my.americares.org Open in urlscan Pro
2606:4700::6812:7c49 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.hello.americares.org/?qs=39d8f4b54206567c8b9d1d52a0546b747bd8f39c20b8fdc29a64cc23f2de819093ba347bce9f8b8f577996194737...
Effective URL:
https://my.americares.org/give/527690/
Submission: On March 11 via api (March 11th 2024, 10:20:17 pm UTC) from US — Scanned from DE

Summary HTTP 109 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 17 domains to perform 109 HTTP transactions. The main IP is 2606:4700::6812:7c49, located in United States and belongs to CLOUDFLARENET, US. The main domain is my.americares.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 2nd 2024. Valid for: a year.

This is the only time my.americares.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.110.221.60 13.110.221.60	14340 (SALESFORCE) (SALESFORCE)
31	2606:4700::68... 2606:4700::6812:7c49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
4	2600:9000:225... 2600:9000:2250:a800:2:8531:afc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	52.143.247.24 52.143.247.24	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.33.187.40 13.33.187.40	16509 (AMAZON-02) (AMAZON-02)
16	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:280... 2a02:26f0:280:9::213:7a24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	34.68.9.145 34.68.9.145	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.22.54.118 104.22.54.118	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::5c	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
4	44.237.151.236 44.237.151.236	16509 (AMAZON-02) (AMAZON-02)
5	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
1	198.202.176.81 198.202.176.81	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
109	22

1 13.110.221.60 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: click.hello.americares.org

click.hello.americares.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2606:4700::6812:7c49 (United States)

ASN13335 (CLOUDFLARENET, US)

my.americares.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prod-frs.content.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.classy.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

files.doublethedonation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2250:a800:2:8531:afc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.transcend.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.143.247.24 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

htp.tokenex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-40.fra60.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:280:9::213:7a24 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)

image.hello.americares.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.68.9.145 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 145.9.68.34.bc.googleusercontent.com

www.americares.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.54.118 (None, )

ASN13335 (CLOUDFLARENET, US)

widgets.guidestar.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.237.151.236 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-151-236.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.202.176.81 (United States)

ASN16509 (AMAZON-02, US)

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	americares.org 1 redirects click.hello.americares.org my.americares.org image.hello.americares.org www.americares.org	495 KB
24	stripe.com js.stripe.com — Cisco Umbrella Rank: 1155 m.stripe.com — Cisco Umbrella Rank: 1134 r.stripe.com — Cisco Umbrella Rank: 2301 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5082	767 KB
16	classy.org prod-frs.content.classy.org — Cisco Umbrella Rank: 49665 assets.classy.org — Cisco Umbrella Rank: 59656	1 MB
15	google.com pay.google.com — Cisco Umbrella Rank: 2753 play.google.com — Cisco Umbrella Rank: 33	422 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	314 KB
4	transcend.io cdn.transcend.io — Cisco Umbrella Rank: 6078	128 KB
3	doublethedonation.com files.doublethedonation.com — Cisco Umbrella Rank: 70473	131 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1243	16 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 66	69 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
1	guidestar.org widgets.guidestar.org — Cisco Umbrella Rank: 31340	5 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 760	88 KB
1	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 14533	41 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 709	3 KB
1	tokenex.com htp.tokenex.com — Cisco Umbrella Rank: 32829	5 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 124	18 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 788	7 KB
109	17

	Domain	Requested by
15	my.americares.org	my.americares.org cdn.transcend.io
14	js.stripe.com	cdn.transcend.io js.stripe.com
12	play.google.com	www.gstatic.com
10	prod-frs.content.classy.org	my.americares.org cdn.transcend.io prod-frs.content.classy.org
7	fonts.gstatic.com	fonts.googleapis.com
6	assets.classy.org
5	r.stripe.com	js.stripe.com
5	www.americares.org
4	www.gstatic.com	pay.google.com www.gstatic.com
4	m.stripe.com	m.stripe.network
4	image.hello.americares.org
4	cdn.transcend.io	my.americares.org cdn.transcend.io
3	pay.google.com	js.stripe.com pay.google.com www.gstatic.com
3	files.doublethedonation.com	my.americares.org files.doublethedonation.com cdn.transcend.io
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.youtube.com	cdn.transcend.io
1	merchant-ui-api.stripe.com	js.stripe.com
1	fonts.googleapis.com	cdn.transcend.io
1	widgets.guidestar.org
1	code.jquery.com	cdn.transcend.io
1	cdn.plaid.com	cdn.transcend.io
1	unpkg.com	cdn.transcend.io
1	htp.tokenex.com	cdn.transcend.io
1	www.googleadservices.com	cdn.transcend.io
1	static.cloudflareinsights.com	my.americares.org
1	click.hello.americares.org	1 redirects
109	26

This site contains links to these domains. Also see Links.

Domain
www.classy.org
charitynavigator.org
www.give.org
www.guidestar.org
www.forbes.com
www.americares.org

Subject Issuer	Validity	Valid
my.americares.org Cloudflare Inc ECC CA-3	`2024-01-02` - `2024-12-31`	a year	crt.sh
classy.org Cloudflare Inc ECC CA-3	`2024-03-03` - `2024-12-31`	10 months	crt.sh
snie5b5gl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-17` - `2024-05-17`	a year	crt.sh
transcend.io Amazon RSA 2048 M02	`2023-06-20` - `2024-07-18`	a year	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-03-10` - `2024-06-08`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
api.tokenex.com Go Daddy Secure Certificate Authority - G2	`2024-01-08` - `2024-12-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
secure.plaid.com DigiCert EV RSA CA G2	`2023-03-09` - `2024-04-08`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-02-07` - `2024-05-09`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
san-13-s12.tlsprovisioning.exacttarget.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-01` - `2025-01-31`	a year	crt.sh
americaresindia.amcares.materiellcloud.com R3	`2024-03-03` - `2024-06-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-26` - `2024-05-23`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2024-03-06` - `2024-06-06`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://my.americares.org/give/527690/
Frame ID: 680C4D972A46353668EFB0534ACC7BF0
Requests: 65 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: FE51529FB7271161D3D410CC1276AB7F
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-ed6b13f72106b486064dabd723a34e01.html
Frame ID: B49F730B2B373062870442DBC8F7C246
Requests: 11 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-efad77a536f50b02df7c64c17ae993e5.html
Frame ID: 189BAEA19AFFA07EB3A6B03724800083
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-cdc0f8f66398c4206aea80d732b2ebe5.html
Frame ID: 5DA776A5DA37C6A8D4ACB0139AA8EB68
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 44A6E0F244D1C7609FDEB85C3427B21E
Requests: 6 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 382D4774DB2C83CBC72325E6DCD8CD29
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate to Emergency Relief for Israel-Gaza & more

Page URL History Show full URLs

https://click.hello.americares.org/?qs=39d8f4b54206567c8b9d1d52a0546b747bd8f39c20b8fdc29a64cc23f2de819093ba347b... HTTP 302
https://my.americares.org/give/527690/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

109
Requests

100 %
HTTPS

57 %
IPv6

17
Domains

26
Subdomains

22
IPs

4
Countries

3913 kB
Transfer

12399 kB
Size

18
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.classy.org/terms/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.classy.org/terms/privacy
Title: Classy Privacy Policy

Search URL Search Domain Scan URL

URL: https://charitynavigator.org/ein/061008595

Search URL Search Domain Scan URL

URL: http://www.give.org/charity-reviews/national/health/americares-foundation-inc-in-stamford-ct-1739

