvVersion%7C5.5.0; mbox=session#82ab5f576e9343cf973cb9fd95620eb9#1701707985; at_check=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:38 GMT
Server: Apache
Last-Modified: Tue, 20 Oct 2020 16:01:27 GMT
ETag: "103e-5b21c57e5334b"
Accept-Ranges: bytes
Content-Length: 4158
Keep-Alive: timeout=15, max=447
Connection: Keep-Alive
Content-Type: image/ico
dx2eq2oh924g4.cloudfront.net/css/stc-styles.css?v=4.67.0
54.230.241.208200 OK 110 kB URL GET HTTP/2 dx2eq2oh924g4.cloudfront.net/css/stc-styles.css?v=4.67.0
IP 54.230.241.208:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Size 110 kB (110161 bytes)
Hash 29c93283669a1962974dc77b7145063a
fd391a53b5c74d45d1202857f1fe52f5e99668fc
bb31b159bfa261514d86b863c9acf55514bdaa5447260ac450ff32cad18700b9
GET /css/stc-styles.css?v=4.67.0 HTTP/1.1
Host: dx2eq2oh924g4.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
date: Thu, 30 Nov 2023 22:56:02 GMT
last-modified: Thu, 30 Nov 2023 22:54:59 GMT
etag: W/"01151a5c1df5ccb474340a3241ed54e5"
x-amz-server-side-encryption: AES256
cache-control: max-age=604801
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mwXVVVPDsUt_pgZtGs9OU06TC9-zt5edYyJXQPu6BcT8r6vrxEevZg==
age: 321156
X-Firefox-Spdy: h2
support.savethechildren.org/wrpr/images/icons/question-circle.svg
74.123.154.123200 OK 2.0 kB URL GET HTTP/1.1 support.savethechildren.org/wrpr/images/icons/question-circle.svg
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1131)
Hash 1e6250bb16fcd2baa8be48f842666dba
352d8c6bc11a24c7248c3fc1e7e95dd04a54e10a
bb365468028d285187c7eebd9d9f5f55d2f27b0f3512c21601decb7d47e9cf31
GET /wrpr/images/icons/question-circle.svg HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b; AMCV_6B0E659F56A9E70D7F000101%40AdobeOrg=179643557%7CMCIDTS%7C19696%7CvVersion%7C5.5.0; mbox=session#82ab5f576e9343cf973cb9fd95620eb9#1701707985; at_check=true; stc-analytics-source=Web|Mobile_SMS|SFMC|Annual_GT|GEN_B|11/28/2023; stc-session-count=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:38 GMT
Server: Apache
Last-Modified: Tue, 02 Nov 2021 02:27:04 GMT
ETag: "7f9-5cfc50777202f"
Accept-Ranges: bytes
Content-Length: 2041
Keep-Alive: timeout=15, max=389
Connection: Keep-Alive
Content-Type: image/svg+xml
cdn.evgnet.com/beacon/savethechildren/production/scripts/evergage.min.js
151.101.192.114200 OK 50 kB URL GET HTTP/2 cdn.evgnet.com/beacon/savethechildren/production/scripts/evergage.min.js
IP 151.101.192.114:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectcdn.evergage.com
FingerprintEE:3F:A8:CD:D0:BC:7A:41:2D:D6:AD:84:EE:B6:0A:8B:33:32:49:30
ValidityMon, 06 Mar 2023 00:00:00 GMT - Mon, 04 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (584)
Hash 233536f87d90fbcc292c7a403be7d478
564e2619a8785bd4a2583d87731d85592f9011a1
1acb85ca4dce9fc31b0efd3cad0a8364404cfea7d5f8925a83c435fa95ba8fc5
GET /beacon/savethechildren/production/scripts/evergage.min.js HTTP/1.1
Host: cdn.evgnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: Mbj1iASMycVQCE8y1ahoEIQBf3ye68Pxp/qdS0lsmzQ68kws7YXHojgUu/2t6mRoK6SbtTaHMLA=
x-amz-request-id: AN9Q387F94NMZXFF
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Oct 2023 20:17:49 GMT
etag: "1f322c3160985d328c7e6fa4906bb71a"
x-amz-server-side-encryption: AES256
cache-control: max-age=120
content-encoding: gzip
x-amz-meta-evergage-beacon-ver: 16
x-amz-meta-evergage-sum: 564e2619a8785bd4a2583d87731d85592f9011a1
x-amz-version-id: NoSdik6oiyZX_CpfkPH46x7fAdb443j6
content-type: application/javascript; charset=utf-8
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 04 Dec 2023 16:08:39 GMT
age: 54
x-served-by: cache-iad-kiad7000028-IAD, cache-bma1654-BMA
x-cache: HIT, HIT
x-cache-hits: 874858, 1
x-timer: S1701706119.143843,VS0,VE91
vary: Accept-Encoding
timing-allow-origin: *
content-length: 49985
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-3Q74QDHYNS&l=dataLayer&cx=c
216.58.207.200200 OK 87 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-3Q74QDHYNS&l=dataLayer&cx=c
IP 216.58.207.200:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (32772)
Hash a38b30cd33073ab0f6f95c774d88ad68
d57be7b4b3bc6bfce917e2bc11720f57b0e44517
8164f8a85a55f2b541722c0573d900b3ff6c0b262a442d3a58eb0e907c791686
GET /gtag/js?id=G-3Q74QDHYNS&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 04 Dec 2023 16:08:39 GMT
expires: Mon, 04 Dec 2023 16:08:39 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 86627
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
support.savethechildren.org/yui3/loader/loader-min.js
74.123.154.123200 OK 5.3 kB URL GET HTTP/1.1 support.savethechildren.org/yui3/loader/loader-min.js
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (6006)
Hash b6da46f2c9fe567add48929f08ffe094
522699fd313bba8372989b400ab2e31549f2d6cb
aa095c1b39b9a80b9847de7118da49affeeed83f3ef5d154759d0ee9471392a1
GET /yui3/loader/loader-min.js HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b; AMCV_6B0E659F56A9E70D7F000101%40AdobeOrg=179643557%7CMCIDTS%7C19696%7CvVersion%7C5.5.0; mbox=session#82ab5f576e9343cf973cb9fd95620eb9#1701707985; at_check=true; stc-analytics-source=Web|Mobile_SMS|SFMC|Annual_GT|GEN_B|11/28/2023; stc-session-count=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:39 GMT
Server: Apache
Last-Modified: Fri, 28 May 2010 16:44:29 GMT
ETag: "3c99-487aa3880d540"
Accept-Ranges: bytes
ntCoent-Length: 15513
Keep-Alive: timeout=15, max=486
Connection: Keep-Alive
Content-Type: application/x-javascript
Cache-Control: private
Content-Encoding: gzip
Content-Length: 5337
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
142.250.74.35200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcVyLgZAAAAAIaCdeocZ0n27ZV5AVFs-ptKOles&co=aHR0cHM6Ly9zdXBwb3J0LnNhdmV0aGVjaGlsZHJlbi5vcmc6NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=1pvynaruiyh7
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (56398), with no line terminators
Hash eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 03 Dec 2023 19:06:15 GMT
expires: Mon, 02 Dec 2024 19:06:15 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/css
vary: Accept-Encoding
age: 75744
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
142.250.74.35200 OK 191 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (563)
Size 191 kB (190682 bytes)
Hash 23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 03 Dec 2023 11:52:30 GMT
expires: Mon, 02 Dec 2024 11:52:30 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 101769
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcVyLgZAAAAAIaCdeocZ0n27ZV5AVFs-ptKOles&co=aHR0cHM6Ly9zdXBwb3J0LnNhdmV0aGVjaGlsZHJlbi5vcmc6NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=1pvynaruiyh7
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 10:04:07 GMT
expires: Fri, 29 Nov 2024 10:04:07 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 367472
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcVyLgZAAAAAIaCdeocZ0n27ZV5AVFs-ptKOles&co=aHR0cHM6Ly9zdXBwb3J0LnNhdmV0aGVjaGlsZHJlbi5vcmc6NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=1pvynaruiyh7
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 11:28:20 GMT
expires: Fri, 29 Nov 2024 11:28:20 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 362419
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/logo_48.png
142.250.74.35200 OK 2.2 kB URL GET HTTP/3 www.gstatic.com/recaptcha/api2/logo_48.png
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcVyLgZAAAAAIaCdeocZ0n27ZV5AVFs-ptKOles&co=aHR0cHM6Ly9zdXBwb3J0LnNhdmV0aGVjaGlsZHJlbi5vcmc6NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=1pvynaruiyh7
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:37:43 GMT
expires: Wed, 06 Dec 2023 21:37:43 GMT
cache-control: public, max-age=604800
age: 412256
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
dx2eq2oh924g4.cloudfront.net/images/content/pagebuilder/DonationForm_FW_right_Kenya-drought-malnutrition_CH16971.jpg
54.230.241.208200 OK 180 kB URL GET HTTP/2 dx2eq2oh924g4.cloudfront.net/images/content/pagebuilder/DonationForm_FW_right_Kenya-drought-malnutrition_CH16971.jpg
IP 54.230.241.208:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type JPEG image data, progressive, precision 8, 1024x683, components 3\012- data
Size 180 kB (179779 bytes)
Hash 55a81848e2b771ec01d60d1dae1799e1
50ebf1ca2cf9cfd21ba1f5fef6250bc3a2879feb
84dac597b870a5305529e1fa0b73038bf5c52440cae58888d177b9d5d4454e4c
GET /images/content/pagebuilder/DonationForm_FW_right_Kenya-drought-malnutrition_CH16971.jpg HTTP/1.1
Host: dx2eq2oh924g4.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 179779
date: Mon, 04 Dec 2023 16:08:39 GMT
server: Apache
last-modified: Fri, 17 Nov 2023 17:59:52 GMT
etag: "2be43-60a5ce739eb9f"
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-methods: GET
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VfKP6mJeMoyWxvYRZijOsAuKCYWrL4uZjuuNm5IzsgtAudACl5zhSg==
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
142.250.74.35200 OK 191 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (563)
Size 191 kB (190682 bytes)
Hash 23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 03 Dec 2023 11:52:30 GMT
expires: Mon, 02 Dec 2024 11:52:30 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 101769
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
support.savethechildren.org/js/convio/logging.js
74.123.154.123200 OK 239 B URL GET HTTP/1.1 support.savethechildren.org/js/convio/logging.js
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (576)
Hash 8394b29cb00cccd2f2f4d1be8803aba5
f3f5179908abcb28114d2eedc2c6c000e52480c3
9949830afb880a5b2473a3638a93f29952c71695d3190e35af43e8b75c989607
GET /js/convio/logging.js HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b; AMCV_6B0E659F56A9E70D7F000101%40AdobeOrg=179643557%7CMCIDTS%7C19696%7CvVersion%7C5.5.0; mbox=session#82ab5f576e9343cf973cb9fd95620eb9#1701707985; at_check=true; stc-analytics-source=Web|Mobile_SMS|SFMC|Annual_GT|GEN_B|11/28/2023; stc-session-count=0; _sfid_58d2={%22anonymousId%22:%22c95ab858674022dd%22%2C%22consents%22:[]}; _evga_c797={%22uuid%22:%22c95ab858674022dd%22}; _ga_3Q74QDHYNS=GS1.1.1701706125.1.0.1701706125.60.0.0; _ga=GA1.1.955907868.1701706125; _omappvp=Q5msHWF5WaZFKd5RULApUVomXBwdpcFtxYYseRDD1NcCcirXeRzS2uEUgw1cEOlfA8TK9DM4Awqu31643cb28v3F3FivQNIr; _omappvs=1701706125276; stc-analytics-sub_source=|||||
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:40 GMT
Server: Apache
Last-Modified: Tue, 05 Feb 2013 18:22:03 GMT
ETag: "290-4d4fe4946c8c0"
Accept-Ranges: bytes
Cteonnt-Length: 656
Keep-Alive: timeout=15, max=444
Connection: Keep-Alive
Content-Type: application/x-javascript
Cache-Control: private
Content-Encoding: gzip
Content-Length: 239
region1.analytics.google.com/g/collect?v=2&tid=G-3Q74QDHYNS>m=45je3bt0v9122470923z878838918&_p=1701706124032&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=955907868.1701706125&ul=en-us&sr=1280x1024&ir=1&_eu=EA&_s=1&dl=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D10846%26mfc_pref%3DT%2610846.donation%3Dform1%26monthly%3Dfalse%26cid%3DMobile_SMS%3ASFMC%3AAnnual_GT%3AGEN_B%3A112823%26mn%3DBR-SMS-112823-Annual_GT-GEN_B%26mk%3D33265268&sid=1701706125&sct=1&seg=0&dt=5X%20MATCH%20A%20GIFT%20FOR%20CHILDREN%20THIS%20GIVING%20TUESDAY%20-%20Save%20the%20Children&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4457
216.239.34.36204 No Content 0 B URL POST HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-3Q74QDHYNS>m=45je3bt0v9122470923z878838918&_p=1701706124032&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=955907868.1701706125&ul=en-us&sr=1280x1024&ir=1&_eu=EA&_s=1&dl=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D10846%26mfc_pref%3DT%2610846.donation%3Dform1%26monthly%3Dfalse%26cid%3DMobile_SMS%3ASFMC%3AAnnual_GT%3AGEN_B%3A112823%26mn%3DBR-SMS-112823-Annual_GT-GEN_B%26mk%3D33265268&sid=1701706125&sct=1&seg=0&dt=5X%20MATCH%20A%20GIFT%20FOR%20CHILDREN%20THIS%20GIVING%20TUESDAY%20-%20Save%20the%20Children&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4457
IP 216.239.34.36:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-3Q74QDHYNS>m=45je3bt0v9122470923z878838918&_p=1701706124032&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=955907868.1701706125&ul=en-us&sr=1280x1024&ir=1&_eu=EA&_s=1&dl=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D10846%26mfc_pref%3DT%2610846.donation%3Dform1%26monthly%3Dfalse%26cid%3DMobile_SMS%3ASFMC%3AAnnual_GT%3AGEN_B%3A112823%26mn%3DBR-SMS-112823-Annual_GT-GEN_B%26mk%3D33265268&sid=1701706125&sct=1&seg=0&dt=5X%20MATCH%20A%20GIFT%20FOR%20CHILDREN%20THIS%20GIVING%20TUESDAY%20-%20Save%20the%20Children&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4457 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://support.savethechildren.org
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://support.savethechildren.org
date: Mon, 04 Dec 2023 16:08:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
support.savethechildren.org/jquery/jquery-detect-existing.js
74.123.154.123200 OK 323 B URL GET HTTP/1.1 support.savethechildren.org/jquery/jquery-detect-existing.js
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Hash a71caeb44da47f9f1240278c0e452d93
002b05c3dc0b8f3ff3eb7bf01a8a367eceab2d69
adae8181e3273af1702575e59e9c29b34eedf74943cdde9758a4ccf8e39c5641
GET /jquery/jquery-detect-existing.js HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b; AMCV_6B0E659F56A9E70D7F000101%40AdobeOrg=179643557%7CMCIDTS%7C19696%7CvVersion%7C5.5.0; mbox=session#82ab5f576e9343cf973cb9fd95620eb9#1701707985; at_check=true; stc-analytics-source=Web|Mobile_SMS|SFMC|Annual_GT|GEN_B|11/28/2023; stc-session-count=0; _sfid_58d2={%22anonymousId%22:%22c95ab858674022dd%22%2C%22consents%22:[]}; _evga_c797={%22uuid%22:%22c95ab858674022dd%22}; _ga_3Q74QDHYNS=GS1.1.1701706125.1.0.1701706125.60.0.0; _ga=GA1.1.955907868.1701706125; _omappvp=Q5msHWF5WaZFKd5RULApUVomXBwdpcFtxYYseRDD1NcCcirXeRzS2uEUgw1cEOlfA8TK9DM4Awqu31643cb28v3F3FivQNIr; _omappvs=1701706125276; stc-analytics-sub_source=|||||
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:40 GMT
Server: Apache
Last-Modified: Tue, 24 Jul 2012 19:53:23 GMT
ETag: "214-4c598b70372c0"
Accept-Ranges: bytes
Cteonnt-Length: 532
Keep-Alive: timeout=15, max=494
Connection: Keep-Alive
Content-Type: application/x-javascript
Cache-Control: private
Content-Encoding: gzip
Content-Length: 323
smetrics.savethechildren.org/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=6B0E659F56A9E70D7F000101%40AdobeOrg&mid=64852152757430465710921589234807450004&ts=1701706125847
104.18.4.221200 OK 48 B URL GET HTTP/2 smetrics.savethechildren.org/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=6B0E659F56A9E70D7F000101%40AdobeOrg&mid=64852152757430465710921589234807450004&ts=1701706125847
IP 104.18.4.221:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoogle Trust Services LLC
Subjectsmetrics.savethechildren.org
Fingerprint91:EF:B5:E6:FF:8D:EC:60:2E:DB:24:74:48:33:47:1D:6C:5D:51:E3
ValiditySat, 14 Oct 2023 21:22:25 GMT - Fri, 12 Jan 2024 22:21:21 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 32c1738052ffe0ef872523f3ffbf9d70
7b52e5cc170ed299025ad2a90072a99582ac925a
80d62f564275cb85409e36c562123184e0558f602767163b65f4870cbcfea155
GET /id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=6B0E659F56A9E70D7F000101%40AdobeOrg&mid=64852152757430465710921589234807450004&ts=1701706125847 HTTP/1.1
Host: smetrics.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://support.savethechildren.org
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Cookie: AMCV_6B0E659F56A9E70D7F000101%40AdobeOrg=179643557%7CMCIDTS%7C19696%7CMCMID%7C64852152757430465710921589234807450004%7CvVersion%7C5.5.0; mbox=session#82ab5f576e9343cf973cb9fd95620eb9#1701707985; at_check=true; stc-analytics-source=Web|Mobile_SMS|SFMC|Annual_GT|GEN_B|11/28/2023; stc-session-count=0; _sfid_58d2={%22anonymousId%22:%22c95ab858674022dd%22%2C%22consents%22:[]}; _evga_c797={%22uuid%22:%22c95ab858674022dd%22}; _ga_3Q74QDHYNS=GS1.1.1701706125.1.0.1701706125.60.0.0; _ga=GA1.1.955907868.1701706125; stc-analytics-sub_source=|||||
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 16:08:40 GMT
content-type: application/x-javascript;charset=utf-8
content-length: 48
access-control-allow-origin: https://support.savethechildren.org
access-control-allow-credentials: true
p3p: CP="This is not a P3P policy"
vary: Origin
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
set-cookie: s_ecid=MCMID%7C64852152757430465710921589234807450004; Path=/; Domain=savethechildren.org; Max-Age=63072000; Expires=Wed, 03 Dec 2025 16:08:08 GMT; SameSite=Lax;
__cf_bm=LihHBOCkn5fbOjpS_lUX60vxUjw9YRt4AesohU9uZfw-1701706120-0-ATZ6YzlcGp5UyTdKgXu0vZyyiC783VTK4i+8m+/B30eriMHaOUq9Re/0RFVhMCKexr60xGW/Rz3xVKmkHP5Zgyg=; path=/; expires=Mon, 04-Dec-23 16:38:40 GMT; domain=.savethechildren.org; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 83054f338eda568a-OSL
X-Firefox-Spdy: h2
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RC9cf82a7bcb94435a84654cf509932b30-source.min.js
23.38.200.237200 OK 1.1 kB URL GET HTTP/2 assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RC9cf82a7bcb94435a84654cf509932b30-source.min.js
IP 23.38.200.237:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectassets.adobedtm.com
Fingerprint8E:2F:9F:94:55:93:C2:B5:58:37:E8:D3:02:3C:23:AF:BA:E7:1D:EA
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (2504)
Hash cfb292d055e392ca071e96b2167e8323
46c02f83a84c00ded77e8a19f2e4ea25c4154a1c
a84b430ddaa0055b310a41a6db0035ff5661bdf55457a0e01f892407c01bc6db
GET /a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RC9cf82a7bcb94435a84654cf509932b30-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "252a0685667d75f706f7ad6305aaf74d:1699559965.281264"
last-modified: Thu, 09 Nov 2023 19:59:25 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 04 Dec 2023 17:08:40 GMT
date: Mon, 04 Dec 2023 16:08:40 GMT
content-length: 1081
access-control-allow-origin: https://support.savethechildren.org
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RC628a438f987b4b52a268147c54cb3c55-source.min.js
23.38.200.237200 OK 1.2 kB URL GET HTTP/2 assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RC628a438f987b4b52a268147c54cb3c55-source.min.js
IP 23.38.200.237:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectassets.adobedtm.com
Fingerprint8E:2F:9F:94:55:93:C2:B5:58:37:E8:D3:02:3C:23:AF:BA:E7:1D:EA
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (2720)
Hash 7562f0090e0db5ea02e875850039d50f
1a6db483bd386ffcaa9b4d5342b83e19248eb7eb
e702618f3641f5e75caae7a991fccf3769874a50a8884795efabd5de34e014f0
GET /a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RC628a438f987b4b52a268147c54cb3c55-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "252a0685667d75f706f7ad6305aaf74d:1699559965.281264"
last-modified: Thu, 09 Nov 2023 19:59:25 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 04 Dec 2023 17:08:40 GMT
date: Mon, 04 Dec 2023 16:08:40 GMT
content-length: 1195
access-control-allow-origin: https://support.savethechildren.org
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RC8a763fee6e174d30aaaa09f276fb9b84-source.min.js
23.38.200.237200 OK 837 B URL GET HTTP/2 assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RC8a763fee6e174d30aaaa09f276fb9b84-source.min.js
IP 23.38.200.237:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectassets.adobedtm.com
Fingerprint8E:2F:9F:94:55:93:C2:B5:58:37:E8:D3:02:3C:23:AF:BA:E7:1D:EA
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (1860)
Hash d5b8ae43ca7e1ee69a0ed6524dfa96b4
ea50419118b40c7877ea7a0676f17d8ef495c52d
2106d68708f0ed5fd0224f9b0905a262f7f3bb721d5e818470436208ae21fb6f
GET /a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RC8a763fee6e174d30aaaa09f276fb9b84-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "252a0685667d75f706f7ad6305aaf74d:1699559965.281264"
last-modified: Thu, 09 Nov 2023 19:59:25 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 04 Dec 2023 17:08:40 GMT
date: Mon, 04 Dec 2023 16:08:40 GMT
content-length: 837
access-control-allow-origin: https://support.savethechildren.org
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RCcec04a55f0b5424f941b1e0a7d2e9c97-source.min.js
23.38.200.237200 OK 710 B URL GET HTTP/2 assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RCcec04a55f0b5424f941b1e0a7d2e9c97-source.min.js
IP 23.38.200.237:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectassets.adobedtm.com
Fingerprint8E:2F:9F:94:55:93:C2:B5:58:37:E8:D3:02:3C:23:AF:BA:E7:1D:EA
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (1501)
Hash de8d47dcd8dd151f15c6b940475380f7
76a4ebb26f0a2d961f5d4dde646c552fcc3c0297
26aeced2c0c5c2494de7ecf6f34dced947c0f0a09ad7dbc95d3e7259d9e83f59
GET /a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RCcec04a55f0b5424f941b1e0a7d2e9c97-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "252a0685667d75f706f7ad6305aaf74d:1699559965.281264"
last-modified: Thu, 09 Nov 2023 19:59:25 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 04 Dec 2023 17:08:40 GMT
date: Mon, 04 Dec 2023 16:08:40 GMT
content-length: 710
access-control-allow-origin: https://support.savethechildren.org
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RCe1e1b434f35b4ae6b2e3062f395d32e0-source.min.js
23.38.200.237200 OK 1.0 kB URL GET HTTP/2 assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RCe1e1b434f35b4ae6b2e3062f395d32e0-source.min.js
IP 23.38.200.237:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectassets.adobedtm.com
Fingerprint8E:2F:9F:94:55:93:C2:B5:58:37:E8:D3:02:3C:23:AF:BA:E7:1D:EA
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (1950)
Hash fe70c8daa3726b3f59ff2f9d248c6106
c6c3b962b82c148328e62a64684b1b0053831342
9355e5567b9b1a7561cc029d870bff1d2bbb62b3be783cd771b8e3abb5a480a3
GET /a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RCe1e1b434f35b4ae6b2e3062f395d32e0-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "252a0685667d75f706f7ad6305aaf74d:1699559965.281264"
last-modified: Thu, 09 Nov 2023 19:59:25 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 04 Dec 2023 17:08:40 GMT
date: Mon, 04 Dec 2023 16:08:40 GMT
content-length: 1020
access-control-allow-origin: https://support.savethechildren.org
timing-allow-origin: *
X-Firefox-Spdy: h2
savethechildren.us-7.evergage.com/api2/event/production?event=eyJzb3VyY2UiOnsicGFnZVR5cGUiOiJEb25hdGlvbiBQYWdlIiwidXJsIjoiaHR0cHM6Ly9zdXBwb3J0LnNhdmV0aGVjaGlsZHJlbi5vcmcvc2l0ZS9Eb25hdGlvbjI%2FZGZfaWQ9MTA4NDYmbWZjX3ByZWY9VCYxMDg0Ni5kb25hdGlvbj1mb3JtMSZtb250aGx5PWZhbHNlJmNpZD1Nb2JpbGVfU01TOlNGTUM6QW5udWFsX0dUOkdFTl9COjExMjgyMyZtbj1CUi1TTVMtMTEyODIzLUFubnVhbF9HVC1HRU5fQiZtaz0zMzI2NTI2OCIsInVybFJlZmVycmVyIjoiIiwiY2hhbm5lbCI6IldlYiIsImJlYWNvblZlcnNpb24iOjE2LCJjb25maWdWZXJzaW9uIjoiMzYiLCJjb250ZW50Wm9uZXMiOlsiZ2xvYmFsX3BvcHVwIiwiZ2xvYmFsX2luZm9iYXIiLCJnbG9iYWxfc2xpZGVpbiJdfSwidXNlciI6eyJhbm9ueW1vdXNJZCI6ImM5NWFiODU4Njc0MDIyZGQifSwiaW50ZXJhY3Rpb24iOnsibmFtZSI6IlZpZXdlZCBEb25hdGlvbiBQYWdlIn0sInBhZ2VWaWV3Ijp0cnVlLCJjb25zZW50cyI6W10sImFjY291bnQiOnt9LCJwZXJmb3JtYW5jZSI6eyJkb21Mb2FkVGltZSI6Mzg4OSwic2RrUGFyc2VUaW1lIjoyLCJzZGtMb2FkVGltZSI6MTY1LCJzZGtEbnNUaW1lIjoxOH0sIl90b29sc0V2ZW50TGlua0lkIjoiNDEyNTMxNzk4MzQzMzY1NiIsImV4cGxhaW4iOnRydWV9
44.228.124.45200 OK 955 B URL GET HTTP/2 savethechildren.us-7.evergage.com/api2/event/production?event=eyJzb3VyY2UiOnsicGFnZVR5cGUiOiJEb25hdGlvbiBQYWdlIiwidXJsIjoiaHR0cHM6Ly9zdXBwb3J0LnNhdmV0aGVjaGlsZHJlbi5vcmcvc2l0ZS9Eb25hdGlvbjI%2FZGZfaWQ9MTA4NDYmbWZjX3ByZWY9VCYxMDg0Ni5kb25hdGlvbj1mb3JtMSZtb250aGx5PWZhbHNlJmNpZD1Nb2JpbGVfU01TOlNGTUM6QW5udWFsX0dUOkdFTl9COjExMjgyMyZtbj1CUi1TTVMtMTEyODIzLUFubnVhbF9HVC1HRU5fQiZtaz0zMzI2NTI2OCIsInVybFJlZmVycmVyIjoiIiwiY2hhbm5lbCI6IldlYiIsImJlYWNvblZlcnNpb24iOjE2LCJjb25maWdWZXJzaW9uIjoiMzYiLCJjb250ZW50Wm9uZXMiOlsiZ2xvYmFsX3BvcHVwIiwiZ2xvYmFsX2luZm9iYXIiLCJnbG9iYWxfc2xpZGVpbiJdfSwidXNlciI6eyJhbm9ueW1vdXNJZCI6ImM5NWFiODU4Njc0MDIyZGQifSwiaW50ZXJhY3Rpb24iOnsibmFtZSI6IlZpZXdlZCBEb25hdGlvbiBQYWdlIn0sInBhZ2VWaWV3Ijp0cnVlLCJjb25zZW50cyI6W10sImFjY291bnQiOnt9LCJwZXJmb3JtYW5jZSI6eyJkb21Mb2FkVGltZSI6Mzg4OSwic2RrUGFyc2VUaW1lIjoyLCJzZGtMb2FkVGltZSI6MTY1LCJzZGtEbnNUaW1lIjoxOH0sIl90b29sc0V2ZW50TGlua0lkIjoiNDEyNTMxNzk4MzQzMzY1NiIsImV4cGxhaW4iOnRydWV9
IP 44.228.124.45:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerAmazon
Subject*.us-7.evergage.com
FingerprintFC:5D:A7:A6:00:77:1C:8A:75:2A:C6:E2:60:C7:BD:46:61:26:07:C6
ValidityTue, 01 Aug 2023 00:00:00 GMT - Thu, 29 Aug 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2187)
Hash b6d3049a81716bc36d3d3d379fbf4846
989422deb37b172c26fd14d1ca7b858f8ace736b
9dabf2d56666988326c4a1586adafd3dc75df43dbd149ece8b60dcb0b7615957
GET /api2/event/production?event=eyJzb3VyY2UiOnsicGFnZVR5cGUiOiJEb25hdGlvbiBQYWdlIiwidXJsIjoiaHR0cHM6Ly9zdXBwb3J0LnNhdmV0aGVjaGlsZHJlbi5vcmcvc2l0ZS9Eb25hdGlvbjI%2FZGZfaWQ9MTA4NDYmbWZjX3ByZWY9VCYxMDg0Ni5kb25hdGlvbj1mb3JtMSZtb250aGx5PWZhbHNlJmNpZD1Nb2JpbGVfU01TOlNGTUM6QW5udWFsX0dUOkdFTl9COjExMjgyMyZtbj1CUi1TTVMtMTEyODIzLUFubnVhbF9HVC1HRU5fQiZtaz0zMzI2NTI2OCIsInVybFJlZmVycmVyIjoiIiwiY2hhbm5lbCI6IldlYiIsImJlYWNvblZlcnNpb24iOjE2LCJjb25maWdWZXJzaW9uIjoiMzYiLCJjb250ZW50Wm9uZXMiOlsiZ2xvYmFsX3BvcHVwIiwiZ2xvYmFsX2luZm9iYXIiLCJnbG9iYWxfc2xpZGVpbiJdfSwidXNlciI6eyJhbm9ueW1vdXNJZCI6ImM5NWFiODU4Njc0MDIyZGQifSwiaW50ZXJhY3Rpb24iOnsibmFtZSI6IlZpZXdlZCBEb25hdGlvbiBQYWdlIn0sInBhZ2VWaWV3Ijp0cnVlLCJjb25zZW50cyI6W10sImFjY291bnQiOnt9LCJwZXJmb3JtYW5jZSI6eyJkb21Mb2FkVGltZSI6Mzg4OSwic2RrUGFyc2VUaW1lIjoyLCJzZGtMb2FkVGltZSI6MTY1LCJzZGtEbnNUaW1lIjoxOH0sIl90b29sc0V2ZW50TGlua0lkIjoiNDEyNTMxNzk4MzQzMzY1NiIsImV4cGxhaW4iOnRydWV9 HTTP/1.1
Host: savethechildren.us-7.evergage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://support.savethechildren.org
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 16:08:40 GMT
content-type: application/json;charset=UTF-8
set-cookie: AWSALBTG=12NVlr49IA5RnyU/GVbEVJcjZTYcik1lE+mDWxYseaNRcKTiuzjOpu3mpRl413lIZ2vyiBZlfA+Or2yk6GmkVfy+jQQO6exEf+HqsmPxgfu4bGeSjT8wL+JF1ldqkPS9x11Mi+wZc14dSLOzWcfnqeFQzflxgDrcf4+DxuzeOBjU1UqCSgw=; Expires=Mon, 11 Dec 2023 16:08:40 GMT; Path=/
AWSALBTGCORS=12NVlr49IA5RnyU/GVbEVJcjZTYcik1lE+mDWxYseaNRcKTiuzjOpu3mpRl413lIZ2vyiBZlfA+Or2yk6GmkVfy+jQQO6exEf+HqsmPxgfu4bGeSjT8wL+JF1ldqkPS9x11Mi+wZc14dSLOzWcfnqeFQzflxgDrcf4+DxuzeOBjU1UqCSgw=; Expires=Mon, 11 Dec 2023 16:08:40 GMT; Path=/; SameSite=None; Secure
AWSALB=4EUzmrUKB7j4I0NqZvCofXQqnb0SR+aTszwwx4EIofdTSif4VPsnbViAB6Vnosv0ZZw58H0GJ0cmtekbdd8JDHsPDOwpYPSIB9nHELh9+c+07Do9pKghM3EVI2hH; Expires=Mon, 11 Dec 2023 16:08:40 GMT; Path=/
AWSALBCORS=4EUzmrUKB7j4I0NqZvCofXQqnb0SR+aTszwwx4EIofdTSif4VPsnbViAB6Vnosv0ZZw58H0GJ0cmtekbdd8JDHsPDOwpYPSIB9nHELh9+c+07Do9pKghM3EVI2hH; Expires=Mon, 11 Dec 2023 16:08:40 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: https://support.savethechildren.org
timing-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-content-type-options: nosniff
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RC3ae644eba48547f8b14b54e6417b9e7b-source.min.js
23.38.200.237200 OK 918 B URL GET HTTP/2 assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RC3ae644eba48547f8b14b54e6417b9e7b-source.min.js
IP 23.38.200.237:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectassets.adobedtm.com
Fingerprint8E:2F:9F:94:55:93:C2:B5:58:37:E8:D3:02:3C:23:AF:BA:E7:1D:EA
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (1603)
Hash 96e27a4426aab615267c10ff2e3093a0
e60e91fb7925c840d01eabb10c8de407e4c056ac
538f30a9103916352c29f6c7d8df08ef6168491c5e1ebaa19efab48655ac77ec
GET /a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RC3ae644eba48547f8b14b54e6417b9e7b-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "252a0685667d75f706f7ad6305aaf74d:1699559965.281264"
last-modified: Thu, 09 Nov 2023 19:59:25 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 04 Dec 2023 17:08:40 GMT
date: Mon, 04 Dec 2023 16:08:40 GMT
content-length: 918
access-control-allow-origin: https://support.savethechildren.org
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RC4b86a5f57ebd489bb42aa833d1001bc8-source.min.js
23.38.200.237200 OK 633 B URL GET HTTP/2 assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RC4b86a5f57ebd489bb42aa833d1001bc8-source.min.js
IP 23.38.200.237:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectassets.adobedtm.com
Fingerprint8E:2F:9F:94:55:93:C2:B5:58:37:E8:D3:02:3C:23:AF:BA:E7:1D:EA
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (1177)
Hash 5934745232fd9cfe579a85300f3e7f3d
3a4ad5b81f86892a11521f87e67d0f465170a995
66464c95036b7b2837c7387d621b0b0a76430416e6d1b191e932386b5e5c7ce9
GET /a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RC4b86a5f57ebd489bb42aa833d1001bc8-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "252a0685667d75f706f7ad6305aaf74d:1699559965.281264"
last-modified: Thu, 09 Nov 2023 19:59:25 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 04 Dec 2023 17:08:40 GMT
date: Mon, 04 Dec 2023 16:08:40 GMT
content-length: 633
access-control-allow-origin: https://support.savethechildren.org
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RCd5bea5cb86364265b586363d1ecd4cc9-source.min.js
23.38.200.237200 OK 602 B URL GET HTTP/2 assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RCd5bea5cb86364265b586363d1ecd4cc9-source.min.js
IP 23.38.200.237:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectassets.adobedtm.com
Fingerprint8E:2F:9F:94:55:93:C2:B5:58:37:E8:D3:02:3C:23:AF:BA:E7:1D:EA
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (1190)
Hash ff1a8d79cade5e597ef8c22ed0a000da
ea9da230045b9ad53ba4d2561e59676ebcf8963b
1b7d48f4bbf488d01253924405cab0b2429d2246780bd2dd1ed4e496bfcb3224
GET /a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RCd5bea5cb86364265b586363d1ecd4cc9-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "252a0685667d75f706f7ad6305aaf74d:1699559965.281264"
last-modified: Thu, 09 Nov 2023 19:59:25 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 04 Dec 2023 17:08:40 GMT
date: Mon, 04 Dec 2023 16:08:40 GMT
content-length: 602
access-control-allow-origin: https://support.savethechildren.org
timing-allow-origin: *
X-Firefox-Spdy: h2
a.opmnstr.com/app/js/4.1dae6b4d.min.js
194.242.11.186200 OK 15 kB URL GET HTTP/2 a.opmnstr.com/app/js/4.1dae6b4d.min.js
IP 194.242.11.186:443
ASN #34989 ServeTheWorld AS
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerLet's Encrypt
Subjecta.opmnstr.com
FingerprintD4:71:80:01:7A:24:C3:E9:2C:46:BB:21:1B:F7:59:08:82:48:D3:47
ValiditySat, 18 Nov 2023 14:16:22 GMT - Fri, 16 Feb 2024 14:16:21 GMT
File type ASCII text, with very long lines (49145)
Hash 9239ff05dd6d29af8616ccf570b52147
19e8fc478a481e3becd63b6a174c4e1c99c89d3a
8d7293476de0d15a9417a6f896f642845e90a174c74455e095f5f9a69768b51c
GET /app/js/4.1dae6b4d.min.js HTTP/1.1
Host: a.opmnstr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 16:08:40 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"654286ea-c029"
last-modified: Wed, 01 Nov 2023 17:12:10 GMT
cdn-storageserver: SE-318
cdn-requestpullsuccess: True
cdn-fileserver: 584
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 12/01/2023 17:47:11
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 8799a4dbd6adf473606de2412e44f19b
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RC9b9cd218371a443eac992e2f3091d149-source.min.js
23.38.200.237200 OK 1.4 kB URL GET HTTP/2 assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RC9b9cd218371a443eac992e2f3091d149-source.min.js
IP 23.38.200.237:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectassets.adobedtm.com
Fingerprint8E:2F:9F:94:55:93:C2:B5:58:37:E8:D3:02:3C:23:AF:BA:E7:1D:EA
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (2437)
Hash 89ea11f3fbc55e9ee0e9c35c14efaaba
8be56410e364197d242786b59957896a53d68acb
c9f57a23b2d2eb2bb809010bc1a3cd766f7c91a1f6135d52d5eab7677421deef
GET /a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RC9b9cd218371a443eac992e2f3091d149-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "252a0685667d75f706f7ad6305aaf74d:1699559965.281264"
last-modified: Thu, 09 Nov 2023 19:59:25 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 04 Dec 2023 17:08:40 GMT
date: Mon, 04 Dec 2023 16:08:40 GMT
content-length: 1376
access-control-allow-origin: https://support.savethechildren.org
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RC645c252e8442484da121878a5b8b0391-source.min.js
23.38.200.237200 OK 481 B URL GET HTTP/2 assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RC645c252e8442484da121878a5b8b0391-source.min.js
IP 23.38.200.237:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectassets.adobedtm.com
Fingerprint8E:2F:9F:94:55:93:C2:B5:58:37:E8:D3:02:3C:23:AF:BA:E7:1D:EA
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (766)
Hash a5c6c1776d98aac864fcda0979938779
340a6bd7c5dca66370a0d1a8926e178491f82466
22eb9e0e57333b094c9f48a7c63bbf13b704b8d406240eca0579d269cd1a5042
GET /a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RC645c252e8442484da121878a5b8b0391-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "252a0685667d75f706f7ad6305aaf74d:1699559965.281264"
last-modified: Thu, 09 Nov 2023 19:59:25 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 04 Dec 2023 17:08:40 GMT
date: Mon, 04 Dec 2023 16:08:40 GMT
content-length: 481