Search URL Search Domain Scan URL

URL: https://www.guidestar.org/profile/shared/7f4b78f5-0139-475a-8e23-6c9732ce1989

Search URL Search Domain Scan URL

URL: https://www.forbes.com/lists/top-charities/?sh=6b7f83c25f50

Search URL Search Domain Scan URL

URL: https://www.americares.org/our-privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.americares.org/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.hello.americares.org/?qs=39d8f4b54206567c8b9d1d52a0546b747bd8f39c20b8fdc29a64cc23f2de819093ba347bce9f8b8f577996194737a29cde563f454c16a0b0c1d2804f48a09f0d HTTP 302
https://my.americares.org/give/527690/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

109 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
my.americares.org/give/527690/
Redirect Chain

https://click.hello.americares.org/?qs=39d8f4b54206567c8b9d1d52a0546b747bd8f39c20b8fdc29a64cc23f2de819093ba347bce9f8b8f577996194737a29cde563f454c16a0b0c1d2804f48a09f0d
https://my.americares.org/give/527690/

492 KB
78 KB

1407ms
1344ms

Document
text/html

2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/give/527690/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8da40fe2d8ddf214ddfaea3e74eebcc4d77c0f492376af1ec629c92276b07db

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 862eee1c4a9e18b5-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self';
content-type: text/html; charset=utf-8
date: Mon, 11 Mar 2024 22:20:10 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 284
Content-Type: text/html; charset=utf-8
Date: Mon, 11 Mar 2024 22:20:08 GMT
Location: https://my.americares.org/give/527690/#!/donation/checkout?utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl&amount=125

GET
H2 200 main.css
prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/frs/ 1 MB
147 KB 113ms
51ms Stylesheet
text/css 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/frs/main.css

Requested by

Host: my.americares.org
URL: https://my.americares.org/give/527690/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13c9eba319b411d9711a1c997322107310af7f7938aac1ec8f9cdc7c662bb9e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:10 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
content-encoding: br
x-amz-version-id: E6FKWDx6ckzg_hHt5xQv543iTPKpIdtc
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
age: 78408
x-amz-cf-pop: FRA60-P1
cf-polished: origSize=1157383
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cf-bgj: minify
last-modified: Mon, 26 Feb 2024 22:01:37 GMT
server: cloudflare
etag: W/"11b98414c1291ac908504e9bb0606e37"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 862eee2638663603-FRA
x-amz-cf-id: EQtZb-KmUjGHlBYOwqHDdf7TvoUyVOPLwxCJvo42wKd7xCU7GJX4YA==

GET
H2 200 ddplugin.css
files.doublethedonation.com/app/ 141 KB
17 KB 137ms
22ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/app/ddplugin.css
Requested by: Host: my.americares.org
URL: https://my.americares.org/give/527690/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD5) /
Resource Hash: 60891a54df49aac87f56b67ebcd37582eae4b01e7b20b35b5b141a5ddd7e66c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Mar 2024 22:20:10 GMT
content-encoding: gzip
content-md5: ZRi6wreqb8lyrsIdYQAn/Q==
age: 1784
x-cache: HIT
content-length: 16794
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 20:53:52 GMT
server: ECAcc (frc/4CD5)
etag: 0x8DC3EE8B234D8BB
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
x-ms-request-id: 3885eafb-901e-000a-7efe-73e1b0000000
cache-control: public, max-age=3600;
x-ms-version: 2009-09-19
expires: Mon, 11 Mar 2024 23:20:10 GMT

GET
H2 200 airgap.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ 131 KB
45 KB 85ms
25ms Script
application/javascript 2600:9000:2250:a800:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Requested by

Host: my.americares.org
URL: https://my.americares.org/give/527690/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:a800:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

aa23f68b3d5c7eed8f0ebfa79457437800fa6d915b50755195217fc6d3d0916d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:10 GMT
content-encoding: br
via: 1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
x-content-type-options: nosniff
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: vALLHHhNGwUC9ut4L89lvsNmAMsuy_qZ5HXqIR2-mBdWekZn72Q3sA==
x-xss-protection: 1; mode=block

GET
H2 404 fontello.css
files.doublethedonation.com/fontello/css/ 0
0 120ms
120ms Stylesheet
application/xml 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/fontello/css/fontello.css
Requested by: Host: files.doublethedonation.com
URL: https://files.doublethedonation.com/app/ddplugin.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Blob Service Version 1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://files.doublethedonation.com/app/ddplugin.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Mon, 11 Mar 2024 23:20:10 GMT
x-ms-request-id: 3ee072af-701e-002d-6d02-74f674000000
date: Mon, 11 Mar 2024 22:20:10 GMT
cache-control: max-age=3600
server: Blob Service Version 1.0 Microsoft-HTTPAPI/2.0
content-length: 223
content-type: application/xml

GET
H2 200 rocket-loader.min.js Show response
my.americares.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 22ms
22ms Script
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: my.americares.org
URL: https://my.americares.org/give/527690/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/give/527690/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 05 Mar 2024 17:52:43 GMT
server: cloudflare
content-encoding: gzip
etag: W/"65e75beb-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 862eee277c5918b5-FRA
expires: Wed, 13 Mar 2024 22:20:10 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 121ms
71ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: my.americares.org
URL: https://my.americares.org/give/527690/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://my.americares.org/
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:10 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 862eee27fa604d9e-FRA

GET
H2 200 ui.js Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ 267 KB
77 KB 64ms
23ms Script
text/javascript 2600:9000:2250:a800:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ui.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:a800:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a77f5e7aa207c37450c588a74a423e46b0bf14e0f1c4b49ae6c567368d46f46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.americares.org/
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: pGLiXkBTZEwR1GE0xA6XjctsUE08zxMZ
content-encoding: gzip
via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
date: Mon, 11 Mar 2024 07:14:31 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 55739
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"fc84468acd1aa46963b34967f73979cb-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: zVHiZB_-sxE0If3tIaQODrVXEPQmL69nKQjLQ0U96KQBrV6aLFX-pg==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 48 KB
18 KB 122ms
57ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

62ab2ab3a16c6d4f96e5ae538005ca6be5bb97d46affaac9ed79f8e2e163a808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17881
x-xss-protection: 0
server: cafe
etag: 12382634757272263151
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 22:20:11 GMT

GET
H2 200 iframe-v3.min.js Show response
htp.tokenex.com/iframe/ 19 KB
5 KB 572ms
142ms Script
application/javascript 52.143.247.24
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://htp.tokenex.com/iframe/iframe-v3.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

27230c5af91b76c15e054c4d88048027c9045d2f1411fdbf082d074173ffcadb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 11 Mar 2024 22:20:10 GMT
last-modified: Tue, 23 Jan 2024 18:13:09 GMT
etag: "8068b7d1274eda1:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4905
x-xss-protection: 1; mode=block

GET
H2 200 paypal-js.legacy.min.js Show response
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/ 7 KB
3 KB 86ms
40ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:11 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 8879294
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HGF5NKJ7M3W20KNT7RH3NTJY-fra
server: cloudflare
etag: W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 862eee28b8715d3a-FRA