access-control-allow-origin: https://support.savethechildren.org
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RCa60d1ea7407b4de5a2a3ab3b5233ede3-source.min.js
23.38.200.237200 OK 1.1 kB URL GET HTTP/2 assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RCa60d1ea7407b4de5a2a3ab3b5233ede3-source.min.js
IP 23.38.200.237:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectassets.adobedtm.com
Fingerprint8E:2F:9F:94:55:93:C2:B5:58:37:E8:D3:02:3C:23:AF:BA:E7:1D:EA
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (2296)
Hash 5819ad66234648d15d0428ba84072050
de68836c800c6f6cc032fa73e846d398981e2bb6
49266e0333b5dc45aca0b55030384e73e2ce24b047e220099a073753fac5e323
GET /a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RCa60d1ea7407b4de5a2a3ab3b5233ede3-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "252a0685667d75f706f7ad6305aaf74d:1699559965.281264"
last-modified: Thu, 09 Nov 2023 19:59:25 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 04 Dec 2023 17:08:40 GMT
date: Mon, 04 Dec 2023 16:08:40 GMT
content-length: 1056
access-control-allow-origin: https://support.savethechildren.org
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RC4e90bdfdfd164b63ba5f4eacb15f168e-source.min.js
23.38.200.237200 OK 515 B URL GET HTTP/2 assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RC4e90bdfdfd164b63ba5f4eacb15f168e-source.min.js
IP 23.38.200.237:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectassets.adobedtm.com
Fingerprint8E:2F:9F:94:55:93:C2:B5:58:37:E8:D3:02:3C:23:AF:BA:E7:1D:EA
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (800)
Hash 94bdd62cc1ea11a0d0c028f989617e67
da1b0cb5c3106c7b8dc5cf61cab3499ed20f81fc
ed54050b0aa3251c96794dad38098c1db7871ae34c5043c375148771936b55ff
GET /a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RC4e90bdfdfd164b63ba5f4eacb15f168e-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "252a0685667d75f706f7ad6305aaf74d:1699559965.281264"
last-modified: Thu, 09 Nov 2023 19:59:25 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 04 Dec 2023 17:08:40 GMT
date: Mon, 04 Dec 2023 16:08:40 GMT
content-length: 515
access-control-allow-origin: https://support.savethechildren.org
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RCd283f12b004f41f58788fb8429c5c7e1-source.min.js
23.38.200.237200 OK 1.4 kB URL GET HTTP/2 assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RCd283f12b004f41f58788fb8429c5c7e1-source.min.js
IP 23.38.200.237:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectassets.adobedtm.com
Fingerprint8E:2F:9F:94:55:93:C2:B5:58:37:E8:D3:02:3C:23:AF:BA:E7:1D:EA
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (3039)
Hash a11525e51788cc6430504e9d55431a1b
89add864313f174c3baa73d39f0b9420d6fa173b
02d9c4262c2ca583d80fdd64968d83c782c2aaeb3d3ebf9f2d2b82db86d82393
GET /a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RCd283f12b004f41f58788fb8429c5c7e1-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "252a0685667d75f706f7ad6305aaf74d:1699559965.281264"
last-modified: Thu, 09 Nov 2023 19:59:25 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 04 Dec 2023 17:08:40 GMT
date: Mon, 04 Dec 2023 16:08:40 GMT
content-length: 1365
access-control-allow-origin: https://support.savethechildren.org
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RC0aa17c92396a4362983f5680f19057aa-source.min.js
23.38.200.237200 OK 446 B URL GET HTTP/2 assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RC0aa17c92396a4362983f5680f19057aa-source.min.js
IP 23.38.200.237:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectassets.adobedtm.com
Fingerprint8E:2F:9F:94:55:93:C2:B5:58:37:E8:D3:02:3C:23:AF:BA:E7:1D:EA
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (741)
Hash ab456dc4ba5865e185125239fdd16d67
7f493e3a63dac83bdb9b34dec6539ed6762f57fd
e582c3699fba5954c316eb34dbe0339c7f8258dd1dbb9994efec422481e5cdaa
GET /a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RC0aa17c92396a4362983f5680f19057aa-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "252a0685667d75f706f7ad6305aaf74d:1699559965.281264"
last-modified: Thu, 09 Nov 2023 19:59:25 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 446
cache-control: max-age=3600
expires: Mon, 04 Dec 2023 17:08:40 GMT
date: Mon, 04 Dec 2023 16:08:40 GMT
access-control-allow-origin: https://support.savethechildren.org
timing-allow-origin: *
X-Firefox-Spdy: h2
support.savethechildren.org/jquery/jquery-1.6.4.min.js
74.123.154.123200 OK 41 kB URL GET HTTP/1.1 support.savethechildren.org/jquery/jquery-1.6.4.min.js
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash cf627dc696a2f61fa66e988ada06ccb2
b851a6aa0a8c7a1c579650a97799741b13c76d11
8988a3ea1ab01d4d52ce7c86be7a989fbc474dd7f58021ebd38a904b0e3e1e6d
GET /jquery/jquery-1.6.4.min.js HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b; AMCV_6B0E659F56A9E70D7F000101%40AdobeOrg=179643557%7CMCIDTS%7C19696%7CMCMID%7C64852152757430465710921589234807450004%7CvVersion%7C5.5.0; mbox=session#82ab5f576e9343cf973cb9fd95620eb9#1701707986; at_check=true; stc-analytics-source=Web|Mobile_SMS|SFMC|Annual_GT|GEN_B|11/28/2023; stc-session-count=0; _sfid_58d2={%22anonymousId%22:%22c95ab858674022dd%22%2C%22consents%22:[]}; _evga_c797={%22uuid%22:%22c95ab858674022dd%22}; _ga_3Q74QDHYNS=GS1.1.1701706125.1.0.1701706125.60.0.0; _ga=GA1.1.955907868.1701706125; _omappvp=Q5msHWF5WaZFKd5RULApUVomXBwdpcFtxYYseRDD1NcCcirXeRzS2uEUgw1cEOlfA8TK9DM4Awqu31643cb28v3F3FivQNIr; _omappvs=1701706125276; stc-analytics-sub_source=|||||
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:40 GMT
Server: Apache
Last-Modified: Fri, 29 May 2020 05:05:40 GMT
ETag: "20908-5a6c26584b2fd"
Accept-Ranges: bytes
Cteonnt-Length: 133384
Keep-Alive: timeout=15, max=482
Connection: Keep-Alive
Content-Type: application/x-javascript
Cache-Control: private
Content-Encoding: gzip
Transfer-Encoding: chunked
api.omappapi.com/v3/geolocate/json
143.204.55.53200 OK 471 B URL GET HTTP/2 api.omappapi.com/v3/geolocate/json
IP 143.204.55.53:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerAmazon
Subjectapi.opmnstr.com
Fingerprint34:6F:11:EF:D5:CB:E0:6D:60:61:6B:1C:48:AC:44:A4:64:29:61:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Thu, 08 Feb 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (471), with no line terminators
Hash 1ec3e5fd2bcf11949dfa1c640813b828
0e5ccddbec8d1dd7711c3b9153d842a68b73ef17
9f0e058eefaefd43e77f50c985c6a5aff68b4dcd73c2f63e9374c21ff922576b
GET /v3/geolocate/json HTTP/1.1
Host: api.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://support.savethechildren.org
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 471
date: Mon, 04 Dec 2023 16:08:40 GMT
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1701706180
x-user-agent: standard--
x-cache-config: 0 0
x-cache-status: BYPASS
x-pagely-debug: mainblock
access-control-allow-origin: *
server: Pagely Gateway/1.5.1
x-cache: Miss from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WRJntVFr-E_qd75_sOs8g6s07PGh2BKsM7jsmAjllCZB64Pu9Il3og==
X-Firefox-Spdy: h2
a.opmnstr.com/app/js/16.0e435a6f.min.js
194.242.11.186200 OK 1.3 kB URL GET HTTP/2 a.opmnstr.com/app/js/16.0e435a6f.min.js
IP 194.242.11.186:443
ASN #34989 ServeTheWorld AS
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerLet's Encrypt
Subjecta.opmnstr.com
FingerprintD4:71:80:01:7A:24:C3:E9:2C:46:BB:21:1B:F7:59:08:82:48:D3:47
ValiditySat, 18 Nov 2023 14:16:22 GMT - Fri, 16 Feb 2024 14:16:21 GMT
File type ASCII text, with very long lines (1264)
Hash 70e64b882fc70c39643e063164c3acd9
3596aacda30a6471bf019e24147899e73527ea31
c4fbf61bcc8a017d5d9cd2d95105bf88005bc0a3b6c18be6bfee8fc94d0adf52
GET /app/js/16.0e435a6f.min.js HTTP/1.1
Host: a.opmnstr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 16:08:40 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"65087f27-51f"
last-modified: Mon, 18 Sep 2023 16:47:35 GMT
cdn-storageserver: SE-318
cdn-requestpullsuccess: True
cdn-fileserver: 585
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 12/01/2023 17:47:11
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: f9c6804d06b58199836a7cae5bdc2cb7
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.opmnstr.com/app/js/11.38e902ad.min.js
194.242.11.186200 OK 1.3 kB URL GET HTTP/2 a.opmnstr.com/app/js/11.38e902ad.min.js
IP 194.242.11.186:443
ASN #34989 ServeTheWorld AS
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerLet's Encrypt
Subjecta.opmnstr.com
FingerprintD4:71:80:01:7A:24:C3:E9:2C:46:BB:21:1B:F7:59:08:82:48:D3:47
ValiditySat, 18 Nov 2023 14:16:22 GMT - Fri, 16 Feb 2024 14:16:21 GMT
File type ASCII text, with very long lines (2581)
Hash d7babcef7cddf26ae78d7cb5f7bc1ad7
d2bcea3a34a40142d07fee4fe5b67f0aaa91ac1e
c110d3e795d9bcb956d5c9ef500d23c7e480a259519d383d5c626293ee413815
GET /app/js/11.38e902ad.min.js HTTP/1.1
Host: a.opmnstr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 16:08:40 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"65087f29-a40"
last-modified: Mon, 18 Sep 2023 16:47:37 GMT
cdn-storageserver: SE-344
cdn-requestpullsuccess: True
cdn-fileserver: 585
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 12/01/2023 17:47:11
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 1be2e7b8b563bce6060fe5e6848d9d67
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.opmnstr.com/app/js/19.b93023b7.min.js
194.242.11.186200 OK 2.4 kB URL GET HTTP/2 a.opmnstr.com/app/js/19.b93023b7.min.js
IP 194.242.11.186:443
ASN #34989 ServeTheWorld AS
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerLet's Encrypt
Subjecta.opmnstr.com
FingerprintD4:71:80:01:7A:24:C3:E9:2C:46:BB:21:1B:F7:59:08:82:48:D3:47
ValiditySat, 18 Nov 2023 14:16:22 GMT - Fri, 16 Feb 2024 14:16:21 GMT
File type ASCII text, with very long lines (4227)
Hash e65c329f5bc9de5b90ce45014c87f80e
6cd38f5f9ff45fac38eeec126e6d827ecec51a8d
263c3a799ea39e2db3c3347bab23a9f98990d9d9633d2d8b833d8766c3dc2b36
GET /app/js/19.b93023b7.min.js HTTP/1.1
Host: a.opmnstr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 16:08:40 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"65088833-10b0"
last-modified: Mon, 18 Sep 2023 17:26:11 GMT
cdn-storageserver: SE-344
cdn-requestpullsuccess: True
cdn-fileserver: 584
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 12/01/2023 17:47:11
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 2e819504e282351f122776203afc6772
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=DC-11620455
216.58.207.200200 OK 68 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=DC-11620455
IP 216.58.207.200:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (3026)
Hash 3ef2be0226188699156756b37d51300c
cf794f1634dae854f51221c6edd20444e5fe2ac0
ec4949071c9f4909dd34dfc0f1a7a8c5495db46b8479fcc6564666c936a42c73
GET /gtag/js?id=DC-11620455 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 04 Dec 2023 16:08:40 GMT
expires: Mon, 04 Dec 2023 16:08:40 GMT
cache-control: private, max-age=900
last-modified: Mon, 04 Dec 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 67479
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
a.opmnstr.com/app/js/27.78393e5b.min.js
194.242.11.186200 OK 9.6 kB URL GET HTTP/2 a.opmnstr.com/app/js/27.78393e5b.min.js
IP 194.242.11.186:443
ASN #34989 ServeTheWorld AS
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerLet's Encrypt
Subjecta.opmnstr.com
FingerprintD4:71:80:01:7A:24:C3:E9:2C:46:BB:21:1B:F7:59:08:82:48:D3:47
ValiditySat, 18 Nov 2023 14:16:22 GMT - Fri, 16 Feb 2024 14:16:21 GMT
File type ASCII text, with very long lines (6469)
Hash 29ed0d9d4b3ca3234aa7a599def229d8
6f55332d128f66503d4a7f263d34fa63a888272a
5405f21fd05a73a76a85b2021b366df4dcd00dd93ad956d671776622ea5e1ffc
GET /app/js/27.78393e5b.min.js HTTP/1.1
Host: a.opmnstr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 16:08:40 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"65088834-1973"
last-modified: Mon, 18 Sep 2023 17:26:12 GMT
cdn-storageserver: SE-344
cdn-requestpullsuccess: True
cdn-fileserver: 584
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 12/01/2023 17:47:11
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 8b540014a09d591aadd96cd3c03c26fa
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.opmnstr.com/app/js/api.min.js
194.242.11.186200 OK 27 kB URL GET HTTP/2 a.opmnstr.com/app/js/api.min.js
IP 194.242.11.186:443
ASN #34989 ServeTheWorld AS
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerLet's Encrypt
Subjecta.opmnstr.com
FingerprintD4:71:80:01:7A:24:C3:E9:2C:46:BB:21:1B:F7:59:08:82:48:D3:47
ValiditySat, 18 Nov 2023 14:16:22 GMT - Fri, 16 Feb 2024 14:16:21 GMT
File type C source, ASCII text, with very long lines (52122), with no line terminators
Hash 286382f677709f3129681c2ff3977d00
f9dca7fac954932b90a236ab85520cc44ae2a527
b18b7934fcad866d7a86f35e082d61323a9417ef10ded37e30c710dae0d38df4
GET /app/js/api.min.js HTTP/1.1
Host: a.opmnstr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 16:08:39 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"654bcb0f-cb9a"
last-modified: Wed, 08 Nov 2023 17:53:19 GMT
cdn-storageserver: SE-344
cdn-requestpullsuccess: True
cdn-fileserver: 385
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 12/01/2023 17:47:11
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 584a076532c55f68fe9c5350ba783b64
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.23 2.1 kB IP 192.124.249.23:0
Hash d2c6ea60d9e3ba9a7f90e61461a10b0f
77d26770d0c390096e3405e2f32604282beb9b83
6928a39dd90591843e3a810d9bae0d998529aac3a04791a9c1c4255151252f06
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 04 Dec 2023 16:08:41 GMT
Content-Type: application/ocsp-response
Content-Length: 2149
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 04 Dec 2023 11:14:45 GMT
Expires: Tue, 05 Dec 2023 11:14:45 GMT
ETag: "77d26770d0c390096e3405e2f32604282beb9b83"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
a.opmnstr.com/app/js/21.5aa698b1.min.js
194.242.11.186200 OK 5.3 kB URL GET HTTP/2 a.opmnstr.com/app/js/21.5aa698b1.min.js
IP 194.242.11.186:443
ASN #34989 ServeTheWorld AS
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerLet's Encrypt
Subjecta.opmnstr.com
FingerprintD4:71:80:01:7A:24:C3:E9:2C:46:BB:21:1B:F7:59:08:82:48:D3:47
ValiditySat, 18 Nov 2023 14:16:22 GMT - Fri, 16 Feb 2024 14:16:21 GMT
File type ASCII text, with very long lines (2030)
Hash 01e5c5d90f560240eb41999f97632e80
ec1642f24d79b60080f09e9d4ea8627b908188d2
5c756ba00bc22ff5690e08fc74aa2c70cde9b692a4acb7ca813a9dc7168c27d5
GET /app/js/21.5aa698b1.min.js HTTP/1.1
Host: a.opmnstr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 16:08:40 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"65087f27-81f"
last-modified: Mon, 18 Sep 2023 16:47:35 GMT
cdn-storageserver: SE-344
cdn-requestpullsuccess: True
cdn-fileserver: 584
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 12/01/2023 17:47:11
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 03d0fb0b0483f9fc22764a34e44f8492
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-85748307-2&l=dataLayer&cx=c
216.58.207.200200 OK 69 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=UA-85748307-2&l=dataLayer&cx=c
IP 216.58.207.200:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (4179)
Hash e61714c426b21a9000d6d2848b54cc96
2b0c041a1e841da9b9938a28582927f356b5848c
df53bf9cfb4cb0ba49b8d561083423c85a74c35eba540037b7c8a7a263d2a877
GET /gtag/js?id=UA-85748307-2&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 04 Dec 2023 16:08:41 GMT
expires: Mon, 04 Dec 2023 16:08:41 GMT
cache-control: private, max-age=900
last-modified: Mon, 04 Dec 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68982
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.googletagmanager.com/gtag/js?id=AW-1069852215&l=dataLayer&cx=c
216.58.207.200200 OK 78 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=AW-1069852215&l=dataLayer&cx=c
IP 216.58.207.200:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (4179)
Hash cb233d7e83d60d5950f0d513723a7d07
0a1d63993dcd48a5190f493d611ca9281ed1594e
41c5ec087f367d631a85d1b061a334f7165e7ba0bd30e526b9139b408762b916
GET /gtag/js?id=AW-1069852215&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 04 Dec 2023 16:08:41 GMT
expires: Mon, 04 Dec 2023 16:08:41 GMT
cache-control: private, max-age=900
last-modified: Mon, 04 Dec 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77801
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.dgtrx.com/scripts/sdk/everflow.js
34.98.72.238200 OK 19 kB URL GET HTTP/2 www.dgtrx.com/scripts/sdk/everflow.js
IP 34.98.72.238:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerStarfield Technologies, Inc.