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/frs/donation/ 184 KB
38 KB 50ms
49ms Script
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/frs/donation/module.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b76d55ce69f335df0f011ca7ad04fa9cc9f34d3e0ffc6ee347d1019140b43e88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:10 GMT
x-amz-version-id: Y.XEaIyspRD.m.USeOqAMDWriqxOEzQO
via: 1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P1
age: 78408
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 26 Feb 2024 22:01:37 GMT
server: cloudflare
etag: W/"3d2baa7d6c5e50df0435a559f0b0c380"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 862eee286a953603-FRA
x-amz-cf-id: vhH-8J4V544Cf4gqCPg3e78UeTtqF7v6pFRZvTLBexboDqCxdrkb4Q==

GET
H2 200 module.min.js Show response
prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/ 2 MB
392 KB 60ms
59ms Script
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/module.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87d48af85ba0878ccd67abaaf1caf5067d42f34bbc72a711aa1c550c25a3d122

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:10 GMT
x-amz-version-id: hceFC_Q1R1Z9e8_yQ5iWTpVl3ZDCH5zx
via: 1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P1
age: 78419
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 26 Feb 2024 22:01:38 GMT
server: cloudflare
etag: W/"9a358576b39eaffd421fcaa961ab4a2e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 862eee286a973603-FRA
x-amz-cf-id: t5RqnAUB78gYyQfB2HGYNhSEqjPzkZ0TBe3ayXyKnkRFCsPfS2jXVg==

GET
H2 200 libs.min.js Show response
prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/ 1 MB
429 KB 56ms
56ms Script
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/libs.min.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ac2455757fbb14a9fa21a8afce49055f48f28e20e4e41a8f5eee9c5a2dc3f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:10 GMT
x-amz-version-id: BFymUfF8wIpfaElebO0fQT8R66GzYb.Q
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P1
age: 78419
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 26 Feb 2024 22:01:38 GMT
server: cloudflare
etag: W/"89ff3b468454fac32729fc74e3c9be17"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 862eee287a983603-FRA
x-amz-cf-id: 0IFmDfhyA8Ktm03Y2RQKx6JUsZFQOADpHGOTMH--Pl7u9mB5Ds8myg==

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 147 KB
41 KB 114ms
53ms Script
text/javascript 13.33.187.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-40.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1de6de0b51f56c4e689886df0f7e8750647f50f68a90891eb48c6fa6b829845

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 21:44:10 GMT
x-amz-version-id: PnzZAFkUEV8Tgt7MaoQG5lWzEw9cklR7
content-encoding: br
via: 1.1 af1c2193a818b5824fd85ddd651620a8.cloudfront.net (CloudFront)
x-amz-request-id: 8C4J1N4T26DM020Y
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
age: 2161
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-id-2: axTZfcR6cqpzSC1BWWgii7lfwcvNy5J3wtXmDjG2OdCXKWrYycZWO8ubPtc3a6hIJtq7RvZLl0Q=
last-modified: Mon, 11 Mar 2024 21:30:44 GMT
server: AmazonS3
etag: W/"abc3541d6f9be40168055558a15c8e24"
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-id: dH1xNnTzGKOrVp12RzAPVzuJIHmQJFlFEODnJtL2mhXuP83oPpyh3Q==

GET
H2 200 / Show response
js.stripe.com/v3/ 605 KB
168 KB 84ms
20ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

c91fcb89871b3af47fd3a4f5e17d40ac582ed9a6046963ab48caa4baa7c3dfe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 11 Mar 2024 22:20:11 GMT
via: 1.1 varnish
age: 0
x-cache: HIT
content-length: 171172
x-request-id: a176db85-b72d-43c3-a82c-fc6861384fde
x-served-by: cache-fra-etou8220071-FRA
last-modified: Mon, 11 Mar 2024 20:23:30 GMT
server: Fastly
etag: "f3a39aae23abf21e515d4ae7b8044ae7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 ddplugin.js Show response
files.doublethedonation.com/app/ 444 KB
114 KB 21ms
21ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://files.doublethedonation.com/app/ddplugin.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4C94) /
Resource Hash: 0666278516505182592bacc1b82e6603d0f33ebf8c43f2b51b89e712a94e151a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 11 Mar 2024 22:20:10 GMT
content-encoding: gzip
content-md5: W91qcon5N5JN1iY0uqgdDw==
age: 1366
x-cache: HIT
content-length: 116459
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 20:53:52 GMT
server: ECAcc (frc/4C94)
etag: 0x8DC3EE8B24159FE
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-ms-request-id: f3dd3762-601e-007c-2bff-736bf8000000
cache-control: public, max-age=3600;
x-ms-version: 2009-09-19
expires: Mon, 11 Mar 2024 23:20:10 GMT

GET
H2 200 cm.css
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ 15 KB
4 KB 27ms
25ms Stylesheet
text/css 2600:9000:2250:a800:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/cm.css

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:a800:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1da2ece3369af4c663f11daa62f4e591806f0c1ce17e17f0a4162d0d09455c5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: JWSMp_NTaRFeSeqpmxFPkel0LiL4cMwY
content-encoding: gzip
via: 1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
date: Mon, 11 Mar 2024 01:56:56 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 73396
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"fb3f2afd9f46893bb196329ab90276a6-1"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: WEUFOCV0Zb1bZ27cycmX_wTBVc0vccNUOrCb7tjsnrADBpDqhMi0aA==

GET
H2 200 en.json Show response
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/ 8 KB
2 KB 33ms
33ms Fetch
application/json 2600:9000:2250:a800:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/en.json

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:a800:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

29cfebbdf0a9801764f1c5bec42a56fd773d4290821ecb6b5553f511c200815c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: Pw3hE5sAYQ0kvHESktDQjUKbfeKteOb6
content-encoding: gzip
via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
date: Mon, 11 Mar 2024 10:01:43 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA60-P2
age: 57646
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 20 Sep 2023 22:16:07 GMT
server: AmazonS3
etag: W/"ecabc5423541bd640b7f7a45cb696671-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: wdbHPlNtYInPvI7mJ82iFDfqKaFyRvkFxiXX4gdxt9exaAkhxmxIcw==

GET
H2 200 sdk.js Show response
my.americares.org/sso/ 14 KB
4 KB 60ms
59ms Script
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/sso/sdk.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66e1bc00387661b1476191a36445a5614f6f234572a6f462a84741920757a101

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/give/527690/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Mar 2024 22:09:49 GMT
cf-bgj: minify
server: cloudflare
age: 622
cf-polished: origSize=27444
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=1200
cf-ray: 862eee2af80c18b5-FRA
expires: Mon, 11 Mar 2024 22:29:49 GMT

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ 88 KB
88 KB 71ms
21ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer: https://my.americares.org/
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:11 GMT
via: 1.1 varnish, 1.1 varnish
age: 3501904
x-cache: HIT, HIT
content-length: 89664
x-served-by: cache-lga13629-LGA, cache-fra-eddf8230021-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1710195611.469114,VS0,VE0
etag: "28feccc0-15e40"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 19, 60305

GET
H2 200 iframeResizer.17b3e8f66abcbf803ee0eb0adc771137.js Show response
my.americares.org/sso/ssobuild/js/ 12 KB
5 KB 53ms
53ms XHR
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/sso/ssobuild/js/iframeResizer.17b3e8f66abcbf803ee0eb0adc771137.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8913290a4db258fa9e0d3fd267fb61666aa81f82b1a459ba098352c427a57c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-a51d56310ce0e88e----1710195611520
traceparent: 00-79db08994956e8408866271b06a6142e-a51d56310ce0e88e-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJhNTFkNTYzMTBjZTBlODhlIiwidHIiOiI3OWRiMDg5OTQ5NTZlODQwODg2NjI3MWIwNmE2MTQyZSIsInRpIjoxNzEwMTk1NjExNTIwfX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://my.americares.org/give/527690/
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 11 Mar 2024 22:20:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 26 Feb 2024 21:53:00 GMT
cf-bgj: minify
server: cloudflare
age: 56599
etag: W/"65dd083c-316e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 862eee2c092a18b5-FRA
expires: Tue, 11 Mar 2025 06:36:52 GMT

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame FE51 200 B
817 B 22ms
21ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.americares.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3619331
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 11 Mar 2024 22:20:11 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 523182
x-content-type-options: nosniff
x-request-id: 660dbef7-c572-499e-bec0-18e703a1b821
x-served-by: cache-fra-etou8220071-FRA

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 108ms
45ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

50ea9e7af437d3219d4210a63e0bc2bcf4cf7ad13f98cda6763e6e8dc7d12d8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 11 Mar 2024 22:20:11 GMT

POST
H2 204 rum Show response
my.americares.org/cdn-cgi/ 0
143 B 31ms
30ms XHR
text/plain 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/cdn-cgi/rum?