Subjectvfr12trk.com
Fingerprint22:77:6B:59:DA:45:2E:DE:A4:48:8B:9B:AE:A3:46:88:31:0D:9B:6A
ValidityFri, 03 Nov 2023 21:29:00 GMT - Wed, 04 Dec 2024 21:29:00 GMT
File type gzip compressed data, from Unix\012- data
Hash 0c27a4825987d244a9c3f76998e86d75
8a2e85437202c029e41864c4b64bb28e00c94adc
c4cfb23635595ee74066fe3d669d8aa40dc1b14779a273f6e92200dd7d509eae
GET /scripts/sdk/everflow.js HTTP/1.1
Host: www.dgtrx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 16:08:41 GMT
content-type: text/javascript
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
cache-control: max-age=14400
vary: Origin
x-eflow-request-id: e71aaa33-b9c3-4eb8-b48f-b613f8223e39
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.omappapi.com/v2/embed/71376?d=support.savethechildren.org
143.204.55.53200 OK 31 kB URL GET HTTP/2 api.omappapi.com/v2/embed/71376?d=support.savethechildren.org
IP 143.204.55.53:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerAmazon
Subjectapi.opmnstr.com
Fingerprint34:6F:11:EF:D5:CB:E0:6D:60:61:6B:1C:48:AC:44:A4:64:29:61:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Thu, 08 Feb 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash a069c74314fa32209ca110706139f133
df2c50028d1e699850fcbaf15c7faf10128bcbfe
911b3105e5fa66570b99bf7add848e6bd800871a7c97253d895ae0acdbeeaa18
GET /v2/embed/71376?d=support.savethechildren.org HTTP/1.1
Host: api.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://support.savethechildren.org
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json
date: Mon, 04 Dec 2023 16:08:39 GMT
access-control-allow-origin: *
access-control-allow-headers: X-CSRF-Token
expires: Mon, 04 Dec 2023 15:47:15 GMT
cache-control: public, max-age=30, stale-while-revalidate=1800
last-modified: Thu, 07 Sep 2023 19:04:37 GMT
etag: W/"c1b82ed1171d30df6ceefae3b542645c"
x-optinmonster-account: 80223
access-control-expose-headers: X-OptinMonster-Account, X-User-Agent
x-user-agent: standard--
x-cache-config: 0 0
vary: Accept-Encoding, User-Agent
x-cache-status: HIT
content-encoding: gzip
server: Pagely Gateway/1.5.1
x-cache: Miss from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oEvrr6TAAGPDBWegO1ENPnKD31IpVhPHXW-fon6pKKHBl9Lw-iSu_g==
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-KG696PWF7Y&l=dataLayer&cx=c
216.58.207.200200 OK 81 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-KG696PWF7Y&l=dataLayer&cx=c
IP 216.58.207.200:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (5955)
Hash d86c4327e86248f8a7363dd9ddd967bd
fd9add4e23efed55a30383ecc9822e258597993c
3a7da9abd24368e115e7a4bc46c857b8b741bd3ec2813525249d09353864f8f6
GET /gtag/js?id=G-KG696PWF7Y&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 04 Dec 2023 16:08:41 GMT
expires: Mon, 04 Dec 2023 16:08:41 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81291
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
support.savethechildren.org/jquery/jquery-noconflict.js
74.123.154.123200 OK 574 B URL GET HTTP/1.1 support.savethechildren.org/jquery/jquery-noconflict.js
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Hash 7db665ba0247280f994c2e8a7025a98a
f6cf88c8641fa511033221531520666ed5ef60f2
53380404709f3d3e845a1e33be4d4e0bac1a77845e10f68111ffb474a4bf0961
GET /jquery/jquery-noconflict.js HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b; AMCV_6B0E659F56A9E70D7F000101%40AdobeOrg=179643557%7CMCIDTS%7C19696%7CMCMID%7C64852152757430465710921589234807450004%7CvVersion%7C5.5.0; mbox=session#82ab5f576e9343cf973cb9fd95620eb9#1701707986; at_check=true; stc-analytics-source=Web|Mobile_SMS|SFMC|Annual_GT|GEN_B|11/28/2023; stc-session-count=0; _sfid_58d2={%22anonymousId%22:%22c95ab858674022dd%22%2C%22consents%22:[]}; _evga_c797={%22uuid%22:%22c95ab858674022dd%22}; _ga_3Q74QDHYNS=GS1.1.1701706125.1.0.1701706125.60.0.0; _ga=GA1.1.955907868.1701706125; _omappvp=Q5msHWF5WaZFKd5RULApUVomXBwdpcFtxYYseRDD1NcCcirXeRzS2uEUgw1cEOlfA8TK9DM4Awqu31643cb28v3F3FivQNIr; _omappvs=1701706125276; stc-analytics-sub_source=|||||; s_ppv=5X%2520MATCH%2520A%2520GIFT%2520FOR%2520CHILDREN%2520THIS%2520GIVING%2520TUESDAY%2520%2C25%2C25%2C1024%2C1%2C3; s_ecid=MCMID%7C64852152757430465710921589234807450004; __cf_bm=LihHBOCkn5fbOjpS_lUX60vxUjw9YRt4AesohU9uZfw-1701706120-0-ATZ6YzlcGp5UyTdKgXu0vZyyiC783VTK4i+8m+/B30eriMHaOUq9Re/0RFVhMCKexr60xGW/Rz3xVKmkHP5Zgyg=; s_ips=1024; s_tp=4088; _rdt_uuid=1701706126939.c7556dc4-812d-4cfd-b915-6564a558f9bd; _gcl_au=1.1.682044295.1701706127
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:41 GMT
Server: Apache
Last-Modified: Tue, 24 Jul 2012 19:53:23 GMT
ETag: "46f-4c598b70372c0"
Accept-Ranges: bytes
Cteonnt-Length: 1135
Keep-Alive: timeout=15, max=487
Connection: Keep-Alive
Content-Type: application/x-javascript
Cache-Control: private
Content-Encoding: gzip
Content-Length: 574
savethechildren.us-7.evergage.com/pr?.top=2057&action=Viewed%20Donation%20Page&.tt=849&.ttdns=83&.bv=16&_ak=savethechildren&_ds=production&.scv=36&channel=Web&_r=161028&.anonId=c95ab858674022dd&_anon=true
44.228.124.45204 No Content 0 B URL POST HTTP/2 savethechildren.us-7.evergage.com/pr?.top=2057&action=Viewed%20Donation%20Page&.tt=849&.ttdns=83&.bv=16&_ak=savethechildren&_ds=production&.scv=36&channel=Web&_r=161028&.anonId=c95ab858674022dd&_anon=true
IP 44.228.124.45:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerAmazon
Subject*.us-7.evergage.com
FingerprintFC:5D:A7:A6:00:77:1C:8A:75:2A:C6:E2:60:C7:BD:46:61:26:07:C6
ValidityTue, 01 Aug 2023 00:00:00 GMT - Thu, 29 Aug 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /pr?.top=2057&action=Viewed%20Donation%20Page&.tt=849&.ttdns=83&.bv=16&_ak=savethechildren&_ds=production&.scv=36&channel=Web&_r=161028&.anonId=c95ab858674022dd&_anon=true HTTP/1.1
Host: savethechildren.us-7.evergage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 0
Origin: https://support.savethechildren.org
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Cookie: AWSALBTGCORS=xJg1mFHPkGmTilzp9ZXYYOQZPv8GyDm3o/fHwC87cuTkQw8yLtFo3U3SZNRhcGkbSd+rG+eoCpvRm3K55XrAQiCbeWrM2yb1Z4npm9ySiEdPp7mFw5VFAXgtpHaKg0swMqXr/ys7EoOQYVM5xYI67/7AUPuFIr3lBuDsgiIZQko1WXqpwVM=; AWSALBCORS=pyDrcPiq6vm69JVUa75Xx1oN9Msr1dSJpNYi17/RJ2vOncf2aidAJFpYjnYlGdcAeDVDj3mkCqxNNfvx3McLKu843YJZRwXfHnLXXWyklYhJ8AZ80RqYblhnXOB4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 04 Dec 2023 16:08:41 GMT
set-cookie: AWSALBTG=UJ38GZpTjiRqmd2VzsQrHYgU7fRMAN6LLPwEgcFCPz5r5zyTLpf+QmLad3AVj9p3y6ftr+LJ4kN3Eo0VWAe+yzL9rddnGw6M/44iql7ar+bDVzWn+V9+fb0Flh7L7In76l1HXPwW6MaaFpO66NBVQH70nmLdrTU+OiM4fbN0D+1mzP9l2/A=; Expires=Mon, 11 Dec 2023 16:08:41 GMT; Path=/
AWSALBTGCORS=UJ38GZpTjiRqmd2VzsQrHYgU7fRMAN6LLPwEgcFCPz5r5zyTLpf+QmLad3AVj9p3y6ftr+LJ4kN3Eo0VWAe+yzL9rddnGw6M/44iql7ar+bDVzWn+V9+fb0Flh7L7In76l1HXPwW6MaaFpO66NBVQH70nmLdrTU+OiM4fbN0D+1mzP9l2/A=; Expires=Mon, 11 Dec 2023 16:08:41 GMT; Path=/; SameSite=None; Secure
AWSALB=UFYb9Ot8lbBtWNJoL+KhSzYZSw2kuGMClXYTphXeOnA7jexYYHqvLWx1aGm98NG3MwJ809vgJC7kFgkbWoZQGBVWcdILCPSkZZtors0kt9VwEXlacwUJ6jzXlGcs; Expires=Mon, 11 Dec 2023 16:08:41 GMT; Path=/
AWSALBCORS=UFYb9Ot8lbBtWNJoL+KhSzYZSw2kuGMClXYTphXeOnA7jexYYHqvLWx1aGm98NG3MwJ809vgJC7kFgkbWoZQGBVWcdILCPSkZZtors0kt9VwEXlacwUJ6jzXlGcs; Expires=Mon, 11 Dec 2023 16:08:41 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: https://support.savethechildren.org
timing-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2
w.usabilla.com/0b7d56c9da02.js?lv=1
52.16.116.245200 OK 11 kB URL GET HTTP/2 w.usabilla.com/0b7d56c9da02.js?lv=1
IP 52.16.116.245:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerAmazon
Subjectw.usabilla.com
Fingerprint41:79:87:89:8A:97:A4:3B:1B:24:73:F3:45:C3:62:AB:E7:46:9D:33
ValidityThu, 09 Feb 2023 00:00:00 GMT - Fri, 09 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (2574)
Hash 56aa1e0e4d18b7d585e4d177c09fb015
6d7b9f6643899a735803f1f028b9eab33cc09103
58c1df7cc579c9068fe734f38c2fac46b7e59d8673b9c839735c4c93d2565259
GET /0b7d56c9da02.js?lv=1 HTTP/1.1
Host: w.usabilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 16:08:41 GMT
content-type: text/javascript
content-length: 11229
cache-control: public,max-age=0
content-encoding: gzip
etag: "bf2f321ad14f031cbd539fc6049f955a"
pragma: no-cache
x-widget-server: 2.1
X-Firefox-Spdy: h2
18.210.229.244/is
18.210.229.244200 OK 32 B IP 18.210.229.244:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerSectigo Limited
Subject18.210.229.244
Fingerprint1A:C5:81:F4:D0:6A:5C:CF:48:D1:5D:51:C5:07:75:25:D3:99:4D:EC
ValidityMon, 13 Feb 2023 00:00:00 GMT - Tue, 13 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 72def432ec021c6ce2c136171703ad63
58461d958f958e860e1e284e39d6dc2097917d6f
67c6e983816591db58b7620f56122e2674812990dba75e0c257fd27c8538ee52
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /is HTTP/1.1
Host: 18.210.229.244
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://support.savethechildren.org/
Origin: https://support.savethechildren.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Mon, 04 Dec 2023 16:08:41 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: text/plain;charset=utf-8
content-length: 32
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
support.savethechildren.org/jquery/plugins/ui/jquery-ui-1.8.16.custom.min.js
74.123.154.123200 OK 60 kB URL GET HTTP/1.1 support.savethechildren.org/jquery/plugins/ui/jquery-ui-1.8.16.custom.min.js
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (559)
Hash 65c7c707dddea0c7861714df250d54c4
d938873d1520f1507b25c0cd7b4c58d2368fa738
c6692607384f0b261f38edee88dc75ee817827d26aecc4ae765ada9aa92dd36b
GET /jquery/plugins/ui/jquery-ui-1.8.16.custom.min.js HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b; AMCV_6B0E659F56A9E70D7F000101%40AdobeOrg=179643557%7CMCIDTS%7C19696%7CMCMID%7C64852152757430465710921589234807450004%7CvVersion%7C5.5.0; mbox=session#82ab5f576e9343cf973cb9fd95620eb9#1701707986; at_check=true; stc-analytics-source=Web|Mobile_SMS|SFMC|Annual_GT|GEN_B|11/28/2023; stc-session-count=0; _sfid_58d2={%22anonymousId%22:%22c95ab858674022dd%22%2C%22consents%22:[]}; _evga_c797={%22uuid%22:%22c95ab858674022dd%22}; _ga_3Q74QDHYNS=GS1.1.1701706125.1.0.1701706125.60.0.0; _ga=GA1.1.955907868.1701706125; _omappvp=Q5msHWF5WaZFKd5RULApUVomXBwdpcFtxYYseRDD1NcCcirXeRzS2uEUgw1cEOlfA8TK9DM4Awqu31643cb28v3F3FivQNIr; _omappvs=1701706125276; stc-analytics-sub_source=|||||; s_ppv=5X%2520MATCH%2520A%2520GIFT%2520FOR%2520CHILDREN%2520THIS%2520GIVING%2520TUESDAY%2520%2C25%2C25%2C1024%2C1%2C3; s_ecid=MCMID%7C64852152757430465710921589234807450004; __cf_bm=LihHBOCkn5fbOjpS_lUX60vxUjw9YRt4AesohU9uZfw-1701706120-0-ATZ6YzlcGp5UyTdKgXu0vZyyiC783VTK4i+8m+/B30eriMHaOUq9Re/0RFVhMCKexr60xGW/Rz3xVKmkHP5Zgyg=; s_ips=1024; s_tp=4088; _rdt_uuid=1701706126939.c7556dc4-812d-4cfd-b915-6564a558f9bd; _gcl_au=1.1.682044295.1701706127
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 16:08:41 GMT
Server: Apache
Last-Modified: Tue, 07 Feb 2012 18:21:34 GMT
ETag: "3361f-4b863d94fc780"
Accept-Ranges: bytes
Cteonnt-Length: 210463
Keep-Alive: timeout=15, max=423
Connection: Keep-Alive
Content-Type: application/x-javascript
Cache-Control: private
Content-Encoding: gzip
Transfer-Encoding: chunked
app.leadsrx.com/visitor.js
44.236.243.19200 OK 19 kB URL GET HTTP/2 app.leadsrx.com/visitor.js
IP 44.236.243.19:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subject*.leadsrx.com
FingerprintA4:5F:5E:E1:0B:E1:A7:EA:53:96:FE:95:1B:BD:69:AE:EC:3D:88:95
ValidityTue, 02 May 2023 00:00:00 GMT - Sat, 01 Jun 2024 23:59:59 GMT
File type ASCII text, with very long lines (18735), with no line terminators
Hash 0a4109c065352458bee4e9cc98e1fbce
1d44e1811ea9409f12e88fc42c8a734d3316293b
6b5116bd2cb4809c6634b99a9b1ea0a0aeda596a94817682a0e4811e35eccc58
GET /visitor.js HTTP/1.1
Host: app.leadsrx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 16:08:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 18735
server: nginx/1.20.1
last-modified: Mon, 04 Dec 2023 14:51:11 GMT
etag: "656de75f-492f"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 13 kB IP 204.79.197.200:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
File type Unicode text, UTF-8 text, with very long lines (46103), with no line terminators
Hash 7f75f159026f3a2c8cccda487b43157b
021cf5c854db063cd79bf0394c24eb994e095640
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 13175
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ranges: bytes
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B3E2DED7825E437EBCDF2679D42405E4 Ref B: OSL30EDGE0219 Ref C: 2023-12-04T16:08:41Z
date: Mon, 04 Dec 2023 16:08:41 GMT
X-Firefox-Spdy: h2
smetrics.savethechildren.org/b/ss/stcf.prod.us/5.1/JS-2.25.0-LDQM/s54854764892995
104.18.4.221200 OK 43 B URL POST HTTP/2 smetrics.savethechildren.org/b/ss/stcf.prod.us/5.1/JS-2.25.0-LDQM/s54854764892995
IP 104.18.4.221:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoogle Trust Services LLC
Subjectsmetrics.savethechildren.org
Fingerprint91:EF:B5:E6:FF:8D:EC:60:2E:DB:24:74:48:33:47:1D:6C:5D:51:E3
ValiditySat, 14 Oct 2023 21:22:25 GMT - Fri, 12 Jan 2024 22:21:21 GMT
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
POST /b/ss/stcf.prod.us/5.1/JS-2.25.0-LDQM/s54854764892995 HTTP/1.1
Host: smetrics.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2480
Origin: https://support.savethechildren.org
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Cookie: AMCV_6B0E659F56A9E70D7F000101%40AdobeOrg=179643557%7CMCIDTS%7C19696%7CMCMID%7C64852152757430465710921589234807450004%7CMCAID%7CNONE%7CMCOPTOUT-1701713327s%7CNONE%7CvVersion%7C5.5.0; mbox=session#82ab5f576e9343cf973cb9fd95620eb9#1701707986; at_check=true; stc-analytics-source=Web|Mobile_SMS|SFMC|Annual_GT|GEN_B|11/28/2023; stc-session-count=0; _sfid_58d2={%22anonymousId%22:%22c95ab858674022dd%22%2C%22consents%22:[]}; _evga_c797={%22uuid%22:%22c95ab858674022dd%22}; _ga_3Q74QDHYNS=GS1.1.1701706125.1.0.1701706125.60.0.0; _ga=GA1.1.955907868.1701706125; stc-analytics-sub_source=|||||; s_ppv=5X%2520MATCH%2520A%2520GIFT%2520FOR%2520CHILDREN%2520THIS%2520GIVING%2520TUESDAY%2520%2C25%2C25%2C1024%2C1%2C3; s_ecid=MCMID%7C64852152757430465710921589234807450004; __cf_bm=LihHBOCkn5fbOjpS_lUX60vxUjw9YRt4AesohU9uZfw-1701706120-0-ATZ6YzlcGp5UyTdKgXu0vZyyiC783VTK4i+8m+/B30eriMHaOUq9Re/0RFVhMCKexr60xGW/Rz3xVKmkHP5Zgyg=; s_ips=1024; s_tp=4088; _rdt_uuid=1701706126939.c7556dc4-812d-4cfd-b915-6564a558f9bd; _gcl_au=1.1.682044295.1701706127; _ga_KG696PWF7Y=GS1.1.1701706127.1.0.1701706127.0.0.0; AMCVS_6B0E659F56A9E70D7F000101%40AdobeOrg=1; s_nr30=1701706127617-New; s_cc=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 16:08:42 GMT
content-type: image/gif;charset=utf-8
content-length: 43
access-control-allow-origin: https://support.savethechildren.org
access-control-allow-credentials: true
expires: Sun, 03 Dec 2023 16:08:42 GMT
last-modified: Tue, 05 Dec 2023 16:08:42 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
set-cookie: s_ecid=MCMID%7C64852152757430465710921589234807450004; Path=/; Domain=savethechildren.org;
etag: 3654386072593432576-4617851516493774310
vary: *
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83054f3eafe1568a-OSL
X-Firefox-Spdy: h2
smetrics.savethechildren.org/b/ss/stcf.prod.us/5.1/JS-2.25.0-LDQM/s55126715439957
104.18.4.221200 OK 43 B URL POST HTTP/2 smetrics.savethechildren.org/b/ss/stcf.prod.us/5.1/JS-2.25.0-LDQM/s55126715439957
IP 104.18.4.221:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoogle Trust Services LLC
Subjectsmetrics.savethechildren.org
Fingerprint91:EF:B5:E6:FF:8D:EC:60:2E:DB:24:74:48:33:47:1D:6C:5D:51:E3
ValiditySat, 14 Oct 2023 21:22:25 GMT - Fri, 12 Jan 2024 22:21:21 GMT
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
POST /b/ss/stcf.prod.us/5.1/JS-2.25.0-LDQM/s55126715439957 HTTP/1.1
Host: smetrics.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2372
Origin: https://support.savethechildren.org
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Cookie: AMCV_6B0E659F56A9E70D7F000101%40AdobeOrg=179643557%7CMCIDTS%7C19696%7CMCMID%7C64852152757430465710921589234807450004%7CMCAID%7CNONE%7CMCOPTOUT-1701713327s%7CNONE%7CvVersion%7C5.5.0; mbox=session#82ab5f576e9343cf973cb9fd95620eb9#1701707986; at_check=true; stc-analytics-source=Web|Mobile_SMS|SFMC|Annual_GT|GEN_B|11/28/2023; stc-session-count=0; _sfid_58d2={%22anonymousId%22:%22c95ab858674022dd%22%2C%22consents%22:[]}; _evga_c797={%22uuid%22:%22c95ab858674022dd%22}; _ga_3Q74QDHYNS=GS1.1.1701706125.1.0.1701706125.60.0.0; _ga=GA1.1.955907868.1701706125; stc-analytics-sub_source=|||||; s_ppv=5X%2520MATCH%2520A%2520GIFT%2520FOR%2520CHILDREN%2520THIS%2520GIVING%2520TUESDAY%2520%2C25%2C25%2C1024%2C1%2C3; s_ecid=MCMID%7C64852152757430465710921589234807450004; __cf_bm=LihHBOCkn5fbOjpS_lUX60vxUjw9YRt4AesohU9uZfw-1701706120-0-ATZ6YzlcGp5UyTdKgXu0vZyyiC783VTK4i+8m+/B30eriMHaOUq9Re/0RFVhMCKexr60xGW/Rz3xVKmkHP5Zgyg=; s_ips=1024; s_tp=4088; _rdt_uuid=1701706126939.c7556dc4-812d-4cfd-b915-6564a558f9bd; _gcl_au=1.1.682044295.1701706127; _ga_KG696PWF7Y=GS1.1.1701706127.1.0.1701706127.0.0.0; AMCVS_6B0E659F56A9E70D7F000101%40AdobeOrg=1; s_nr30=1701706127617-New; s_cc=true; _uetsid=6804392092bf11eea663d1c538520734; _uetvid=6804665092bf11eeb8b1337b86085565
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 16:08:42 GMT
content-type: image/gif;charset=utf-8
content-length: 43
access-control-allow-origin: https://support.savethechildren.org
access-control-allow-credentials: true
expires: Sun, 03 Dec 2023 16:08:42 GMT
last-modified: Tue, 05 Dec 2023 16:08:42 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
set-cookie: s_ecid=MCMID%7C64852152757430465710921589234807450004; Path=/; Domain=savethechildren.org;
etag: 3654386070796632064-4617853861025397478
vary: *
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 83054f3f18b5568a-OSL
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=5439503&Ver=2&mid=6087f2c0-1b5c-4c4d-b09d-8513c55b28a4&sid=6804392092bf11eea663d1c538520734&vid=6804665092bf11eeb8b1337b86085565&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=5X%20MATCH%20A%20GIFT%20FOR%20CHILDREN%20THIS%20GIVING%20TUESDAY%20-%20Save%20the%20Children&p=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D10846%26mfc_pref%3DT%2610846.donation%3Dform1%26monthly%3Dfalse%26cid%3DMobile_SMS%3ASFMC%3AAnnual_GT%3AGEN_B%3A112823%26mn%3DBR-SMS-112823-Annual_GT-GEN_B%26mk%3D33265268&r=<=3889&evt=pageLoad&sv=1&rn=197518
204.79.197.200204 No Content 0 B URL GET HTTP/2 bat.bing.com/action/0?ti=5439503&Ver=2&mid=6087f2c0-1b5c-4c4d-b09d-8513c55b28a4&sid=6804392092bf11eea663d1c538520734&vid=6804665092bf11eeb8b1337b86085565&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=5X%20MATCH%20A%20GIFT%20FOR%20CHILDREN%20THIS%20GIVING%20TUESDAY%20-%20Save%20the%20Children&p=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D10846%26mfc_pref%3DT%2610846.donation%3Dform1%26monthly%3Dfalse%26cid%3DMobile_SMS%3ASFMC%3AAnnual_GT%3AGEN_B%3A112823%26mn%3DBR-SMS-112823-Annual_GT-GEN_B%26mk%3D33265268&r=<=3889&evt=pageLoad&sv=1&rn=197518
IP 204.79.197.200:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5439503&Ver=2&mid=6087f2c0-1b5c-4c4d-b09d-8513c55b28a4&sid=6804392092bf11eea663d1c538520734&vid=6804665092bf11eeb8b1337b86085565&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=5X%20MATCH%20A%20GIFT%20FOR%20CHILDREN%20THIS%20GIVING%20TUESDAY%20-%20Save%20the%20Children&p=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D10846%26mfc_pref%3DT%2610846.donation%3Dform1%26monthly%3Dfalse%26cid%3DMobile_SMS%3ASFMC%3AAnnual_GT%3AGEN_B%3A112823%26mn%3DBR-SMS-112823-Annual_GT-GEN_B%26mk%3D33265268&r=<=3889&evt=pageLoad&sv=1&rn=197518 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=3E27226FC5F36D372F5631B2C4066C8C; domain=.bing.com; expires=Sat, 28-Dec-2024 16:08:42 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EA4D05FDC3904C6E9B5E82292AC37B75 Ref B: OSL30EDGE0219 Ref C: 2023-12-04T16:08:42Z
date: Mon, 04 Dec 2023 16:08:42 GMT
X-Firefox-Spdy: h2
bat.bing.com/p/action/5439503.js
204.79.197.200204 No Content 0 B URL GET HTTP/2 bat.bing.com/p/action/5439503.js
IP 204.79.197.200:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/5439503.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A0352A0CB88443C288CB36D63803EF88 Ref B: OSL30EDGE0219 Ref C: 2023-12-04T16:08:42Z
date: Mon, 04 Dec 2023 16:08:42 GMT
X-Firefox-Spdy: h2
px.mountain.com/st?ga_tracking_id=G-3Q74QDHYNS&ga_client_id=955907868.1701706125&shpt=5X%20MATCH%20A%20GIFT%20FOR%20CHILDREN%20THIS%20GIVING%20TUESDAY%20%20-%20Save%20the%20Children&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-3Q74QDHYNS%22%2C%22ga_client_id%22%3A%22955907868.1701706125%22%2C%22shpt%22%3A%225X%20MATCH%20A%20GIFT%20FOR%20CHILDREN%20THIS%20GIVING%20TUESDAY%20%20-%20Save%20the%20Children%22%2C%22dcm_cid%22%3A%221701706125.1%22%2C%22mntnis%22%3A%22AZflz345GlzsfNShT%2Fl7yB%2FpuRhBaYYP%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%7D&dcm_cid=1701706125.1&available_ga=%5B%7B%22id%22%3A%22G-3Q74QDHYNS%22%2C%22sess_id%22%3A%221701706125%22%7D%2C%7B%22id%22%3A%22G-KG696PWF7Y%22%2C%22sess_id%22%3A%221701706127%22%7D%2C%7B%22id%22%3A%22UA-85748307-2%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=G-3Q74QDHYNS&dxver=4.0.0&shaid=32293&plh=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D10846%26mfc_pref%3DT%2610846.donation%3Dform1%26monthly%3Dfalse%26cid%3DMobile_SMS%3ASFMC%3AAnnual_GT%3AGEN_B%3A112823%26mn%3DBR-SMS-112823-Annual_GT-GEN_B%26mk%3D33265268&cb=70186358532440720&term=value&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue
52.42.124.195200 OK 1.3 kB URL GET HTTP/1.1 px.mountain.com/st?ga_tracking_id=G-3Q74QDHYNS&ga_client_id=955907868.1701706125&shpt=5X%20MATCH%20A%20GIFT%20FOR%20CHILDREN%20THIS%20GIVING%20TUESDAY%20%20-%20Save%20the%20Children&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-3Q74QDHYNS%22%2C%22ga_client_id%22%3A%22955907868.1701706125%22%2C%22shpt%22%3A%225X%20MATCH%20A%20GIFT%20FOR%20CHILDREN%20THIS%20GIVING%20TUESDAY%20%20-%20Save%20the%20Children%22%2C%22dcm_cid%22%3A%221701706125.1%22%2C%22mntnis%22%3A%22AZflz345GlzsfNShT%2Fl7yB%2FpuRhBaYYP%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%7D&dcm_cid=1701706125.1&available_ga=%5B%7B%22id%22%3A%22G-3Q74QDHYNS%22%2C%22sess_id%22%3A%221701706125%22%7D%2C%7B%22id%22%3A%22G-KG696PWF7Y%22%2C%22sess_id%22%3A%221701706127%22%7D%2C%7B%22id%22%3A%22UA-85748307-2%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=G-3Q74QDHYNS&dxver=4.0.0&shaid=32293&plh=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D10846%26mfc_pref%3DT%2610846.donation%3Dform1%26monthly%3Dfalse%26cid%3DMobile_SMS%3ASFMC%3AAnnual_GT%3AGEN_B%3A112823%26mn%3DBR-SMS-112823-Annual_GT-GEN_B%26mk%3D33265268&cb=70186358532440720&term=value&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue
IP 52.42.124.195:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoDaddy.com, Inc.
Subject*.mountain.com
Fingerprint60:38:AB:C1:29:01:0A:9E:70:DF:E1:A9:65:7C:E4:4D:66:48:51:62
ValidityMon, 12 Jun 2023 16:30:05 GMT - Sun, 23 Jun 2024 07:06:21 GMT
File type ASCII text, with very long lines (2469)
Hash 879225e9df44e3765b992665f9eb9f4f
292216e996c18643cfae3777770634aef3380d44
acc0ab7061e1ca2435b6e6395c8b0c471e5a8ee69a030f198b394b7be428d805
GET /st?ga_tracking_id=G-3Q74QDHYNS&ga_client_id=955907868.1701706125&shpt=5X%20MATCH%20A%20GIFT%20FOR%20CHILDREN%20THIS%20GIVING%20TUESDAY%20%20-%20Save%20the%20Children&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-3Q74QDHYNS%22%2C%22ga_client_id%22%3A%22955907868.1701706125%22%2C%22shpt%22%3A%225X%20MATCH%20A%20GIFT%20FOR%20CHILDREN%20THIS%20GIVING%20TUESDAY%20%20-%20Save%20the%20Children%22%2C%22dcm_cid%22%3A%221701706125.1%22%2C%22mntnis%22%3A%22AZflz345GlzsfNShT%2Fl7yB%2FpuRhBaYYP%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%7D&dcm_cid=1701706125.1&available_ga=%5B%7B%22id%22%3A%22G-3Q74QDHYNS%22%2C%22sess_id%22%3A%221701706125%22%7D%2C%7B%22id%22%3A%22G-KG696PWF7Y%22%2C%22sess_id%22%3A%221701706127%22%7D%2C%7B%22id%22%3A%22UA-85748307-2%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=G-3Q74QDHYNS&dxver=4.0.0&shaid=32293&plh=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D10846%26mfc_pref%3DT%2610846.donation%3Dform1%26monthly%3Dfalse%26cid%3DMobile_SMS%3ASFMC%3AAnnual_GT%3AGEN_B%3A112823%26mn%3DBR-SMS-112823-Annual_GT-GEN_B%26mk%3D33265268&cb=70186358532440720&term=value&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Mon, 04 Dec 2023 16:08:42 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: guid=651444f3-92bf-11ee-a526-a353e93bcf2d;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 0
server: istio-envoy
connection: close
transfer-encoding: chunked
ocsp.starfieldtech.com/
192.124.249.41 2.1 kB IP 192.124.249.41:0
Hash d2c6ea60d9e3ba9a7f90e61461a10b0f
77d26770d0c390096e3405e2f32604282beb9b83
6928a39dd90591843e3a810d9bae0d998529aac3a04791a9c1c4255151252f06
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 04 Dec 2023 16:08:42 GMT
Content-Type: application/ocsp-response
Content-Length: 2149
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 04 Dec 2023 11:14:45 GMT
Expires: Tue, 05 Dec 2023 11:14:45 GMT
ETag: "77d26770d0c390096e3405e2f32604282beb9b83"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
gs.mountain.com/gs
34.212.4.35200 OK 144 B IP 34.212.4.35:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoDaddy.com, Inc.
Subject*.mountain.com
Fingerprint60:38:AB:C1:29:01:0A:9E:70:DF:E1:A9:65:7C:E4:4D:66:48:51:62
ValidityMon, 12 Jun 2023 16:30:05 GMT - Sun, 23 Jun 2024 07:06:21 GMT
File type ASCII text, with no line terminators
Hash e36cbb5827cce8f33441878dc52a74da
6311a9f01736fdced5166416002e0809d16f7d9c
08e9fe237b2c7930ad64623426cfe2e591bd568d2c9abd22ed4fdf112f13daf9
GET /gs HTTP/1.1
Host: gs.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Cookie: guid=651444f3-92bf-11ee-a526-a353e93bcf2d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Mon, 04 Dec 2023 16:08:43 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: application/javascript;charset=utf-8
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 144
x-envoy-upstream-service-time: 2
server: istio-envoy
connection: close
px.mountain.com/st?ga_tracking_id=G-3Q74QDHYNS&ga_client_id=955907868.1701706125&shpt=5X%20MATCH%20A%20GIFT%20FOR%20CHILDREN%20THIS%20GIVING%20TUESDAY%20%20-%20Save%20the%20Children&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-3Q74QDHYNS%22%2C%22ga_client_id%22%3A%22955907868.1701706125%22%2C%22shpt%22%3A%225X%20MATCH%20A%20GIFT%20FOR%20CHILDREN%20THIS%20GIVING%20TUESDAY%20%20-%20Save%20the%20Children%22%2C%22dcm_cid%22%3A%221701706125.1%22%2C%22mntnis%22%3A%22AZflz345GlzsfNShT%2Fl7yB%2FpuRhBaYYP%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%7D&dcm_cid=1701706125.1&available_ga=%5B%7B%22id%22%3A%22G-3Q74QDHYNS%22%2C%22sess_id%22%3A%221701706125%22%7D%2C%7B%22id%22%3A%22G-KG696PWF7Y%22%2C%22sess_id%22%3A%221701706127%22%7D%2C%7B%22id%22%3A%22UA-85748307-2%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=G-3Q74QDHYNS&dxver=4.0.0&shaid=32293&plh=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D10846%26mfc_pref%3DT%2610846.donation%3Dform1%26monthly%3Dfalse%26cid%3DMobile_SMS%3ASFMC%3AAnnual_GT%3AGEN_B%3A112823%26mn%3DBR-SMS-112823-Annual_GT-GEN_B%26mk%3D33265268&term=value&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue&cb=1701706122730521&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1701706123504
52.37.218.4200 OK 1.5 kB URL GET HTTP/1.1 px.mountain.com/st?ga_tracking_id=G-3Q74QDHYNS&ga_client_id=955907868.1701706125&shpt=5X%20MATCH%20A%20GIFT%20FOR%20CHILDREN%20THIS%20GIVING%20TUESDAY%20%20-%20Save%20the%20Children&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-3Q74QDHYNS%22%2C%22ga_client_id%22%3A%22955907868.1701706125%22%2C%22shpt%22%3A%225X%20MATCH%20A%20GIFT%20FOR%20CHILDREN%20THIS%20GIVING%20TUESDAY%20%20-%20Save%20the%20Children%22%2C%22dcm_cid%22%3A%221701706125.1%22%2C%22mntnis%22%3A%22AZflz345GlzsfNShT%2Fl7yB%2FpuRhBaYYP%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%7D&dcm_cid=1701706125.1&available_ga=%5B%7B%22id%22%3A%22G-3Q74QDHYNS%22%2C%22sess_id%22%3A%221701706125%22%7D%2C%7B%22id%22%3A%22G-KG696PWF7Y%22%2C%22sess_id%22%3A%221701706127%22%7D%2C%7B%22id%22%3A%22UA-85748307-2%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=G-3Q74QDHYNS&dxver=4.0.0&shaid=32293&plh=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D10846%26mfc_pref%3DT%2610846.donation%3Dform1%26monthly%3Dfalse%26cid%3DMobile_SMS%3ASFMC%3AAnnual_GT%3AGEN_B%3A112823%26mn%3DBR-SMS-112823-Annual_GT-GEN_B%26mk%3D33265268&term=value&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue&cb=1701706122730521&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1701706123504
IP 52.37.218.4:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoDaddy.com, Inc.
Subject*.mountain.com
Fingerprint60:38:AB:C1:29:01:0A:9E:70:DF:E1:A9:65:7C:E4:4D:66:48:51:62
ValidityMon, 12 Jun 2023 16:30:05 GMT - Sun, 23 Jun 2024 07:06:21 GMT
File type ASCII text, with very long lines (5693), with no line terminators
Hash 4155ee8d2c3b8ea29cfd8b7afb8fe9eb
38f0cb57019b95c1e8f7a96184a5a29913134b1a
065da5811da6f87fa9a43091863b5eb42f3a798472eab2e5c4c9a879f04aef15
GET /st?ga_tracking_id=G-3Q74QDHYNS&ga_client_id=955907868.1701706125&shpt=5X%20MATCH%20A%20GIFT%20FOR%20CHILDREN%20THIS%20GIVING%20TUESDAY%20%20-%20Save%20the%20Children&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-3Q74QDHYNS%22%2C%22ga_client_id%22%3A%22955907868.1701706125%22%2C%22shpt%22%3A%225X%20MATCH%20A%20GIFT%20FOR%20CHILDREN%20THIS%20GIVING%20TUESDAY%20%20-%20Save%20the%20Children%22%2C%22dcm_cid%22%3A%221701706125.1%22%2C%22mntnis%22%3A%22AZflz345GlzsfNShT%2Fl7yB%2FpuRhBaYYP%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%7D%7D&dcm_cid=1701706125.1&available_ga=%5B%7B%22id%22%3A%22G-3Q74QDHYNS%22%2C%22sess_id%22%3A%221701706125%22%7D%2C%7B%22id%22%3A%22G-KG696PWF7Y%22%2C%22sess_id%22%3A%221701706127%22%7D%2C%7B%22id%22%3A%22UA-85748307-2%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=G-3Q74QDHYNS&dxver=4.0.0&shaid=32293&plh=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D10846%26mfc_pref%3DT%2610846.donation%3Dform1%26monthly%3Dfalse%26cid%3DMobile_SMS%3ASFMC%3AAnnual_GT%3AGEN_B%3A112823%26mn%3DBR-SMS-112823-Annual_GT-GEN_B%26mk%3D33265268&term=value&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Ccriteo%3Dtrue&cb=1701706122730521&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1701706123504 HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Cookie: guid=651444f3-92bf-11ee-a526-a353e93bcf2d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Mon, 04 Dec 2023 16:08:44 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: tt="H4sIAAAAAAAAAKtWKlOyMtJRMjYysjSON7IwtlCyMjQ3ACIzQyMTI3MzHSW/oHiorLmlsZKVAbIIWL1BLQDVZdvQRgAAAA==";Domain=px.mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
rt="MzIyOTM6MTcwMTcwNjEyNA==";Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
guid=651444f3-92bf-11ee-a526-a353e93bcf2d;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 15
server: istio-envoy
connection: close
transfer-encoding: chunked
imgsct.cookiebot.com/1.gif?dgi=398fa4c9-90ea-4dbe-b61c-52e460fbedac
104.110.3.72200 OK 35 B URL GET HTTP/2 imgsct.cookiebot.com/1.gif?dgi=398fa4c9-90ea-4dbe-b61c-52e460fbedac
IP 104.110.3.72:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subject*.cookiebot.com
Fingerprint88:F1:D8:EB:8E:DD:6F:53:9A:31:C3:FE:59:0E:68:FE:24:2F:84:EB
ValidityMon, 17 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /1.gif?dgi=398fa4c9-90ea-4dbe-b61c-52e460fbedac HTTP/1.1
Host: imgsct.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ABPtcPoLjALncquVz3VAZRzBdG899eyTWvts7vFqOxY2fBvBTSlL0fT0-Xvuqm1ikp74Bj2Cn2g
x-goog-generation: 1698061172769999
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 35
x-goog-hash: crc32c=rX4K2g==, md5=whlt6LpBLGDCKrSRr3sUCQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 35
access-control-allow-origin: *
access-control-expose-headers: *
server: UploadServer
last-modified: Mon, 23 Oct 2023 11:39:32 GMT
etag: "c2196de8ba412c60c22ab491af7b1409"
content-type: image/gif
date: Mon, 04 Dec 2023 16:08:44 GMT
cache-control: public,max-age=1800
X-Firefox-Spdy: h2
app.leadsrx.com/visitor.php?acctTag=yqahgl42094&tz=0&ref=&u=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D10846%26mfc_pref%3DT%2610846.donation%3Dform1%26monthly%3Dfalse%26cid%3DMobile_SMS%3ASFMC%3AAnnual_GT%3AGEN_B%3A112823%26mn%3DBR-SMS-112823-Annual_GT-GEN_B%26mk%3D33265268&t=5X%20MATCH%20A%20GIFT%20FOR%20CHILDREN%20THIS%20GIVING%20TUESDAY%20-%20Save%20the%20Children&lc=null&anon=0&vin=null
44.236.243.19200 OK 9.3 kB URL GET HTTP/2 app.leadsrx.com/visitor.php?acctTag=yqahgl42094&tz=0&ref=&u=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D10846%26mfc_pref%3DT%2610846.donation%3Dform1%26monthly%3Dfalse%26cid%3DMobile_SMS%3ASFMC%3AAnnual_GT%3AGEN_B%3A112823%26mn%3DBR-SMS-112823-Annual_GT-GEN_B%26mk%3D33265268&t=5X%20MATCH%20A%20GIFT%20FOR%20CHILDREN%20THIS%20GIVING%20TUESDAY%20-%20Save%20the%20Children&lc=null&anon=0&vin=null
IP 44.236.243.19:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subject*.leadsrx.com
FingerprintA4:5F:5E:E1:0B:E1:A7:EA:53:96:FE:95:1B:BD:69:AE:EC:3D:88:95
ValidityTue, 02 May 2023 00:00:00 GMT - Sat, 01 Jun 2024 23:59:59 GMT
Hash 6ba144cd8fe8235bbd2c37a41b4259be
f924b05385ebd7e6e16039fdb80f4387903d069f
1724b72b5d6a7172683719b5bab57a8b2d8f60b053bfef0f7d875ab6766025c1
GET /visitor.php?acctTag=yqahgl42094&tz=0&ref=&u=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D10846%26mfc_pref%3DT%2610846.donation%3Dform1%26monthly%3Dfalse%26cid%3DMobile_SMS%3ASFMC%3AAnnual_GT%3AGEN_B%3A112823%26mn%3DBR-SMS-112823-Annual_GT-GEN_B%26mk%3D33265268&t=5X%20MATCH%20A%20GIFT%20FOR%20CHILDREN%20THIS%20GIVING%20TUESDAY%20-%20Save%20the%20Children&lc=null&anon=0&vin=null HTTP/1.1
Host: app.leadsrx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Origin: https://support.savethechildren.org
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 16:08:42 GMT
content-type: text/html; charset=utf-8
server: nginx/1.20.1
x-powered-by: PHP/5.6.40
access-control-allow-origin: https://support.savethechildren.org
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2
support.savethechildren.org/site/AjaxHelper;jsessionid=00000000.app30034b?NONCE_TOKEN=F499A8312DF09C0944767428C41C4078
74.123.154.123200 200 32 kB URL POST HTTP/1.1 support.savethechildren.org/site/AjaxHelper;jsessionid=00000000.app30034b?NONCE_TOKEN=F499A8312DF09C0944767428C41C4078
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (16415), with CRLF, LF line terminators
Hash 6fe15d34f901a1714f809056dac03b7a
f0ce67f9cd26a28104c67a2cc7b54eea35da6bf9
6274ea023c841db6c099c7e3d71890516fc8e494cddd6561ca21017450431a35
POST /site/AjaxHelper;jsessionid=00000000.app30034b?NONCE_TOKEN=F499A8312DF09C0944767428C41C4078 HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI4NDAwNjAiLCJhcCI6IjEzODYxMTI0MTgiLCJpZCI6IjI0OTgyZTYzMjQzZmZiZDQiLCJ0ciI6IjAzZDllOTUxMjM3MzVkZWYwZTg4ZjFhZWQwMWMzYzAwIiwidGkiOjE3MDE3MDYxMzAwNzN9fQ==
traceparent: 00-03d9e95123735def0e88f1aed01c3c00-24982e63243ffbd4-01
tracestate: 2840060@nr=0-1-2840060-1386112418-24982e63243ffbd4----1701706130073
Origin: https://support.savethechildren.org
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b; JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b; AMCV_6B0E659F56A9E70D7F000101%40AdobeOrg=179643557%7CMCIDTS%7C19696%7CMCMID%7C64852152757430465710921589234807450004%7CMCAID%7CNONE%7CMCOPTOUT-1701713327s%7CNONE%7CvVersion%7C5.5.0; mbox=session#82ab5f576e9343cf973cb9fd95620eb9#1701707986; at_check=true; stc-analytics-source=Web|Mobile_SMS|SFMC|Annual_GT|GEN_B|11/28/2023; stc-session-count=0; _sfid_58d2={%22anonymousId%22:%22c95ab858674022dd%22%2C%22consents%22:[]}; _evga_c797={%22uuid%22:%22c95ab858674022dd%22}; _ga_3Q74QDHYNS=GS1.1.1701706125.1.0.1701706125.60.0.0; _ga=GA1.1.955907868.1701706125; _omappvp=Q5msHWF5WaZFKd5RULApUVomXBwdpcFtxYYseRDD1NcCcirXeRzS2uEUgw1cEOlfA8TK9DM4Awqu31643cb28v3F3FivQNIr; _omappvs=1701706125276; stc-analytics-sub_source=|||||; s_ppv=5X%2520MATCH%2520A%2520GIFT%2520FOR%2520CHILDREN%2520THIS%2520GIVING%2520TUESDAY%2520%2C25%2C25%2C1024%2C1%2C4; s_ecid=MCMID%7C64852152757430465710921589234807450004; __cf_bm=LihHBOCkn5fbOjpS_lUX60vxUjw9YRt4AesohU9uZfw-1701706120-0-ATZ6YzlcGp5UyTdKgXu0vZyyiC783VTK4i+8m+/B30eriMHaOUq9Re/0RFVhMCKexr60xGW/Rz3xVKmkHP5Zgyg=; s_ips=1024; s_tp=4138; _rdt_uuid=1701706126939.c7556dc4-812d-4cfd-b915-6564a558f9bd; _gcl_au=1.1.682044295.1701706127; _ga_KG696PWF7Y=GS1.1.1701706127.1.0.1701706127.0.0.0; AMCVS_6B0E659F56A9E70D7F000101%40AdobeOrg=1; s_nr30=1701706127617-New; s_cc=true; _uetsid=6804392092bf11eea663d1c538520734; _uetvid=6804665092bf11eeb8b1337b86085565
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/1.1 200 200
Date: Mon, 04 Dec 2023 16:08:44 GMT
Server: Apache
X-Content-Type-Options: nosniff
Cache-Control: no-store
Pragma: no-cache
Set-Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b; Path=/site/
JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b;Path=/site/CRConsAPI; Secure; SameSite=None
JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b;Path=/site/CrmRest; Secure; SameSite=None
JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b;Path=/site/AnonymousLogin; Secure; SameSite=None
JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b;Path=/site/CRDonationAPI; Secure; SameSite=None