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-e3710778cc7b33af----1710195611837
traceparent: 00-07890b5f214dbf4220989276ab0dc7e7-e3710778cc7b33af-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJlMzcxMDc3OGNjN2IzM2FmIiwidHIiOiIwNzg5MGI1ZjIxNGRiZjQyMjA5ODkyNzZhYjBkYzdlNyIsInRpIjoxNzEwMTk1NjExODM3fX0=
content-type: application/json
Referer: https://my.americares.org/give/527690/

Response headers

date: Mon, 11 Mar 2024 22:20:11 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://my.americares.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 862eee2e0b5a18b5-FRA

GET
H2 200 market-data Show response
my.americares.org/frs-api/crypto-giving/BTC/USD/ 37 B
124 B 500ms
499ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/frs-api/crypto-giving/BTC/USD/market-data

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668db5d0deab22ec5906caa082c5b39d39c1ec701dd58b35aadd2ad9b349feea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: dZnea1tz-gqbBYTrkTmv3vdvscPqlSs1_gS8
tracestate: 423787@nr=0-1-423787-363751183-a6a6c124fbbbf576----1710195612074
traceparent: 00-68560f900a672dd3ebc56508d6d5d571-a6a6c124fbbbf576-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJhNmE2YzEyNGZiYmJmNTc2IiwidHIiOiI2ODU2MGY5MDBhNjcyZGQzZWJjNTY1MDhkNmQ1ZDU3MSIsInRpIjoxNzEwMTk1NjEyMDc0fX0=
Accept: application/json, text/plain, */*
csrf-token: dZnea1tz-gqbBYTrkTmv3vdvscPqlSs1_gS8
Referer: https://my.americares.org/give/527690/

Response headers

date: Mon, 11 Mar 2024 22:20:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"25-T5av1x2PhHS8QbYoXMf3ncSaNqQ"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 862eee2f8d0918b5-FRA
content-length: 37

GET
H2 200 tax-entities Show response
my.americares.org/frs-api/organizations/29423/ 629 B
556 B 470ms
470ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/frs-api/organizations/29423/tax-entities

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4c26dfde09ed6e458fd1d42c13169455ea98d479d85d3242a61cb0d15bdd00f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: dZnea1tz-gqbBYTrkTmv3vdvscPqlSs1_gS8
tracestate: 423787@nr=0-1-423787-363751183-6ae4de0bdcd0e406----1710195612075
traceparent: 00-596f04031bc9e5fbe58e1a6cb232abe0-6ae4de0bdcd0e406-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI2YWU0ZGUwYmRjZDBlNDA2IiwidHIiOiI1OTZmMDQwMzFiYzllNWZiZTU4ZTFhNmNiMjMyYWJlMCIsInRpIjoxNzEwMTk1NjEyMDc1fX0=
Accept: application/json, text/plain, */*
csrf-token: dZnea1tz-gqbBYTrkTmv3vdvscPqlSs1_gS8
Referer: https://my.americares.org/give/527690/

Response headers

date: Mon, 11 Mar 2024 22:20:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"275-Ivi7ty8PNvuBrAmy7h5YtGEe6KI"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 862eee2f8d0c18b5-FRA

GET
H2 200 channels Show response
my.americares.org/frs-api/campaigns/527690/ 1 KB
1 KB 503ms
503ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/frs-api/campaigns/527690/channels?filter=channel_name%3DDoubletheDonation

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dd6bb8d66c1bb0277c1276dc14abf028f9c634d592dbf8b0594d25fb6fb7590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: dZnea1tz-gqbBYTrkTmv3vdvscPqlSs1_gS8
tracestate: 423787@nr=0-1-423787-363751183-a1fb10d7842d87b3----1710195612076
traceparent: 00-ba48e970f81d6769e855a2f26b7840fb-a1fb10d7842d87b3-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJhMWZiMTBkNzg0MmQ4N2IzIiwidHIiOiJiYTQ4ZTk3MGY4MWQ2NzY5ZTg1NWEyZjI2Yjc4NDBmYiIsInRpIjoxNzEwMTk1NjEyMDc2fX0=
Accept: application/json, text/plain, */*
csrf-token: dZnea1tz-gqbBYTrkTmv3vdvscPqlSs1_gS8
Referer: https://my.americares.org/give/527690/

Response headers

date: Mon, 11 Mar 2024 22:20:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"40f-3+UDgcNJ5g10KUT1TcjFlPEvi1I"
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=TG725hB8Bxxe2eUygLyCqXYroa3oNlzDC8kVkybyIXE-1710195612-1.0.1.1-GB5W1BiA6LiJD7yosGs9B_fAHASH5a0ISqwQ3er94N7CGIBPsG_X.Or3qnXwd4QZn3VID_f8cTtAWNPCsYYOVJ9qR7WOEXY4sKbuslPqjGTHNByqJg_mvfJn_SAZPR7fZl3g2jsFwA6aDOD5xb5wk_ua2DZmfXAfvzKhvr_.lS0; report-to cf-csp-endpoint
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=TG725hB8Bxxe2eUygLyCqXYroa3oNlzDC8kVkybyIXE-1710195612-1.0.1.1-GB5W1BiA6LiJD7yosGs9B_fAHASH5a0ISqwQ3er94N7CGIBPsG_X.Or3qnXwd4QZn3VID_f8cTtAWNPCsYYOVJ9qR7WOEXY4sKbuslPqjGTHNByqJg_mvfJn_SAZPR7fZl3g2jsFwA6aDOD5xb5wk_ua2DZmfXAfvzKhvr_.lS0"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 862eee2f8d0e18b5-FRA

GET
H2 200 designations Show response
my.americares.org/frs-api/campaign/527690/ 1 KB
676 B 492ms
492ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/frs-api/campaign/527690/designations?per_page=100

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50c6a67b9d511e280ce6a13e8dfdde8211c655cf6d03eb45b455f2df014f2e1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: dZnea1tz-gqbBYTrkTmv3vdvscPqlSs1_gS8
tracestate: 423787@nr=0-1-423787-363751183-c33bccd910b5e8f9----1710195612229
traceparent: 00-44f8d55e847295bb3664741bca12922d-c33bccd910b5e8f9-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJjMzNiY2NkOTEwYjVlOGY5IiwidHIiOiI0NGY4ZDU1ZTg0NzI5NWJiMzY2NDc0MWJjYTEyOTIyZCIsInRpIjoxNzEwMTk1NjEyMjI5fX0=
Accept: application/json, text/plain, */*
csrf-token: dZnea1tz-gqbBYTrkTmv3vdvscPqlSs1_gS8
Referer: https://my.americares.org/give/527690/