Content-Security-Policy: frame-ancestors 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com; report-uri https://support.savethechildren.org/site/XFrameViolation
X-Frame-Options: allow-from 'self' *.facebook.com *.salesforce.com *.convio.net *.google.com *.force.com facebook.com salesforce.com convio.net google.com force.com
Keep-Alive: timeout=15, max=455
Connection: Keep-Alive
Content-Type: text/html;charset=ISO-8859-1
Content-Encoding: gzip
Transfer-Encoding: chunked
safevisit.online/?lcid=11106
216.239.36.21200 OK 1.2 kB URL GET HTTP/2 safevisit.online/?lcid=11106
IP 216.239.36.21:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoogle Trust Services LLC
Subjectsafevisit.online
FingerprintF4:6E:96:30:37:5E:D4:66:2D:85:3D:5D:8F:AC:AB:8B:AF:47:35:B9
ValiditySun, 22 Oct 2023 18:11:18 GMT - Sat, 20 Jan 2024 19:00:29 GMT
Hash c0b31cc31ab9f8b2c231526bcca035ec
fac078e6424da60f3daa8a964038e360776b6f10
7ef68eab2391feb6060e8d12653bc2f4cb5bc748b6e81e0be0b1138f962a34b8
GET /?lcid=11106 HTTP/1.1
Host: safevisit.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000
x-frame-options: Deny
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'self'
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
x-cloud-trace-context: b72ccb41b069095f61c5fdc42174597f
date: Mon, 04 Dec 2023 16:08:44 GMT
server: Google Frontend
cache-control: private
content-length: 1216
X-Firefox-Spdy: h2
a.opmnstr.com/app/js/32.b9065693.min.js
194.242.11.186200 OK 4.4 kB URL GET HTTP/2 a.opmnstr.com/app/js/32.b9065693.min.js
IP 194.242.11.186:443
ASN #34989 ServeTheWorld AS
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerLet's Encrypt
Subjecta.opmnstr.com
FingerprintD4:71:80:01:7A:24:C3:E9:2C:46:BB:21:1B:F7:59:08:82:48:D3:47
ValiditySat, 18 Nov 2023 14:16:22 GMT - Fri, 16 Feb 2024 14:16:21 GMT
File type Unicode text, UTF-8 text, with very long lines (11265)
Hash 6fd48ead83fa7ab24afa74a2032e960c
082747f18091761fa46359c6fc6e3cc1920adc17
978277c7385002bbd8eca4f51d7bdac7424ef8c6d267066e36b018b25bf88f7a
GET /app/js/32.b9065693.min.js HTTP/1.1
Host: a.opmnstr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 16:08:40 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"65088832-2c41"
last-modified: Mon, 18 Sep 2023 17:26:10 GMT
cdn-storageserver: SE-318
cdn-requestpullsuccess: True
cdn-fileserver: 584
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 12/01/2023 17:47:11
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: cbfc641baf71fd90027bcf5da338dbdb
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
doublethedonation.com/api/v1/plugin_settings?customer_id=u4oOeQcUvunHGfoH
23.96.109.67200 OK 11 kB URL GET HTTP/2 doublethedonation.com/api/v1/plugin_settings?customer_id=u4oOeQcUvunHGfoH
IP 23.96.109.67:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerLet's Encrypt
Subjectdoublethedonation.com
Fingerprint46:95:69:EA:93:24:64:81:FD:96:17:CF:6B:8C:37:99:80:F1:63:04
ValidityMon, 30 Oct 2023 19:00:32 GMT - Sun, 28 Jan 2024 19:00:31 GMT
File type JSON data\012- , ASCII text, with very long lines (953), with no line terminators
Hash 7c5e1cbe26323264fafdca05069f6d58
15ad51d65e463d9cb68ea4709d6b2bc8cc2368ee
5b424602d8b5823f69cde69a72e91150959002ca8434d6b199c368adba91d143
GET /api/v1/plugin_settings?customer_id=u4oOeQcUvunHGfoH HTTP/1.1
Host: doublethedonation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://support.savethechildren.org
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 16:08:44 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Source+Sans+Pro%3Aital%2Cwght%400%2C400%3B0%2C500%3B0%2C600%3B0%2C700%3B0%2C800&display=swap
142.250.74.106200 OK 1.2 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Source+Sans+Pro%3Aital%2Cwght%400%2C400%3B0%2C500%3B0%2C600%3B0%2C700%3B0%2C800&display=swap
IP 142.250.74.106:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type gzip compressed data, max compression\012- data
Hash 4dd69d5522e3452ddc4ddb92936e617f
5f6afdd7db95deee303192d89355556cf7171051
4e20196bf0290bb328bb47ef3a43c332902abe5db161f2b5d7e06217cb461588
GET /css2?family=Source+Sans+Pro%3Aital%2Cwght%400%2C400%3B0%2C500%3B0%2C600%3B0%2C700%3B0%2C800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 04 Dec 2023 16:08:45 GMT
date: Mon, 04 Dec 2023 16:08:45 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
216.58.207.227200 OK 15 kB URL GET HTTP/3 fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
IP 216.58.207.227:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 14712, version 1.0\012- data
Hash 3afeae0d768769f5e5f30ac9805c5b70
3ada17c2b462db3e7a1fd85c3f4670dfe7704f4d
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
GET /s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://support.savethechildren.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14712
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 00:33:04 GMT
expires: Fri, 29 Nov 2024 00:33:04 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
content-type: font/woff2
age: 401741
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
216.58.207.227200 OK 15 kB URL GET HTTP/3 fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 216.58.207.227:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 14892, version 1.0\012- data
Hash 9ec6deaf6bada919e20b98f9f7b718b1
501d36403ad8205e4644532600019ecb10f5cb0a
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
GET /s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://support.savethechildren.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 23:56:59 GMT
expires: Thu, 28 Nov 2024 23:56:59 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
content-type: font/woff2
age: 403906
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
216.58.207.227200 OK 15 kB URL GET HTTP/3 fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
IP 216.58.207.227:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 14824, version 1.0\012- data
Hash 48598bad30f08e1c3eb3d0e69b420bd5
28c2cf160273c2062f909a875c4b4c0541ee2f84
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
GET /s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://support.savethechildren.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:36:57 GMT
expires: Thu, 28 Nov 2024 21:36:57 GMT
cache-control: public, max-age=31536000
age: 412308
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
safevisit.online/?lcid=11106&ncookie=a1d3878a-7aba-4fea-992b-3e4e0463dfa4&furl=aHR0cHM6Ly9zdXBwb3J0LnNhdmV0aGVjaGlsZHJlbi5vcmcvc2l0ZS9Eb25hdGlvbjI/ZGZfaWQ9MTA4NDYmbWZjX3ByZWY9VCYxMDg0Ni5kb25hdGlvbj1mb3JtMSZtb250aGx5PWZhbHNlJmNpZD1Nb2JpbGVfU01TOlNGTUM6QW5udWFsX0dUOkdFTl9COjExMjgyMyZtbj1CUi1TTVMtMTEyODIzLUFubnVhbF9HVC1HRU5fQiZtaz0zMzI2NTI2OA==
216.239.36.21200 OK 0 B URL GET HTTP/2 safevisit.online/?lcid=11106&ncookie=a1d3878a-7aba-4fea-992b-3e4e0463dfa4&furl=aHR0cHM6Ly9zdXBwb3J0LnNhdmV0aGVjaGlsZHJlbi5vcmcvc2l0ZS9Eb25hdGlvbjI/ZGZfaWQ9MTA4NDYmbWZjX3ByZWY9VCYxMDg0Ni5kb25hdGlvbj1mb3JtMSZtb250aGx5PWZhbHNlJmNpZD1Nb2JpbGVfU01TOlNGTUM6QW5udWFsX0dUOkdFTl9COjExMjgyMyZtbj1CUi1TTVMtMTEyODIzLUFubnVhbF9HVC1HRU5fQiZtaz0zMzI2NTI2OA==
IP 216.239.36.21:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoogle Trust Services LLC
Subjectsafevisit.online
FingerprintF4:6E:96:30:37:5E:D4:66:2D:85:3D:5D:8F:AC:AB:8B:AF:47:35:B9
ValiditySun, 22 Oct 2023 18:11:18 GMT - Sat, 20 Jan 2024 19:00:29 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?lcid=11106&ncookie=a1d3878a-7aba-4fea-992b-3e4e0463dfa4&furl=aHR0cHM6Ly9zdXBwb3J0LnNhdmV0aGVjaGlsZHJlbi5vcmcvc2l0ZS9Eb25hdGlvbjI/ZGZfaWQ9MTA4NDYmbWZjX3ByZWY9VCYxMDg0Ni5kb25hdGlvbj1mb3JtMSZtb250aGx5PWZhbHNlJmNpZD1Nb2JpbGVfU01TOlNGTUM6QW5udWFsX0dUOkdFTl9COjExMjgyMyZtbj1CUi1TTVMtMTEyODIzLUFubnVhbF9HVC1HRU5fQiZtaz0zMzI2NTI2OA== HTTP/1.1
Host: safevisit.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-cloud-trace-context: 0651d81756c19d5c0688bdb29c7f1e7a
date: Mon, 04 Dec 2023 16:08:45 GMT
server: Google Frontend
content-length: 0
X-Firefox-Spdy: h2
a.omappapi.com/users/0aa36367c604/images/3a07173fc6ca1598286585-CH1380099.jpg?width=500
194.242.11.186200 OK 17 kB URL GET HTTP/2 a.omappapi.com/users/0aa36367c604/images/3a07173fc6ca1598286585-CH1380099.jpg?width=500
IP 194.242.11.186:443
ASN #34989 ServeTheWorld AS
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerLet's Encrypt
Subjecta.omappapi.com
Fingerprint8C:9B:22:AA:DD:4C:D5:F7:5F:E0:F8:46:45:87:86:1C:D9:E6:95:3C
ValiditySat, 18 Nov 2023 14:16:22 GMT - Fri, 16 Feb 2024 14:16:21 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x333, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash eb62ff90065f5bf2ce9959544ba8f27b
b40fe0f5b8369d07cb2d21d49f8cd1d277c1c503
76fa53684e5a6b8a5540c30950874f681d068b19c3eaf7b9997dbd5f047645d3
GET /users/0aa36367c604/images/3a07173fc6ca1598286585-CH1380099.jpg?width=500 HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 16:08:45 GMT
content-type: image/webp
content-length: 17146
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "647617e5-42fa"
last-modified: Tue, 30 May 2023 15:36:05 GMT
cdn-storageserver: SE-344
cdn-requestpullsuccess: True
cdn-fileserver: 385
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 12/02/2023 14:26:57
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 72077f7b4f598822bfa47c0769baa110
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
z.omappapi.com/v3/i?aid=71376&cid=hxjirpzidj0hqhbcivvz&sid=5e861de56bd53&rt=false&dv=desktop&cty=popup&url=site%2Fdonation2&v=5
178.128.135.232204 No Content 0 B URL GET HTTP/1.1 z.omappapi.com/v3/i?aid=71376&cid=hxjirpzidj0hqhbcivvz&sid=5e861de56bd53&rt=false&dv=desktop&cty=popup&url=site%2Fdonation2&v=5
IP 178.128.135.232:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerLet's Encrypt
Subjectz.omappapi.com
Fingerprint53:D0:FC:80:CD:36:56:DD:DF:3A:39:37:3E:33:9F:F9:DF:29:7F:38
ValidityThu, 02 Nov 2023 05:32:59 GMT - Wed, 31 Jan 2024 05:32:58 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/i?aid=71376&cid=hxjirpzidj0hqhbcivvz&sid=5e861de56bd53&rt=false&dv=desktop&cty=popup&url=site%2Fdonation2&v=5 HTTP/1.1
Host: z.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://support.savethechildren.org
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Date: Mon, 04 Dec 2023 16:08:46 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://support.savethechildren.org
vary: Origin
Access-Control-Allow-Credentials: true
X-Kong-Response-Latency: 17
Server: kong/3.4.2
aus5.mozilla.org/update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml
35.244.181.201 5.8 kB URL aus5.mozilla.org/update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml
IP 35.244.181.201:0
File type gzip compressed data, max speed, from Unix\012- data
Hash 26f74a51f3a41ab81bb1600c4dff77f8
94f623e1202d4fe4243e01b574201944e21ac815
68c20496e6e0670329c0a07f07d26fa6c870903c3c5f0f5082d8f6a09373be62
GET /update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 16:08:54 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=90
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-01-19-16-42-22.chain; p384ecdsa=KSBvlVHrJRhcMlRtC4khfk5SLY91lXaf8S8r7H2c1yBGAKYEPLvBTP0RZGBhVuKInympjeTY0hVpbEuHT1M6mRs3UTRaEHDhqyUcKqWtmc66wY91q9VhuG5dBhqt-e_4
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: MISS
content-encoding: gzip
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
dx2eq2oh924g4.cloudfront.net/js/stc-scripts.js?v=4.66.0
54.230.241.208200 OK 23 kB URL GET HTTP/2 dx2eq2oh924g4.cloudfront.net/js/stc-scripts.js?v=4.66.0
IP 54.230.241.208:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash fdc123f9f7d1fd55e3e15dab3a4dd22a
d13b55ecef896741fcdd43e5dde74c3183a24e77
cef75606bd592f8acec467004e2fdb0a0960dd45d09a8fe4b7cfe94aaad72e50
GET /js/stc-scripts.js?v=4.66.0 HTTP/1.1
Host: dx2eq2oh924g4.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 30 Nov 2023 23:16:11 GMT
last-modified: Thu, 30 Nov 2023 22:55:02 GMT
etag: W/"3a44c5e2b8928c0511ea9ee8d1c2d9b4"
x-amz-server-side-encryption: AES256
cache-control: max-age=604801
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fxI1uPBTGh_5VUgleZk1jXJmO8rXurn-YijTW93IYaN34OXNnlsIUQ==
age: 319947
X-Firefox-Spdy: h2
ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
2.22.61.59 512 kB URL ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
IP 2.22.61.59:0
ASN #20940 Akamai International B.V.
File type Zip archive data, at least v2.0 to extract, compression method=deflate\012- data
Size 512 kB (511815 bytes)
Hash 152eda253e242e18443ef3282495bc7c
ff0fa85565f21ec4931baad4573b4c0bd08c4019
8e03090fee16f6e0ee2e436af8e51d0c3deed6d9f0db80dec048e668fc009a48
GET /openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1
Host: ciscobinary.openh264.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Last-Modified: Thu, 16 Nov 2023 07:38:15 GMT
ETag: 152eda253e242e18443ef3282495bc7c
Content-Length: 511815
Accept-Ranges: bytes
X-Timestamp: 1700120294.87662
Content-Type: application/zip
X-Trans-Id: tx35e1afa589ba4bd9a93ea-006556c567dfw1
Cache-Control: public, max-age=138202
Expires: Wed, 06 Dec 2023 06:32:16 GMT
Date: Mon, 04 Dec 2023 16:08:54 GMT
Connection: keep-alive
www.redditstatic.com/ads/pixel.js
151.101.65.140200 OK 24 kB URL GET HTTP/2 www.redditstatic.com/ads/pixel.js
IP 151.101.65.140:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectwww.redditstatic.com
Fingerprint5B:10:93:15:D0:06:B8:27:DD:C8:15:7C:8A:49:4B:AD:06:D3:8E:15
ValidityFri, 25 Aug 2023 00:00:00 GMT - Wed, 21 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (23776)
Hash 78b6c68984a6ce5b3fcac1c6a9cad00c
02e1d366a17506cea8adfe5a15949aca89719a02
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 04 Dec 2023 16:08:40 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7409
X-Firefox-Spdy: h2
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RCa936c8bc0c884f37b4bee03803944967-source.min.js
23.38.200.237200 OK 2.3 kB URL GET HTTP/2 assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RCa936c8bc0c884f37b4bee03803944967-source.min.js
IP 23.38.200.237:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectassets.adobedtm.com
Fingerprint8E:2F:9F:94:55:93:C2:B5:58:37:E8:D3:02:3C:23:AF:BA:E7:1D:EA
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (2465), with no line terminators
Hash e0fe1b138a447101499f003f59194c97
62b9824105e067b2bed4c58b254151f4990c8db4
3fc28233c2d8eff1ed98f8bce1856c674610c0e30e37b39281127a120a914949
GET /a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RCa936c8bc0c884f37b4bee03803944967-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "252a0685667d75f706f7ad6305aaf74d:1699559965.281264"