Response headers

date: Mon, 11 Mar 2024 22:20:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"529-7q1Bh4E7Y3MBN7mp0/62JCTemXM"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 862eee307e3d18b5-FRA

GET
H2 200 designations Show response
my.americares.org/frs-api/campaigns/527690/ 1 KB
676 B 483ms
483ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/frs-api/campaigns/527690/designations?filter=id%3D181085

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b1f43a81eb74758bdd53016dfc5578645564bd16d083631c12d98f0de675041

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: dZnea1tz-gqbBYTrkTmv3vdvscPqlSs1_gS8
tracestate: 423787@nr=0-1-423787-363751183-de487c580e1a605d----1710195612230
traceparent: 00-7728b6b9a270c630a5a2dcfe18666f82-de487c580e1a605d-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJkZTQ4N2M1ODBlMWE2MDVkIiwidHIiOiI3NzI4YjZiOWEyNzBjNjMwYTVhMmRjZmUxODY2NmY4MiIsInRpIjoxNzEwMTk1NjEyMjMwfX0=
Accept: application/json, text/plain, */*
csrf-token: dZnea1tz-gqbBYTrkTmv3vdvscPqlSs1_gS8
Referer: https://my.americares.org/give/527690/

Response headers

date: Mon, 11 Mar 2024 22:20:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"522-pftk1U89/XsSxeDz/beAZqGveMI"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 862eee307e3e18b5-FRA

GET
H2 200 currency-conversions Show response
my.americares.org/frs-api/i18n/ 75 B
211 B 446ms
446ms XHR
application/json 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/frs-api/i18n/currency-conversions?amount=1&from=USD&to=EUR

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2f4ea788543cf0dc7e1149c87d86548511aa75fcd53412526f0969701fd5f00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN: dZnea1tz-gqbBYTrkTmv3vdvscPqlSs1_gS8
tracestate: 423787@nr=0-1-423787-363751183-55def3ba001bd793----1710195612310
traceparent: 00-97f85c508d7230a6d2a1126a570fa930-55def3ba001bd793-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI1NWRlZjNiYTAwMWJkNzkzIiwidHIiOiI5N2Y4NWM1MDhkNzIzMGE2ZDJhMTEyNmE1NzBmYTkzMCIsInRpIjoxNzEwMTk1NjEyMzEwfX0=
Accept: application/json, text/plain, */*
csrf-token: dZnea1tz-gqbBYTrkTmv3vdvscPqlSs1_gS8
Referer: https://my.americares.org/give/527690/

Response headers

date: Mon, 11 Mar 2024 22:20:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
etag: W/"4b-41zxCMqvgaxGUVIZfMrBphruMv4"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 862eee30ff0718b5-FRA

GET
H2 200 user-icon.png
my.americares.org/static/global/images/ 2 KB
2 KB 55ms
52ms Image
image/webp 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.americares.org/static/global/images/user-icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/give/527690/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 98635
cf-polished: origFmt=png, origSize=4588
content-disposition: inline; filename="user-icon.webp"
content-length: 2024
last-modified: Mon, 26 Feb 2024 21:58:44 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "65dd0994-11ec"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 862eee310f1218b5-FRA
expires: Mon, 10 Mar 2025 18:56:17 GMT

GET
H2 200 27763abc-91e0-11ed-82c8-0a1c832b3407.png
assets.classy.org/24215585/ 5 KB
6 KB 82ms
73ms Image
image/webp 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/24215585/27763abc-91e0-11ed-82c8-0a1c832b3407.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45e9b59fcd2486c88fd617281b79e2fa27a67600efbd31cc66e2da0958b3b164

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b542963649ffc3f71c6540a2347be55a.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: XFWZWjllSQ52fmP8b0jl0LGYDwLVxYgE
age: 22413
x-amz-cf-pop: FRA56-P12
cf-polished: origFmt=png, origSize=7029
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-disposition: inline; filename="27763abc-91e0-11ed-82c8-0a1c832b3407.webp"
content-length: 5532
last-modified: Wed, 11 Jan 2023 18:45:46 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "7fbc9a50831c7f95cf4d65bb5c421abc"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 862eee3119aa3603-FRA
x-amz-cf-id: gMqdDB-M-IK0JDVlw3aAN3B9JgS6nzYnZASYgK9WGJOindmnIBa7Yw==

GET
H/1.1 200
OK 4e8d558d-d158-43b1-a317-266932758ead.png
image.hello.americares.org/lib/fe2c11737164047c7c1c75/m/1/ 1 KB
1 KB 955ms
814ms Image
image/png 2a02:26f0:280:9::213:7a24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.hello.americares.org/lib/fe2c11737164047c7c1c75/m/1/4e8d558d-d158-43b1-a317-266932758ead.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:280:9::213:7a24 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2168cb44a41a5cf43ef8b6e87aee8e3b9178685755df6ad1a5c0dd4cccd52c7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 22:20:13 GMT
Last-Modified: Fri, 27 Jan 2023 17:43:47 GMT
Server: AkamaiNetStorage
ETag: "deabd0b1be3e70c4e17dca4fca1d5ab2:1674841427.00453"
Content-Type: image/png
Cache-Control: max-age=600, s-maxage=600, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1095

GET
H2 200 Artboard-%E2%80%93-4-2048x112white.png
www.americares.org/wp-content/uploads/ 2 KB
3 KB 561ms
265ms Image
image/png 34.68.9.145
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.americares.org/wp-content/uploads/Artboard-%E2%80%93-4-2048x112white.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.68.9.145 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

145.9.68.34.bc.googleusercontent.com

Software

nginx/1.25.2 /

Resource Hash

061906633f249332d25115dd606fdd22d30006b25cc45039ad67c6d2008814f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:12 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 28 Feb 2023 07:14:49 GMT
server: nginx/1.25.2
etag: "63fda9e9-9b3"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 2483
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 donate-page-footer1b-sm.png
www.americares.org/wp-content/uploads/ 3 KB
3 KB 560ms
264ms Image
image/png 34.68.9.145
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.americares.org/wp-content/uploads/donate-page-footer1b-sm.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.68.9.145 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

145.9.68.34.bc.googleusercontent.com

Software

nginx/1.25.2 /

Resource Hash

3022c8a32d41b95a1a8ed9066c3fcb396cdef772f01a6df1179db516973023f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:12 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 09 Feb 2023 18:49:41 GMT
server: nginx/1.25.2
etag: "63e54045-bda"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3034
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 donate-page-footer2b-sm.png
www.americares.org/wp-content/uploads/ 271 KB
272 KB 561ms
265ms Image
image/png 34.68.9.145
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.americares.org/wp-content/uploads/donate-page-footer2b-sm.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.68.9.145 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

145.9.68.34.bc.googleusercontent.com

Software

nginx/1.25.2 /

Resource Hash

3761950f8159320bb209f23d8f2d4cabe130bd774fec107d62a6eec6fb005bb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:12 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 09 Feb 2023 15:28:09 GMT
server: nginx/1.25.2
etag: "63e51109-43c83"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 277635
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 donate-page-footer3b-sm.png
www.americares.org/wp-content/uploads/ 3 KB
3 KB 429ms
134ms Image
image/png 34.68.9.145
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.americares.org/wp-content/uploads/donate-page-footer3b-sm.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.68.9.145 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

145.9.68.34.bc.googleusercontent.com

Software

nginx/1.25.2 /

Resource Hash

3022c8a32d41b95a1a8ed9066c3fcb396cdef772f01a6df1179db516973023f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:12 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 09 Feb 2023 18:49:31 GMT
server: nginx/1.25.2
etag: "63e5403b-bda"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3034
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK dd978b61-f7f9-41b2-9e6a-566ab1fa0d33.png
image.hello.americares.org/lib/fe2c11737164047c7c1c75/m/1/ 23 KB
23 KB 561ms
419ms Image
image/png 2a02:26f0:280:9::213:7a24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.hello.americares.org/lib/fe2c11737164047c7c1c75/m/1/dd978b61-f7f9-41b2-9e6a-566ab1fa0d33.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:280:9::213:7a24 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 22cedcbd981cbe7498e7d9f64a5ef04a3052f8826b95b3838ade989d9102240d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 22:20:12 GMT
Last-Modified: Wed, 15 Mar 2023 21:22:34 GMT
Server: AkamaiNetStorage
ETag: "72d9fdb8f8ad18b6afff74b8ef17ffbc:1678915354.901111"
Content-Type: image/png
Cache-Control: max-age=600, s-maxage=600, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23384

GET
H/1.1 200
OK eadd29f9-a01f-4b84-a2c1-149be8016a5e.png
image.hello.americares.org/lib/fe2c11737164047c7c1c75/m/1/ 10 KB
11 KB 884ms
745ms Image
image/png 2a02:26f0:280:9::213:7a24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.hello.americares.org/lib/fe2c11737164047c7c1c75/m/1/eadd29f9-a01f-4b84-a2c1-149be8016a5e.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:280:9::213:7a24 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 14699735f336f6c852f63359232ce256d1f0c20a1d430cdea3adbb55b809e520

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 22:20:13 GMT
Last-Modified: Wed, 15 Mar 2023 21:43:43 GMT
Server: AkamaiNetStorage
ETag: "dc00e903512679efec8aa9a9788074b2:1678916623.00379"
Content-Type: image/png
Cache-Control: max-age=600, s-maxage=600, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10585

GET
H2 200 6867435
widgets.guidestar.org/TransparencySeal/ 13 KB
5 KB 506ms
428ms Image
image/svg+xml 104.22.54.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.guidestar.org/TransparencySeal/6867435
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5ee4dbeb415263a1bd1ff3f3903cac7f086f10d596e250c6fb68194e284f11fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 22:20:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/svg+xml
cache-control: no-cache
cf-ray: 862eee318fee65bf-FRA
expires: -1

GET
H/1.1 200
OK 785d976d-d6e0-419c-8089-cc96d15ef577.png
image.hello.americares.org/lib/fe2c11737164047c7c1c75/m/1/ 15 KB
16 KB 529ms
386ms Image
image/png 2a02:26f0:280:9::213:7a24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.hello.americares.org/lib/fe2c11737164047c7c1c75/m/1/785d976d-d6e0-419c-8089-cc96d15ef577.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:280:9::213:7a24 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ef453c16da45d31acaaf053b4c361c28af20f85edb5037ba02d82c88cc14314b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 22:20:12 GMT
Last-Modified: Sat, 03 Feb 2024 06:38:30 GMT
Server: AkamaiNetStorage
ETag: "aca2dee6dbbd41902aed5aa1f1d3e485:1706942310.392824"
Content-Type: image/png
Cache-Control: max-age=600, s-maxage=600, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15754

GET
H2 200 cd17b4c0-866c-11ed-8ec2-0a58a9feac02.png
assets.classy.org/24215585/ 22 KB
22 KB 104ms
104ms Image
image/png 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/24215585/cd17b4c0-866c-11ed-8ec2-0a58a9feac02.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce14c9c50ec633603b6a1e130678a447128b803ec5a03f26f020ef2b8db623d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 58afb490a7c8c45de5813dbf9e713c0c.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: SWi79NcgxjYqMRE8UYaj0veWLSzzbsgw
x-amz-cf-pop: FRA56-P12
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
content-length: 22246
last-modified: Wed, 28 Dec 2022 05:02:19 GMT
server: cloudflare
etag: "c0e3fc8201856f6eee4bef44e2aa4333"
vary: Accept-Encoding
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 862eee3139c53603-FRA
x-amz-cf-id: A2TX3f61zxI0X-4jJWm52pOb4MXFD4hICd1XjFQtrAz49mVkpvxbfw==

GET
H2 200 crypto-giving-coin-bitcoin.svg
prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/images/crypto-giving/ 1 KB
1018 B 52ms
51ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/images/crypto-giving/crypto-giving-coin-bitcoin.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cf649422c31e519b480124ba4b46d71fd6b668888cb9d6aed84fdaa4b620493

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:12 GMT
x-amz-version-id: 9S9PL2t4gbXgzR9cqiY9bFk62XEuGB0r
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P1
age: 78023
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 26 Feb 2024 22:01:37 GMT
server: cloudflare
etag: W/"2861fb7a07b041686ba6360cf7908e28"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 862eee3109973603-FRA
x-amz-cf-id: nziitP_6CFYifeTjTGF29HylvfPeSoyzoM0oRlwnddSP5sgQHM4XOQ==

GET
H2 200 crypto-giving-coin-ethereum.svg
prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/images/crypto-giving/ 545 B
507 B 46ms
45ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/images/crypto-giving/crypto-giving-coin-ethereum.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ce16945b50c0161739c74c68b6c9ff3c897a8bdf2e3bb64853f86dd43ee7c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:12 GMT
x-amz-version-id: 28ZUJ8_Y3FjF8WYl8aFED76CT2IUgFZH
via: 1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P1
age: 78023
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 26 Feb 2024 22:01:37 GMT
server: cloudflare
etag: W/"c8896ba26efa2a5d9aa1659b4aef1f00"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 862eee3109993603-FRA
x-amz-cf-id: m8ZI3N0n9CdbkHh2iJM27PYkv9vF_m4pFjA6mS7VHKOc4weBdFt0KA==

GET
H2 200 crypto-giving-coin-usdc.svg
prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/images/crypto-giving/ 2 KB
1 KB 52ms
52ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/images/crypto-giving/crypto-giving-coin-usdc.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f489b11ac44efc0a827c33ce148de36e37030002176e09c2a3bdaf9efdcff3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:12 GMT
x-amz-version-id: B1nfzjSw5UUmO0meGUw9cVFwlqbsZdlq
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P1
age: 77330
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 26 Feb 2024 22:01:37 GMT
server: cloudflare
etag: W/"120e9a5c0d8ae8e313213cbb2284cafe"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 862eee31099a3603-FRA
x-amz-cf-id: oJQTNAzOyP4XxjeMQGflV_FA-qlovENbRdrM95Y8J0FUQFh_zzBq4Q==