last-modified: Thu, 09 Nov 2023 19:59:25 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 04 Dec 2023 17:08:40 GMT
date: Mon, 04 Dec 2023 16:08:40 GMT
content-length: 812
access-control-allow-origin: https://support.savethechildren.org
timing-allow-origin: *
X-Firefox-Spdy: h2
pt.ispot.tv/v2/TC-4134-1.gif?app=web&type=visit
151.101.130.132200 OK 43 B URL GET HTTP/2 pt.ispot.tv/v2/TC-4134-1.gif?app=web&type=visit
IP 151.101.130.132:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerLet's Encrypt
Subject*.ispot.tv
Fingerprint99:E3:78:C5:40:08:FF:0B:4B:6B:A5:29:BC:F4:0A:D6:3F:FC:60:F3
ValidityFri, 10 Nov 2023 12:11:30 GMT - Thu, 08 Feb 2024 12:11:29 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 29ba9031be4bed78916face2e9c5f7fc
5bb4f538d932f769d6872470147221e18b9265ba
0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3
GET /v2/TC-4134-1.gif?app=web&type=visit HTTP/1.1
Host: pt.ispot.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/gif
accept-ranges: bytes
date: Mon, 04 Dec 2023 16:08:40 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
content-length: 43
X-Firefox-Spdy: h2
a.omappapi.com/users/0aa36367c604/images/3a07173fc6ca1598286585-CH1380099.jpg?width=1000
0.0.0.0 0 B URL GET a.omappapi.com/users/0aa36367c604/images/3a07173fc6ca1598286585-CH1380099.jpg?width=1000
IP 0.0.0.0:0
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerLet's Encrypt
Subjecta.omappapi.com
Fingerprint8C:9B:22:AA:DD:4C:D5:F7:5F:E0:F8:46:45:87:86:1C:D9:E6:95:3C
ValiditySat, 18 Nov 2023 14:16:22 GMT - Fri, 16 Feb 2024 14:16:21 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /users/0aa36367c604/images/3a07173fc6ca1598286585-CH1380099.jpg?width=1000 HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
a.opmnstr.com/app/js/9.c66ab701.min.js
194.242.11.186200 OK 2.2 kB URL GET HTTP/2 a.opmnstr.com/app/js/9.c66ab701.min.js
IP 194.242.11.186:443
ASN #34989 ServeTheWorld AS
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerLet's Encrypt
Subjecta.opmnstr.com
FingerprintD4:71:80:01:7A:24:C3:E9:2C:46:BB:21:1B:F7:59:08:82:48:D3:47
ValiditySat, 18 Nov 2023 14:16:22 GMT - Fri, 16 Feb 2024 14:16:21 GMT
File type HTML document, ASCII text, with very long lines (2267), with no line terminators
Hash 9ad2b8c3cc6250eb1226968d7ea6b235
26d0b2cfd7a5f8a1be6620552863075834dd22f3
d44d1b8d7a7ea046f6acd9e9cb73c30349a57a583b94af29b672ecbb0684b2a4
GET /app/js/9.c66ab701.min.js HTTP/1.1
Host: a.opmnstr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 16:08:40 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"650896b0-879"
last-modified: Mon, 18 Sep 2023 18:28:00 GMT
cdn-storageserver: SE-318
cdn-requestpullsuccess: True
cdn-fileserver: 585
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 12/01/2023 17:47:11
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: ea7449ef0a74e9052c1c685b6519a083
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
savethechildren.us-7.evergage.com/api2/event/production?event=eyJpbnRlcmFjdGlvbiI6eyJuYW1lIjoiVmlldyBDYXRhbG9nIE9iamVjdCIsImNhdGFsb2dPYmplY3QiOnsidHlwZSI6IlByb2R1Y3QiLCJpZCI6IjEwODQ2X29uZVRpbWVfRG9uYXRpb25fRm9ybSIsImF0dHJpYnV0ZXMiOnsibmFtZSI6IldlYiBNaXNzaW9uIEdsb2JhbCBBY3Rpb24gRnVuZCAtIEV2ZXJncmVlbiIsImRlc2NyaXB0aW9uIjoiIiwidXJsIjoiaHR0cHM6Ly9zdXBwb3J0LnNhdmV0aGVjaGlsZHJlbi5vcmcvc2l0ZS9Eb25hdGlvbjI%2FZGZfaWQ9MTA4NDYmbWZjX3ByZWY9VCYxMDg0Ni5kb25hdGlvbj1mb3JtMSZtb250aGx5PWZhbHNlJmNpZD1Nb2JpbGVfU01TOlNGTUM6QW5udWFsX0dUOkdFTl9COjExMjgyMyZtbj1CUi1TTVMtMTEyODIzLUFubnVhbF9HVC1HRU5fQiZtaz0zMzI2NTI2OCIsImltYWdlVXJsIjoiaHR0cHM6Ly9keDJlcTJvaDkyNGc0LmNsb3VkZnJvbnQubmV0L2ltYWdlcy9jb250ZW50L3BhZ2VidWlsZGVyL0RvbmF0aW9uRm9ybV9GV19yaWdodF9LZW55YS1kcm91Z2h0LW1hbG51dHJpdGlvbl9DSDE2OTcxLmpwZyIsInByaWNlIjoxLCJpbnZlbnRvcnlDb3VudCI6MSwiY3VycmVuY3kiOiJVU0QifSwicmVsYXRlZENhdGFsb2dPYmplY3RzIjp7IkNhdGVnb3J5IjpbIkRvbmF0aW9uIl0sIlByb2R1Y3RUeXBlIjpbIkRvbmF0aW9uIEZvcm0iXX19fSwic291cmNlIjp7InVybCI6Imh0dHBzOi8vc3VwcG9ydC5zYXZldGhlY2hpbGRyZW4ub3JnL3NpdGUvRG9uYXRpb24yP2RmX2lkPTEwODQ2Jm1mY19wcmVmPVQmMTA4NDYuZG9uYXRpb249Zm9ybTEmbW9udGhseT1mYWxzZSZjaWQ9TW9iaWxlX1NNUzpTRk1DOkFubnVhbF9HVDpHRU5fQjoxMTI4MjMmbW49QlItU01TLTExMjgyMy1Bbm51YWxfR1QtR0VOX0ImbWs9MzMyNjUyNjgiLCJ1cmxSZWZlcnJlciI6IiIsImNoYW5uZWwiOiJXZWIiLCJiZWFjb25WZXJzaW9uIjoxNiwiY29uZmlnVmVyc2lvbiI6IjM2IiwiY29udGVudFpvbmVzIjpbXX0sInVzZXIiOnsiYW5vbnltb3VzSWQiOiJjOTVhYjg1ODY3NDAyMmRkIn0sImNvbnNlbnRzIjpbXSwiYWNjb3VudCI6e30sIl90b29sc0V2ZW50TGlua0lkIjoiODkwMDYwMjA0NzYxMjIxIiwiZXhwbGFpbiI6dHJ1ZX0%3D
44.228.124.45200 OK 137 B URL GET HTTP/2 savethechildren.us-7.evergage.com/api2/event/production?event=eyJpbnRlcmFjdGlvbiI6eyJuYW1lIjoiVmlldyBDYXRhbG9nIE9iamVjdCIsImNhdGFsb2dPYmplY3QiOnsidHlwZSI6IlByb2R1Y3QiLCJpZCI6IjEwODQ2X29uZVRpbWVfRG9uYXRpb25fRm9ybSIsImF0dHJpYnV0ZXMiOnsibmFtZSI6IldlYiBNaXNzaW9uIEdsb2JhbCBBY3Rpb24gRnVuZCAtIEV2ZXJncmVlbiIsImRlc2NyaXB0aW9uIjoiIiwidXJsIjoiaHR0cHM6Ly9zdXBwb3J0LnNhdmV0aGVjaGlsZHJlbi5vcmcvc2l0ZS9Eb25hdGlvbjI%2FZGZfaWQ9MTA4NDYmbWZjX3ByZWY9VCYxMDg0Ni5kb25hdGlvbj1mb3JtMSZtb250aGx5PWZhbHNlJmNpZD1Nb2JpbGVfU01TOlNGTUM6QW5udWFsX0dUOkdFTl9COjExMjgyMyZtbj1CUi1TTVMtMTEyODIzLUFubnVhbF9HVC1HRU5fQiZtaz0zMzI2NTI2OCIsImltYWdlVXJsIjoiaHR0cHM6Ly9keDJlcTJvaDkyNGc0LmNsb3VkZnJvbnQubmV0L2ltYWdlcy9jb250ZW50L3BhZ2VidWlsZGVyL0RvbmF0aW9uRm9ybV9GV19yaWdodF9LZW55YS1kcm91Z2h0LW1hbG51dHJpdGlvbl9DSDE2OTcxLmpwZyIsInByaWNlIjoxLCJpbnZlbnRvcnlDb3VudCI6MSwiY3VycmVuY3kiOiJVU0QifSwicmVsYXRlZENhdGFsb2dPYmplY3RzIjp7IkNhdGVnb3J5IjpbIkRvbmF0aW9uIl0sIlByb2R1Y3RUeXBlIjpbIkRvbmF0aW9uIEZvcm0iXX19fSwic291cmNlIjp7InVybCI6Imh0dHBzOi8vc3VwcG9ydC5zYXZldGhlY2hpbGRyZW4ub3JnL3NpdGUvRG9uYXRpb24yP2RmX2lkPTEwODQ2Jm1mY19wcmVmPVQmMTA4NDYuZG9uYXRpb249Zm9ybTEmbW9udGhseT1mYWxzZSZjaWQ9TW9iaWxlX1NNUzpTRk1DOkFubnVhbF9HVDpHRU5fQjoxMTI4MjMmbW49QlItU01TLTExMjgyMy1Bbm51YWxfR1QtR0VOX0ImbWs9MzMyNjUyNjgiLCJ1cmxSZWZlcnJlciI6IiIsImNoYW5uZWwiOiJXZWIiLCJiZWFjb25WZXJzaW9uIjoxNiwiY29uZmlnVmVyc2lvbiI6IjM2IiwiY29udGVudFpvbmVzIjpbXX0sInVzZXIiOnsiYW5vbnltb3VzSWQiOiJjOTVhYjg1ODY3NDAyMmRkIn0sImNvbnNlbnRzIjpbXSwiYWNjb3VudCI6e30sIl90b29sc0V2ZW50TGlua0lkIjoiODkwMDYwMjA0NzYxMjIxIiwiZXhwbGFpbiI6dHJ1ZX0%3D
IP 44.228.124.45:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerAmazon
Subject*.us-7.evergage.com
FingerprintFC:5D:A7:A6:00:77:1C:8A:75:2A:C6:E2:60:C7:BD:46:61:26:07:C6
ValidityTue, 01 Aug 2023 00:00:00 GMT - Thu, 29 Aug 2024 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 6e8713216502450f0e65bd1a0d527798
597c1e44b4d1593cb84916f6839ad318bc606122
38603a345be1f7888a120d981640b68f5e355055f3f2f6178f61e60ca45cdc2a
GET /api2/event/production?event=eyJpbnRlcmFjdGlvbiI6eyJuYW1lIjoiVmlldyBDYXRhbG9nIE9iamVjdCIsImNhdGFsb2dPYmplY3QiOnsidHlwZSI6IlByb2R1Y3QiLCJpZCI6IjEwODQ2X29uZVRpbWVfRG9uYXRpb25fRm9ybSIsImF0dHJpYnV0ZXMiOnsibmFtZSI6IldlYiBNaXNzaW9uIEdsb2JhbCBBY3Rpb24gRnVuZCAtIEV2ZXJncmVlbiIsImRlc2NyaXB0aW9uIjoiIiwidXJsIjoiaHR0cHM6Ly9zdXBwb3J0LnNhdmV0aGVjaGlsZHJlbi5vcmcvc2l0ZS9Eb25hdGlvbjI%2FZGZfaWQ9MTA4NDYmbWZjX3ByZWY9VCYxMDg0Ni5kb25hdGlvbj1mb3JtMSZtb250aGx5PWZhbHNlJmNpZD1Nb2JpbGVfU01TOlNGTUM6QW5udWFsX0dUOkdFTl9COjExMjgyMyZtbj1CUi1TTVMtMTEyODIzLUFubnVhbF9HVC1HRU5fQiZtaz0zMzI2NTI2OCIsImltYWdlVXJsIjoiaHR0cHM6Ly9keDJlcTJvaDkyNGc0LmNsb3VkZnJvbnQubmV0L2ltYWdlcy9jb250ZW50L3BhZ2VidWlsZGVyL0RvbmF0aW9uRm9ybV9GV19yaWdodF9LZW55YS1kcm91Z2h0LW1hbG51dHJpdGlvbl9DSDE2OTcxLmpwZyIsInByaWNlIjoxLCJpbnZlbnRvcnlDb3VudCI6MSwiY3VycmVuY3kiOiJVU0QifSwicmVsYXRlZENhdGFsb2dPYmplY3RzIjp7IkNhdGVnb3J5IjpbIkRvbmF0aW9uIl0sIlByb2R1Y3RUeXBlIjpbIkRvbmF0aW9uIEZvcm0iXX19fSwic291cmNlIjp7InVybCI6Imh0dHBzOi8vc3VwcG9ydC5zYXZldGhlY2hpbGRyZW4ub3JnL3NpdGUvRG9uYXRpb24yP2RmX2lkPTEwODQ2Jm1mY19wcmVmPVQmMTA4NDYuZG9uYXRpb249Zm9ybTEmbW9udGhseT1mYWxzZSZjaWQ9TW9iaWxlX1NNUzpTRk1DOkFubnVhbF9HVDpHRU5fQjoxMTI4MjMmbW49QlItU01TLTExMjgyMy1Bbm51YWxfR1QtR0VOX0ImbWs9MzMyNjUyNjgiLCJ1cmxSZWZlcnJlciI6IiIsImNoYW5uZWwiOiJXZWIiLCJiZWFjb25WZXJzaW9uIjoxNiwiY29uZmlnVmVyc2lvbiI6IjM2IiwiY29udGVudFpvbmVzIjpbXX0sInVzZXIiOnsiYW5vbnltb3VzSWQiOiJjOTVhYjg1ODY3NDAyMmRkIn0sImNvbnNlbnRzIjpbXSwiYWNjb3VudCI6e30sIl90b29sc0V2ZW50TGlua0lkIjoiODkwMDYwMjA0NzYxMjIxIiwiZXhwbGFpbiI6dHJ1ZX0%3D HTTP/1.1
Host: savethechildren.us-7.evergage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://support.savethechildren.org
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 16:08:40 GMT
content-type: application/json;charset=UTF-8
set-cookie: AWSALBTG=xJg1mFHPkGmTilzp9ZXYYOQZPv8GyDm3o/fHwC87cuTkQw8yLtFo3U3SZNRhcGkbSd+rG+eoCpvRm3K55XrAQiCbeWrM2yb1Z4npm9ySiEdPp7mFw5VFAXgtpHaKg0swMqXr/ys7EoOQYVM5xYI67/7AUPuFIr3lBuDsgiIZQko1WXqpwVM=; Expires=Mon, 11 Dec 2023 16:08:40 GMT; Path=/
AWSALBTGCORS=xJg1mFHPkGmTilzp9ZXYYOQZPv8GyDm3o/fHwC87cuTkQw8yLtFo3U3SZNRhcGkbSd+rG+eoCpvRm3K55XrAQiCbeWrM2yb1Z4npm9ySiEdPp7mFw5VFAXgtpHaKg0swMqXr/ys7EoOQYVM5xYI67/7AUPuFIr3lBuDsgiIZQko1WXqpwVM=; Expires=Mon, 11 Dec 2023 16:08:40 GMT; Path=/; SameSite=None; Secure
AWSALB=pyDrcPiq6vm69JVUa75Xx1oN9Msr1dSJpNYi17/RJ2vOncf2aidAJFpYjnYlGdcAeDVDj3mkCqxNNfvx3McLKu843YJZRwXfHnLXXWyklYhJ8AZ80RqYblhnXOB4; Expires=Mon, 11 Dec 2023 16:08:40 GMT; Path=/
AWSALBCORS=pyDrcPiq6vm69JVUa75Xx1oN9Msr1dSJpNYi17/RJ2vOncf2aidAJFpYjnYlGdcAeDVDj3mkCqxNNfvx3McLKu843YJZRwXfHnLXXWyklYhJ8AZ80RqYblhnXOB4; Expires=Mon, 11 Dec 2023 16:08:40 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: https://support.savethechildren.org
timing-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-content-type-options: nosniff
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RCdf97c21987224be8af27283b54dab3fa-source.min.js
23.38.200.237200 OK 1.6 kB URL GET HTTP/2 assets.adobedtm.com/a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RCdf97c21987224be8af27283b54dab3fa-source.min.js
IP 23.38.200.237:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectassets.adobedtm.com
Fingerprint8E:2F:9F:94:55:93:C2:B5:58:37:E8:D3:02:3C:23:AF:BA:E7:1D:EA
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (1625), with no line terminators
Hash 166c32d92027321f74e832874903689a
62adf285f9141406d1f30994fbd274fd929549d2
563f42dbc24d3a1344b813af05487c584507d77344b84978723f5d8e2564740b
GET /a9de570d9caa/b01a1f4bb0c4/ea82b2fe0814/RCdf97c21987224be8af27283b54dab3fa-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "252a0685667d75f706f7ad6305aaf74d:1699559965.281264"
last-modified: Thu, 09 Nov 2023 19:59:25 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 04 Dec 2023 17:08:40 GMT
date: Mon, 04 Dec 2023 16:08:40 GMT
content-length: 781
access-control-allow-origin: https://support.savethechildren.org
timing-allow-origin: *
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6LcVyLgZAAAAAIaCdeocZ0n27ZV5AVFs-ptKOles
142.250.74.164200 OK 884 B URL GET HTTP/2 www.google.com/recaptcha/api.js?render=6LcVyLgZAAAAAIaCdeocZ0n27ZV5AVFs-ptKOles
IP 142.250.74.164:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
File type ASCII text, with very long lines (884), with no line terminators
Hash df1a07e811421f0403f88196e550dbf4
252fa58807fabb3d98ecf8c4665d73187f053311
9fa23f5af9bf709c28a9432f8df576111152d2ebb6b5b820654a2fe8d1c85c7f
GET /recaptcha/api.js?render=6LcVyLgZAAAAAIaCdeocZ0n27ZV5AVFs-ptKOles HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Mon, 04 Dec 2023 16:08:37 GMT
date: Mon, 04 Dec 2023 16:08:37 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3Q74QDHYNS&cid=955907868.1701706125>m=45je3bt0v9122470923z878838918&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=362531133
142.250.74.163200 OK 42 B URL GET HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3Q74QDHYNS&cid=955907868.1701706125>m=45je3bt0v9122470923z878838918&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=362531133
IP 142.250.74.163:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint6E:E4:BC:4A:67:5E:46:6A:B3:E4:CA:61:A7:C0:97:AB:14:F0:34:32
ValidityMon, 23 Oct 2023 11:27:27 GMT - Mon, 15 Jan 2024 11:27:26 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3Q74QDHYNS&cid=955907868.1701706125>m=45je3bt0v9122470923z878838918&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=362531133 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 16:08:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js
23.38.200.237200 OK 35 kB URL GET HTTP/2 assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js
IP 23.38.200.237:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectassets.adobedtm.com
Fingerprint8E:2F:9F:94:55:93:C2:B5:58:37:E8:D3:02:3C:23:AF:BA:E7:1D:EA
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (32730)
Hash 208eb534ea01036a4fca64e6715ccf3f
90c85649634ff5a627023668b2e10fa01cf30315
6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf
GET /extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "208eb534ea01036a4fca64e6715ccf3f:1694496806.451282"
last-modified: Tue, 12 Sep 2023 05:33:26 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 12687
expires: Mon, 04 Dec 2023 17:08:38 GMT
date: Mon, 04 Dec 2023 16:08:38 GMT
cache-control: no-cache
access-control-allow-origin: https://support.savethechildren.org
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement_Module_ActivityMap.min.js
23.38.200.237200 OK 3.3 kB URL GET HTTP/2 assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement_Module_ActivityMap.min.js
IP 23.38.200.237:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectassets.adobedtm.com
Fingerprint8E:2F:9F:94:55:93:C2:B5:58:37:E8:D3:02:3C:23:AF:BA:E7:1D:EA
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (3441), with no line terminators
Hash 817ed7d45cd37edb652125f81e1e1fbb
8e70a2deea425de8c8372311f8e43a7f7e5f83a4
d5911b0f8b10757e606ca9e35ada5cebde7ecd089c3995414bd41ea69d279376
GET /extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "f1e098a5dd836ea5fc9726c429c8d71d:1694496806.740373"
last-modified: Tue, 12 Sep 2023 05:33:26 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 1597
expires: Mon, 04 Dec 2023 17:08:38 GMT
date: Mon, 04 Dec 2023 16:08:38 GMT
cache-control: no-cache
access-control-allow-origin: https://support.savethechildren.org
timing-allow-origin: *
X-Firefox-Spdy: h2
dx.mountain.com/spx?dxver=4.0.0&shaid=32293&tdr=&plh=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D10846%26mfc_pref%3DT%2610846.donation%3Dform1%26monthly%3Dfalse%26cid%3DMobile_SMS%3ASFMC%3AAnnual_GT%3AGEN_B%3A112823%26mn%3DBR-SMS-112823-Annual_GT-GEN_B%26mk%3D33265268&cb=70186358532440720&term=value
34.238.149.65200 OK 16 kB URL GET HTTP/1.1 dx.mountain.com/spx?dxver=4.0.0&shaid=32293&tdr=&plh=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D10846%26mfc_pref%3DT%2610846.donation%3Dform1%26monthly%3Dfalse%26cid%3DMobile_SMS%3ASFMC%3AAnnual_GT%3AGEN_B%3A112823%26mn%3DBR-SMS-112823-Annual_GT-GEN_B%26mk%3D33265268&cb=70186358532440720&term=value
IP 34.238.149.65:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoDaddy.com, Inc.