GET
H2 200 crypto-giving-arrows.svg
prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/images/crypto-giving/ 453 B
1 KB 45ms
44ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/images/crypto-giving/crypto-giving-arrows.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3d0f31cdbd4af414bab8b29ecf3e33dfe3bf69692bb229cba2b1a146cf79ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:12 GMT
x-amz-version-id: JiKUIGjok2JTUp4EtIdhw2ICK.sib.R4
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P1
age: 78023
x-amz-server-side-encryption: AES256
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=0fJXEjEBsLNGnwFzYoyrnfGZRtbIyNnd3MN6O1Fsnck-1710195612-1.0.1.1-fd1XCd9d4yhXMZjzFPZ3In2KSJFmxKjw61rDwIchEAlvH6Np7gvNf6M5LvK8dljtnb6TVvHhuMgOOAlK6.Iog5ZJjbotmssSig6tL1fLAR4zXyOzKa70oCUy3d1ITNwOaoj9sGKfctfaJEMK3hvzyF3tKKyLc6BaQYR9uk0Sdy0; report-to cf-csp-endpoint
x-cache: Hit from cloudfront
last-modified: Mon, 26 Feb 2024 22:01:37 GMT
server: cloudflare
etag: W/"332ba480e7dc5a9687ededc7c4333e80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=0fJXEjEBsLNGnwFzYoyrnfGZRtbIyNnd3MN6O1Fsnck-1710195612-1.0.1.1-fd1XCd9d4yhXMZjzFPZ3In2KSJFmxKjw61rDwIchEAlvH6Np7gvNf6M5LvK8dljtnb6TVvHhuMgOOAlK6.Iog5ZJjbotmssSig6tL1fLAR4zXyOzKa70oCUy3d1ITNwOaoj9sGKfctfaJEMK3hvzyF3tKKyLc6BaQYR9uk0Sdy0"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 862eee31099b3603-FRA
x-amz-cf-id: kFgy4DAXwsD6SIOOgie-w040uSi80xEhQ5R7IM8zAvSuseAecElIrw==

GET
H2 200 2bac2a5e-a0ab-11ed-9f4f-0ed900daea43.png
assets.classy.org/7412683/ 50 KB
50 KB 80ms
79ms Image
image/png 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/7412683/2bac2a5e-a0ab-11ed-9f4f-0ed900daea43.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdec3488628c8e03a89788c80a01f1eaeb9add7e6c911f970c01960ea640c62f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8c1c3a8ed856f5c19ce3b4158bff94a8.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: u9Mu_K9A.ykMlHvEnwb0g7VP5ydJZacM
x-amz-cf-pop: FRA56-P12
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 51167
last-modified: Mon, 30 Jan 2023 14:34:17 GMT
server: cloudflare
etag: "a01ceaf6fcd93718be756e08c33636f0"
vary: Accept-Encoding
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 862eee3139c63603-FRA
x-amz-cf-id: EhZMNu2y5jp0QhIPdchkrhYb_Mwfr6H7BY9qW6dqE-ZfNIiiQ3LxLQ==

GET
H2 200 31165e9c-a0ab-11ed-b67f-0a70ce78b5ed.png
assets.classy.org/7412683/ 45 KB
45 KB 69ms
68ms Image
image/png 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/7412683/31165e9c-a0ab-11ed-b67f-0a70ce78b5ed.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44c3e3e2f41238711b2089cb691786453d450c389a271068690ee0ef654a08f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8d70d51432f10e2eca684af448a5f99e.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: qlNdQxYrgVUOQ5yZBZPxYl7fqng4sfmo
x-amz-cf-pop: FRA56-P12
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 46147
last-modified: Mon, 30 Jan 2023 14:34:26 GMT
server: cloudflare
etag: "653267ced53f9a7b55e2851dc70e90e9"
vary: Accept-Encoding
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 862eee31ba633603-FRA
x-amz-cf-id: vSsnLGDFYN3808cvqL9nFIijJt3MZVfoBiO89mzECKA5jgtQClwpuQ==

GET
H2 200 37e7fac8-a0ab-11ed-9708-0a58a9feac02.png
assets.classy.org/7412683/ 42 KB
42 KB 63ms
63ms Image
image/png 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/7412683/37e7fac8-a0ab-11ed-9708-0a58a9feac02.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98fc3ccf8d2281982134cca54f9f58bf129e135eb60470633271e1c86aac12c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 044b6ab929e12b48b2113c346ddcec30.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: Kiw59BrWDeocqpmIjlo_BoXcd7oVprfV
x-amz-cf-pop: FRA56-P12
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 42539
last-modified: Mon, 30 Jan 2023 14:34:37 GMT
server: cloudflare
etag: "30907fec3ac57d49f49b012b6ba6844f"
vary: Accept-Encoding
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 862eee31da833603-FRA
x-amz-cf-id: TXQakstWtHTPViJtclYJRY-lFcqvhrfFBmp4U62tQUAsFNB1q8IT1Q==

GET
H2 200 8523a588-a0ad-11ed-9930-0e27e020f08b.png
assets.classy.org/7412683/ 121 KB
121 KB 77ms
76ms Image
image/png 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.classy.org/7412683/8523a588-a0ad-11ed-9930-0e27e020f08b.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9ea176aae876360c1933a6dde1400b0554961ab8eb7331e5939b5e1a3c30e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8a7cd2920ac4cbceb2a8f9a130562a4c.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-version-id: v3oLYufLUlOb2z0i22SZDyUGw6vS0_5s
x-amz-cf-pop: FRA56-P12
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 123624
last-modified: Mon, 30 Jan 2023 14:51:06 GMT
server: cloudflare
etag: "5a51a1f10cff006f3765faed5497db9f"
vary: Accept-Encoding
content-type: image/png
cache-control: public,max-age=31536000
accept-ranges: bytes
cf-ray: 862eee3139c33603-FRA
x-amz-cf-id: dWkaDj5W6E8kA1Qn1sp2NA8gW43ytDZnwtBT44U7BN-AbTWGkAFxqg==

GET
H2 200 amca-tapestrybg-grey.jpg
www.americares.org/wp-content/uploads/ 62 KB
62 KB 520ms
398ms Image
image/jpeg 34.68.9.145
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.americares.org/wp-content/uploads/amca-tapestrybg-grey.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.68.9.145 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

145.9.68.34.bc.googleusercontent.com

Software

nginx/1.25.2 /

Resource Hash

7df2f591cb5998cbf6e24dcb7489cb13cfc5303bb30716bd4e9c7eeda053ea10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:12 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 25 Feb 2022 16:29:27 GMT
server: nginx/1.25.2
etag: "621903e7-f77f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 63359
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ClassyIcons.woff
prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/fonts/ 42 KB
43 KB 91ms
42ms Font
application/x-font-woff 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/fonts/ClassyIcons.woff

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d917abfaa0f30f974778481aa03a81efbe439f4b379ae1d9c4b91d462f2c1064

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/frs/main.css
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:12 GMT
x-amz-version-id: uDW5ahJqoiGrmGVkww8GaXKkX0auG8Rt
via: 1.1 965181b6d91907befd5a0165af38daf0.cloudfront.net (CloudFront)
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P10
age: 10684
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 43184
last-modified: Mon, 26 Feb 2024 22:01:37 GMT
server: cloudflare
etag: "d9e1c3869cbc736ad91800ec9427f5d7"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: max-age=86400
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
cf-ray: 862eee316b52903c-FRA
x-amz-cf-id: D4CZSGTnVUaHVnVGaxbS5Axz3LozagUDQV_IzCmYlnCV5-JN-z-Kzg==

GET
H2 200 fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/fonts/ 65 KB
66 KB 99ms
50ms Font
binary/octet-stream 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/frs/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/frs/main.css
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:12 GMT
x-amz-version-id: EtmuhTQE2Z2ofepA2IEIXY_YXR5.tKRS
via: 1.1 432282689bafd802e8ec9636c256a3b0.cloudfront.net (CloudFront)
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS58-P1
age: 17477
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 66624
last-modified: Mon, 26 Feb 2024 22:01:37 GMT
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
cf-ray: 862eee316b53903c-FRA
x-amz-cf-id: fyLcuXASiDJRCTt5I_nt71NgC44WkEamBeHcCa-hcETG9AUqp6a18g==

POST
H2 204 rum Show response
my.americares.org/cdn-cgi/ 0
60 B 26ms
26ms XHR
text/plain 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/cdn-cgi/rum?