Subject*.mountain.com
Fingerprint60:38:AB:C1:29:01:0A:9E:70:DF:E1:A9:65:7C:E4:4D:66:48:51:62
ValidityMon, 12 Jun 2023 16:30:05 GMT - Sun, 23 Jun 2024 07:06:21 GMT
File type ASCII text, with very long lines (15828), with no line terminators
Hash 025313f1057fde32f0cd17367783a6e6
bc61ac79db64f37ca5b3c2871d83ed11ae453a96
039d523fc83ccc0d374207bb1992bd94587149fa3b93ef0985afb401128a00b6
GET /spx?dxver=4.0.0&shaid=32293&tdr=&plh=https%3A%2F%2Fsupport.savethechildren.org%2Fsite%2FDonation2%3Fdf_id%3D10846%26mfc_pref%3DT%2610846.donation%3Dform1%26monthly%3Dfalse%26cid%3DMobile_SMS%3ASFMC%3AAnnual_GT%3AGEN_B%3A112823%26mn%3DBR-SMS-112823-Annual_GT-GEN_B%26mk%3D33265268&cb=70186358532440720&term=value HTTP/1.1
Host: dx.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-type: application/javascript;charset=utf-8
date: Mon, 04 Dec 2023 16:08:40 GMT
x-envoy-upstream-service-time: 2
be: spx-prod
server: istio-envoy
transfer-encoding: chunked
a.opmnstr.com/app/js/10.970fc188.min.js
194.242.11.186200 OK 34 kB URL GET HTTP/2 a.opmnstr.com/app/js/10.970fc188.min.js
IP 194.242.11.186:443
ASN #34989 ServeTheWorld AS
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerLet's Encrypt
Subjecta.opmnstr.com
FingerprintD4:71:80:01:7A:24:C3:E9:2C:46:BB:21:1B:F7:59:08:82:48:D3:47
ValiditySat, 18 Nov 2023 14:16:22 GMT - Fri, 16 Feb 2024 14:16:21 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /app/js/10.970fc188.min.js HTTP/1.1
Host: a.opmnstr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 16:08:40 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"654286ec-82ae"
last-modified: Wed, 01 Nov 2023 17:12:12 GMT
cdn-storageserver: SE-318
cdn-requestpullsuccess: True
cdn-fileserver: 585
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 12/01/2023 17:47:11
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 7e25fc017580a2e3c6104d8a1ed4aa5f
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/campaign-views/71f45d2de907/hxjirpzidj0hqhbcivvz/ab00b5aa5449f1c40999c931fd67cc77-optin.json
194.242.11.186200 OK 40 kB URL GET HTTP/2 a.omappapi.com/app/campaign-views/71f45d2de907/hxjirpzidj0hqhbcivvz/ab00b5aa5449f1c40999c931fd67cc77-optin.json
IP 194.242.11.186:443
ASN #34989 ServeTheWorld AS
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerLet's Encrypt
Subjecta.omappapi.com
Fingerprint8C:9B:22:AA:DD:4C:D5:F7:5F:E0:F8:46:45:87:86:1C:D9:E6:95:3C
ValiditySat, 18 Nov 2023 14:16:22 GMT - Fri, 16 Feb 2024 14:16:21 GMT
File type JSON data\012- HTML document, ASCII text, with very long lines (39574), with no line terminators
Hash ab00b5aa5449f1c40999c931fd67cc77
b7764110c7dc7b1835bb94a3d8623a42bb233ad4
b7be7e2dc35f25f304f16592673c51f866ee57c7d18fe2ad09b950dbbbd61cf0
GET /app/campaign-views/71f45d2de907/hxjirpzidj0hqhbcivvz/ab00b5aa5449f1c40999c931fd67cc77-optin.json HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://support.savethechildren.org
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 16:08:45 GMT
content-type: application/json
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"64d2959f-9a96"
last-modified: Tue, 08 Aug 2023 19:21:03 GMT
cdn-storageserver: SE-344
cdn-requestpullsuccess: True
cdn-fileserver: 585
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 12/01/2023 18:29:09
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 2a3497e52c9e4db3dc441a4c6de6ceb6
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.opmnstr.com/app/js/26.1898e425.min.js
194.242.11.186200 OK 1.7 kB URL GET HTTP/2 a.opmnstr.com/app/js/26.1898e425.min.js
IP 194.242.11.186:443
ASN #34989 ServeTheWorld AS
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerLet's Encrypt
Subjecta.opmnstr.com
FingerprintD4:71:80:01:7A:24:C3:E9:2C:46:BB:21:1B:F7:59:08:82:48:D3:47
ValiditySat, 18 Nov 2023 14:16:22 GMT - Fri, 16 Feb 2024 14:16:21 GMT
File type ASCII text, with very long lines (1759), with no line terminators
Hash 3839fbc08ab4a869c1318aa99424659d
1a239a82b13018b39ea09e5b85be97e0c5cebd19
9ff8a9ebf99623e195920d7fdde200e87f85947922f20e91255a594a450789ed
GET /app/js/26.1898e425.min.js HTTP/1.1
Host: a.opmnstr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 16:08:40 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"65087f2c-6b6"
last-modified: Mon, 18 Sep 2023 16:47:40 GMT
cdn-storageserver: SE-318
cdn-requestpullsuccess: True
cdn-fileserver: 584
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 12/01/2023 17:47:11
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 5acc6ff7a476cd96cc3cc6a5231d4949
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
dx2eq2oh924g4.cloudfront.net/js/stc-donation.js?v=4.65.0
54.230.241.208200 OK 69 kB URL GET HTTP/2 dx2eq2oh924g4.cloudfront.net/js/stc-donation.js?v=4.65.0
IP 54.230.241.208:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (32437)
Hash e1393a9a10671db936645c0857530456
ec1b8fca38476425e25ebb9682c27cbb352d0c08
c0614150f23ff75e9069e752462e479b33695a3f65e4de98ffaefb4162694c1c
GET /js/stc-donation.js?v=4.65.0 HTTP/1.1
Host: dx2eq2oh924g4.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 30 Nov 2023 23:16:13 GMT
last-modified: Thu, 30 Nov 2023 22:55:02 GMT
etag: W/"e1393a9a10671db936645c0857530456"
x-amz-server-side-encryption: AES256
cache-control: max-age=604801
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BiWlBo-EnCdCFby2hml8AWdKUIsesGy2iKFVsKzKxKJA7xb0F9bEEg==
age: 319945
X-Firefox-Spdy: h2
a.opmnstr.com/app/js/5.c3191d3c.min.js
194.242.11.186200 OK 17 kB URL GET HTTP/2 a.opmnstr.com/app/js/5.c3191d3c.min.js
IP 194.242.11.186:443
ASN #34989 ServeTheWorld AS
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerLet's Encrypt
Subjecta.opmnstr.com
FingerprintD4:71:80:01:7A:24:C3:E9:2C:46:BB:21:1B:F7:59:08:82:48:D3:47
ValiditySat, 18 Nov 2023 14:16:22 GMT - Fri, 16 Feb 2024 14:16:21 GMT
File type ASCII text, with very long lines (16661)
Hash 6f762f9d264170072afe660bd414ec31
0332f1adfc236d1c35e587a76d27d90da94e10c1
745b79544835c8ee16198c039bdde0b6ec42333c0f830df5770bd4dcd60a6ac6
GET /app/js/5.c3191d3c.min.js HTTP/1.1
Host: a.opmnstr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 16:08:40 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"65395456-4146"
last-modified: Wed, 25 Oct 2023 17:45:58 GMT
cdn-storageserver: SE-344
cdn-requestpullsuccess: True
cdn-fileserver: 584
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 12/01/2023 17:47:11
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 797f0e5852fd9b7e6de1bd648343b4d5
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/api.min.css
194.242.11.186200 OK 9.8 kB URL GET HTTP/2 a.omappapi.com/app/js/api.min.css
IP 194.242.11.186:443
ASN #34989 ServeTheWorld AS
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerLet's Encrypt
Subjecta.omappapi.com
Fingerprint8C:9B:22:AA:DD:4C:D5:F7:5F:E0:F8:46:45:87:86:1C:D9:E6:95:3C
ValiditySat, 18 Nov 2023 14:16:22 GMT - Fri, 16 Feb 2024 14:16:21 GMT
File type ASCII text, with very long lines (9802), with no line terminators
Hash 6b334efd890a083ee64f504bc8be580e
fcffcfcb034773229d7da28bffc550025ee5fb88
3de43b083f0b97852ba9f89903b538635a95cdc7e394eada72e6fae74f063695
GET /app/js/api.min.css HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 16:08:39 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"654bcb28-2644"
last-modified: Wed, 08 Nov 2023 17:53:44 GMT
cdn-storageserver: SE-318
cdn-requestpullsuccess: True
cdn-fileserver: 585
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 12/01/2023 17:47:11
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 22fae93b00e93ef636a4ee1d26202c82
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
142.250.74.164200 OK 102 B URL GET HTTP/3 www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
IP 142.250.74.164:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcVyLgZAAAAAIaCdeocZ0n27ZV5AVFs-ptKOles&co=aHR0cHM6Ly9zdXBwb3J0LnNhdmV0aGVjaGlsZHJlbi5vcmc6NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=1pvynaruiyh7
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type ASCII text, with no line terminators
Hash b581f6e6ac7eb4d572233bdd384918f8
12a90cd14cfea2286982801538560f638670eaff
b62f36160407c81030404ab242125afd42fa0da6626ef11e5f406dda12acf144
GET /recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcVyLgZAAAAAIaCdeocZ0n27ZV5AVFs-ptKOles&co=aHR0cHM6Ly9zdXBwb3J0LnNhdmV0aGVjaGlsZHJlbi5vcmc6NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=1pvynaruiyh7
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 04 Dec 2023 16:08:39 GMT
date: Mon, 04 Dec 2023 16:08:39 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
tags.wdsvc.net/controller.js?id=100229
52.202.83.199200 OK 57 B URL GET HTTP/1.1 tags.wdsvc.net/controller.js?id=100229
IP 52.202.83.199:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoDaddy.com, Inc.
Subjecttags.wdsvc.net
Fingerprint17:16:5C:DB:44:26:27:6F:C3:7F:3C:A7:69:C6:07:13:4D:22:12:B7
ValidityWed, 18 Oct 2023 19:38:36 GMT - Fri, 01 Nov 2024 14:43:34 GMT
File type ASCII text, with no line terminators
Hash e42c9f81368790f767c24d702fd34307
77d9bfff9816719da08e1ce8e908b504be1cc63d
c114a644eeec8496a374cfbce8d4ba03100b6b753b86a19e765090ba5d55a7cd
GET /controller.js?id=100229 HTTP/1.1
Host: tags.wdsvc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Set-Cookie: OPTOUT=Opt-Out Privacy Signal DNT Detected; No Data Collection; Expires=Wed, 04 Dec 2024 16:08:41 GMT; SameSite=None; Secure
_wdTest=accept; Domain=.wdsvc.net; Path=/; Expires=Sun, 04 Dec 2022 16:08:41 GMT; SameSite=none; secure; HttpOnly
wds_random=opt-out; Expires=Sun, 04 Dec 2022 16:08:41 GMT; SameSite=none; secure; HttpOnly
Date: Mon, 04 Dec 2023 16:08:41 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked
consent.cookiebot.com/398fa4c9-90ea-4dbe-b61c-52e460fbedac/cc.js?renew=false&referer=support.savethechildren.org&dnt=true&init=false
23.72.139.51200 OK 310 kB URL GET HTTP/2 consent.cookiebot.com/398fa4c9-90ea-4dbe-b61c-52e460fbedac/cc.js?renew=false&referer=support.savethechildren.org&dnt=true&init=false
IP 23.72.139.51:443
ASN #20940 Akamai International B.V.
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectconsent.cookiebot.com
Fingerprint56:33:CA:77:EA:BC:73:51:03:77:3B:70:7C:00:AF:45:02:85:85:98
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT
Size 310 kB (309656 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /398fa4c9-90ea-4dbe-b61c-52e460fbedac/cc.js?renew=false&referer=support.savethechildren.org&dnt=true&init=false HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private, max-age=1
content-type: application/x-javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
date: Mon, 04 Dec 2023 16:08:38 GMT
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2
collection.decibelinsight.net/i/13874/253647/c.json
130.61.120.2200 OK 30 kB URL GET HTTP/2 collection.decibelinsight.net/i/13874/253647/c.json
IP 130.61.120.2:443
ASN #31898 ORACLE-BMC-31898
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert, Inc.
Subject*.decibelinsight.net
FingerprintD8:DD:19:35:F1:58:34:9D:91:3E:A4:76:F3:DD:C5:E9:EC:32:61:E7
ValidityMon, 05 Dec 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (30227), with no line terminators
Hash eb3ca35c5579520b4647948666c14c7e
96355868ab678eefc28a3191ad58b6753d3a71ab
541610929ebfa9a3e2ef1d810ded5f7e5967ea74ebe82e21053487c554a0693e
GET /i/13874/253647/c.json HTTP/1.1
Host: collection.decibelinsight.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://support.savethechildren.org
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 16:08:44 GMT
content-type: application/json
cache-control: private, max-age=1800
etag: W/001521720-18C3596CD92
timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override
access-control-allow-origin: https://support.savethechildren.org
access-control-allow-credentials: true
vary: Origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000, h2=":443"; ma=2592000
content-encoding: gzip
X-Firefox-Spdy: h2
a.opmnstr.com/app/js/20.1d4b97e9.min.js
194.242.11.186200 OK 4.2 kB URL GET HTTP/2 a.opmnstr.com/app/js/20.1d4b97e9.min.js
IP 194.242.11.186:443
ASN #34989 ServeTheWorld AS
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerLet's Encrypt
Subjecta.opmnstr.com
FingerprintD4:71:80:01:7A:24:C3:E9:2C:46:BB:21:1B:F7:59:08:82:48:D3:47
ValiditySat, 18 Nov 2023 14:16:22 GMT - Fri, 16 Feb 2024 14:16:21 GMT
File type ASCII text, with very long lines (4315), with no line terminators
Hash 763eed0030db96e699821fb47e3c083c
848787694c71ad6be4817c0046e2cb0dc2b2bda2
fb6a54cc2e53f8e88ba01741db94a37a924af18ecd9e42de3199ad32ea7e43ef
GET /app/js/20.1d4b97e9.min.js HTTP/1.1
Host: a.opmnstr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 16:08:40 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"65088833-1062"
last-modified: Mon, 18 Sep 2023 17:26:11 GMT
cdn-storageserver: SE-344
cdn-requestpullsuccess: True
cdn-fileserver: 584
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 12/01/2023 17:47:11
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 62ced56e171b397692a2ba9fe8624bb1
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
d6tizftlrpuof.cloudfront.net/themes/production/save-the-children-usa-button-18e985c8f1327aa5b0db2be1ab660ba6.png
54.230.241.85200 OK 9.2 kB URL GET HTTP/1.1 d6tizftlrpuof.cloudfront.net/themes/production/save-the-children-usa-button-18e985c8f1327aa5b0db2be1ab660ba6.png
IP 54.230.241.85:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type PNG image data, 159 x 523, 8-bit/color RGB, non-interlaced\012- data
Hash 18e985c8f1327aa5b0db2be1ab660ba6
40b959e93c2a7521f3ac03bdc6952d3316bfa8f8
9fbb05adcdc2317148fbaaf7c56be51c9246d351c9ae5235eb09dcd0ee0da552
GET /themes/production/save-the-children-usa-button-18e985c8f1327aa5b0db2be1ab660ba6.png HTTP/1.1
Host: d6tizftlrpuof.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 9208
Connection: keep-alive
Date: Sun, 17 Sep 2023 18:54:51 GMT
Last-Modified: Tue, 22 Nov 2022 20:42:35 GMT
ETag: "18e985c8f1327aa5b0db2be1ab660ba6"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=315360000, no-transform, public
x-amz-version-id: C7qFiPh6IstNmFvA1Lz9dqUcbPEB482T
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: X0Ju7KE4MHmaUihtWrNIJQPKv6n9bM5pDAi38JcRUkIaa2sHjwN37A==
Age: 6729234
a.opmnstr.com/app/js/28.377be946.min.js
194.242.11.186200 OK 3.5 kB URL GET HTTP/2 a.opmnstr.com/app/js/28.377be946.min.js
IP 194.242.11.186:443
ASN #34989 ServeTheWorld AS
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerLet's Encrypt
Subjecta.opmnstr.com
FingerprintD4:71:80:01:7A:24:C3:E9:2C:46:BB:21:1B:F7:59:08:82:48:D3:47
ValiditySat, 18 Nov 2023 14:16:22 GMT - Fri, 16 Feb 2024 14:16:21 GMT
File type ASCII text, with very long lines (3637), with no line terminators
Hash 21007918023501f3092bb982168666b8
407b756ac7a8aa77b9ae7f05aefc3d1b56403f01
163798043cf3be172667eb930f50a5582619647dce8dd80e851b4ecb2abd5688
GET /app/js/28.377be946.min.js HTTP/1.1
Host: a.opmnstr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 16:08:40 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"65087f37-d7b"
last-modified: Mon, 18 Sep 2023 16:47:51 GMT
cdn-storageserver: SE-318
cdn-requestpullsuccess: True
cdn-fileserver: 585
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 12/01/2023 17:47:11
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 727ec4241072d60873eee3ae06e3a8db
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXiWtFCc.woff2
216.58.207.227200 OK 14 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXiWtFCc.woff2
IP 216.58.207.227:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 14044, version 1.0\012- data
Hash 129179c4eeb1d784d3d3ad95e0b35905
f75444b5ef6205ee4301d632adf17e28985b0840
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
GET /s/lato/v20/S6uyw4BMUTPHjx4wXiWtFCc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://support.savethechildren.org
DNT: 1
Connection: keep-alive
Referer: https://dx2eq2oh924g4.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14044
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 01:54:26 GMT
expires: Fri, 29 Nov 2024 01:54:26 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 10 Aug 2021 00:19:07 GMT
content-type: font/woff2
age: 396852
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
support.savethechildren.org/site/PixelServer?t=undefined
74.123.154.123200 200 43 B URL GET HTTP/1.1 support.savethechildren.org/site/PixelServer?t=undefined
IP 74.123.154.123:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert Inc
Subjectsupport.savethechildren.org
Fingerprint2A:7F:07:DF:DA:02:02:73:DD:44:A2:E6:0C:11:88:DE:D0:BB:60:F9
ValidityWed, 01 Mar 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /site/PixelServer?t=undefined HTTP/1.1
Host: support.savethechildren.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Cookie: JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b; JSESSIONID=B3924FB8BF26D181FCED08E887D0F4A1.app30034b; AMCV_6B0E659F56A9E70D7F000101%40AdobeOrg=179643557%7CMCIDTS%7C19696%7CvVersion%7C5.5.0; mbox=session#82ab5f576e9343cf973cb9fd95620eb9#1701707985; at_check=true; stc-analytics-source=Web|Mobile_SMS|SFMC|Annual_GT|GEN_B|11/28/2023; stc-session-count=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 200
Date: Mon, 04 Dec 2023 16:08:38 GMT
Server: Apache
Cache-Control: no-store
Content-Length: 43
Keep-Alive: timeout=15, max=426
Connection: Keep-Alive
Content-Type: image/gif
cdn.decibelinsight.net/i/13874/253647/di.js
54.230.111.52200 OK 210 kB URL GET HTTP/2 cdn.decibelinsight.net/i/13874/253647/di.js
IP 54.230.111.52:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerAmazon
Subject*.decibelinsight.net
Fingerprint78:AF:08:CA:CB:95:CB:AE:88:43:3F:16:62:E6:EC:69:57:CB:0D:FD
ValidityTue, 28 Feb 2023 00:00:00 GMT - Mon, 12 Feb 2024 23:59:59 GMT
Size 210 kB (209994 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /i/13874/253647/di.js HTTP/1.1
Host: cdn.decibelinsight.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
server: nginx
date: Mon, 04 Dec 2023 16:08:38 GMT
cache-control: private, max-age=5400
etag: W/001494904-18C243C9DD2
timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Y3iBEiECdaU7pdjbvffmaKKj-vM802X_8aF8thHwOE2KSDV5LbIebQ==
X-Firefox-Spdy: h2
collection.decibelinsight.net/i/13874/ws/
130.61.120.2101 Switching Protocols 0 B URL GET HTTP/1.1 collection.decibelinsight.net/i/13874/ws/
IP 130.61.120.2:443
ASN #31898 ORACLE-BMC-31898
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerDigiCert, Inc.
Subject*.decibelinsight.net
FingerprintD8:DD:19:35:F1:58:34:9D:91:3E:A4:76:F3:DD:C5:E9:EC:32:61:E7
ValidityMon, 05 Dec 2022 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /i/13874/ws/ HTTP/1.1
Host: collection.decibelinsight.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://support.savethechildren.org
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tRCnJr0vopLkDI5LXXThag==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Mon, 04 Dec 2023 16:08:45 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: n/3IN3/8Ta62YaGNRJ+ParEKpj8=
Sec-WebSocket-Extensions: permessage-deflate; client_no_context_takeover
Sec-WebSocket-Version: 13
Strict-Transport-Security: max-age=31536000
Alt-Svc: h3=":443"; ma=2592000, h2=":443"; ma=2592000
a.opmnstr.com/app/js/0.514c5def.min.js
194.242.11.186200 OK 7.5 kB URL GET HTTP/2 a.opmnstr.com/app/js/0.514c5def.min.js
IP 194.242.11.186:443
ASN #34989 ServeTheWorld AS
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerLet's Encrypt
Subjecta.opmnstr.com
FingerprintD4:71:80:01:7A:24:C3:E9:2C:46:BB:21:1B:F7:59:08:82:48:D3:47
ValiditySat, 18 Nov 2023 14:16:22 GMT - Fri, 16 Feb 2024 14:16:21 GMT
File type ASCII text, with very long lines (7700), with no line terminators
Hash 8a5ba32fb87d0018a996ca83ea6d052a
b6a6dfa88a5992a40bbb1caa1a16c7a6c2461d18
be3598eb0887d86a47b49330766ea6e7a5f706de858876af7f82b75ad319658f
GET /app/js/0.514c5def.min.js HTTP/1.1
Host: a.opmnstr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 16:08:40 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"65087f29-1d49"
last-modified: Mon, 18 Sep 2023 16:47:37 GMT
cdn-storageserver: SE-344
cdn-requestpullsuccess: True
cdn-fileserver: 585
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 12/01/2023 17:47:11
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 1aefc3f7683449c1c6ff05c03c72ebcf
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.opmnstr.com/app/js/1.ea963399.min.js
194.242.11.186200 OK 11 kB URL GET HTTP/2 a.opmnstr.com/app/js/1.ea963399.min.js
IP 194.242.11.186:443
ASN #34989 ServeTheWorld AS
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerLet's Encrypt
Subjecta.opmnstr.com
FingerprintD4:71:80:01:7A:24:C3:E9:2C:46:BB:21:1B:F7:59:08:82:48:D3:47
ValiditySat, 18 Nov 2023 14:16:22 GMT - Fri, 16 Feb 2024 14:16:21 GMT
File type ASCII text, with very long lines (10891)
Hash 8716204c5db83d4c3626debecdd33c26
90620e801e08a724e61d6bec674089aa7bcd4f62
6507a044d207a767ec2971e891b149b58d6d32a6ee1b18068a6d6dd36bc5fa9a
GET /app/js/1.ea963399.min.js HTTP/1.1
Host: a.opmnstr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 16:08:40 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"65088835-2abc"
last-modified: Mon, 18 Sep 2023 17:26:13 GMT
cdn-storageserver: SE-318
cdn-requestpullsuccess: True
cdn-fileserver: 585
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 12/01/2023 17:47:11
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 140e3c0f706fa4d1a03118ecfbcc3815
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/anchor?ar=1&k=6LcVyLgZAAAAAIaCdeocZ0n27ZV5AVFs-ptKOles&co=aHR0cHM6Ly9zdXBwb3J0LnNhdmV0aGVjaGlsZHJlbi5vcmc6NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=1pvynaruiyh7
142.250.74.164200 OK 61 kB URL GET HTTP/3 www.google.com/recaptcha/api2/anchor?ar=1&k=6LcVyLgZAAAAAIaCdeocZ0n27ZV5AVFs-ptKOles&co=aHR0cHM6Ly9zdXBwb3J0LnNhdmV0aGVjaGlsZHJlbi5vcmc6NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=1pvynaruiyh7
IP 142.250.74.164:443
Requested by https://support.savethechildren.org/site/Donation2?df_id=10846&mfc_pref=T&10846.donation=form1&monthly=false&cid=Mobile_SMS:SFMC:Annual_GT:GEN_B:112823&mn=BR-SMS-112823-Annual_GT-GEN_B&mk=33265268
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52350)
Hash 04a825965687946393f30bee19d6d5d0
3f07139c3b88677e163c5f97d92f3fe16b953f45
a8dd57d10dabd86e1f9e15fc0de583a187f1cb9c507f92bdf560411a182650f9
GET /recaptcha/api2/anchor?ar=1&k=6LcVyLgZAAAAAIaCdeocZ0n27ZV5AVFs-ptKOles&co=aHR0cHM6Ly9zdXBwb3J0LnNhdmV0aGVjaGlsZHJlbi5vcmc6NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=1pvynaruiyh7 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.savethechildren.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 04 Dec 2023 16:08:39 GMT
content-security-policy: script-src 'nonce-xUCCGOa-yU1ODC2KMRM5rA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000