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-fa7fa6a2d1bdd4c2----1710195612346
traceparent: 00-b71e0bbc75060df92b13e04a2939fcce-fa7fa6a2d1bdd4c2-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJmYTdmYTZhMmQxYmRkNGMyIiwidHIiOiJiNzFlMGJiYzc1MDYwZGY5MmIxM2UwNGEyOTM5ZmNjZSIsInRpIjoxNzEwMTk1NjEyMzQ2fX0=
content-type: application/json
Referer: https://my.americares.org/give/527690/

Response headers

date: Mon, 11 Mar 2024 22:20:12 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://my.americares.org
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 862eee313f3318b5-FRA

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame FE51 526 B
473 B 24ms
24ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 11 Mar 2024 22:20:12 GMT
via: 1.1 varnish
age: 3607242
x-cache: HIT
content-length: 315
x-request-id: f31f4159-5502-48e9-9462-9b670f95d742
x-served-by: cache-fra-etou8220071-FRA
last-modified: Fri, 11 Nov 2022 20:25:36 GMT
server: Fastly
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 498460

GET
H2 200 controller-ed6b13f72106b486064dabd723a34e01.html Show response
js.stripe.com/v3/ Frame B49F 325 B
886 B 25ms
25ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-ed6b13f72106b486064dabd723a34e01.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

daf6c010e1371f312df60aa5b9041f2571f0b0f32be661fe8546f7f8772966cd

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.americares.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 39
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 190
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 11 Mar 2024 22:20:12 GMT
etag: "ed6b13f72106b486064dabd723a34e01"
last-modified: Mon, 11 Mar 2024 20:05:03 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 21
x-content-type-options: nosniff
x-request-id: e50d61f1-a2f6-4d9a-a707-ab6deafe7eb6
x-served-by: cache-fra-etou8220071-FRA

GET
H2 200 payment-request-inner-google-pay-efad77a536f50b02df7c64c17ae993e5.html Show response
js.stripe.com/v3/ Frame 189B 408 B
965 B 25ms
24ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-efad77a536f50b02df7c64c17ae993e5.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

71afb008c8b3406257f101d95a4f69b97e6a331a293a5ed4ddcdd6501ffdc4ee

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.americares.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 7932
cache-control: max-age=31536000
content-encoding: br
content-length: 221
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 11 Mar 2024 22:20:12 GMT
etag: "efad77a536f50b02df7c64c17ae993e5"
last-modified: Mon, 11 Mar 2024 20:05:17 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 71
x-content-type-options: nosniff
x-request-id: 9f20dcce-cb9c-487a-bef3-7d848427ecd3
x-served-by: cache-fra-etou8220071-FRA

GET
H2 200 payment-request-inner-browser-cdc0f8f66398c4206aea80d732b2ebe5.html Show response
js.stripe.com/v3/ Frame 5DA7 344 B
1 KB 24ms
24ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-cdc0f8f66398c4206aea80d732b2ebe5.html

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3294667fb626223067e6245c0826ce87efac71b478c53798cceb81f55d85f88a

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.americares.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 37
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 202
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 11 Mar 2024 22:20:12 GMT
etag: "cdc0f8f66398c4206aea80d732b2ebe5"
last-modified: Mon, 11 Mar 2024 20:05:17 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: 3d47addb-08cb-4e2c-9d0f-a065c5207078
x-served-by: cache-fra-etou8220071-FRA

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 82ms
32ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20b8f82923f15420d50977d8efde324e462ddde5affcdfafa9ac126660838127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Mar 2024 22:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 22:20:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Mar 2024 22:20:12 GMT

GET
H2 200 shared-2f29bbf0a97dd10e59083fe4a34abcda.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B49F 538 KB
131 KB 24ms
23ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-2f29bbf0a97dd10e59083fe4a34abcda.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-ed6b13f72106b486064dabd723a34e01.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

00a29bda2b26174ec4d6181a9341f76fc37ea2d0245f5c760f032c109e917cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-ed6b13f72106b486064dabd723a34e01.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 11 Mar 2024 22:20:12 GMT
via: 1.1 varnish
age: 8022
x-cache: HIT
content-length: 133552
x-request-id: 81fc477d-e774-497e-9a28-3470e18457e8
x-served-by: cache-fra-etou8220071-FRA
last-modified: Mon, 11 Mar 2024 20:05:16 GMT
server: Fastly
etag: "59c93107e96e9c6fb44ae18e319303ad"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1719

GET
H2 200 controller-eb2d34a94a7bc3e7866b6b2ce9053481.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B49F 703 KB
184 KB 26ms
26ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-eb2d34a94a7bc3e7866b6b2ce9053481.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-ed6b13f72106b486064dabd723a34e01.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e248a69e9e24cbf5258c27257fb132fbbae4a85d58d9f46c718c22d56f30f6bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-ed6b13f72106b486064dabd723a34e01.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 11 Mar 2024 22:20:12 GMT
via: 1.1 varnish
age: 8022
x-cache: HIT
content-length: 188578
x-request-id: 2b0842b2-85b7-4b67-a0bd-b0183aecd88b
x-served-by: cache-fra-etou8220071-FRA
last-modified: Mon, 11 Mar 2024 20:05:14 GMT
server: Fastly
etag: "fc3d4f0d7a2d0dd9389f84f945b5f134"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1747

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 189B 118 KB
36 KB 157ms
79ms Script
application/javascript 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-efad77a536f50b02df7c64c17ae993e5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

67a60e8d0877049f837dff6121f5db7d5799af3ee03bf0f8b77dd491904c5c52

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4bvxLZaFpxCnxJTcc0sHVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:12 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-4bvxLZaFpxCnxJTcc0sHVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjKtDikmJw0pBiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-ZBN88Z3r35SUTz9eXTBJArAHE2308WMR8prMejp7OyrduOqsKEOuun84aCsRO6TNYg4DYp34GawwQC_FwzGnft55N4MLCgz1MAOvHMMo"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 11 Mar 2024 22:20:12 GMT

GET
H2 200 shared-2f29bbf0a97dd10e59083fe4a34abcda.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 189B 538 KB
131 KB 70ms
69ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-2f29bbf0a97dd10e59083fe4a34abcda.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-efad77a536f50b02df7c64c17ae993e5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

00a29bda2b26174ec4d6181a9341f76fc37ea2d0245f5c760f032c109e917cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-efad77a536f50b02df7c64c17ae993e5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 11 Mar 2024 22:20:12 GMT
via: 1.1 varnish
age: 8022
x-cache: HIT
content-length: 133552
x-request-id: ec709094-bbe1-4365-bd59-e5db3aa405bc
x-served-by: cache-fra-etou8220071-FRA
last-modified: Mon, 11 Mar 2024 20:05:16 GMT
server: Fastly
etag: "59c93107e96e9c6fb44ae18e319303ad"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1720

GET
H2 200 payment-request-inner-google-pay-c83e5fd7cbd25a878b3ffc70ebb53333.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 189B 12 KB
5 KB 27ms
26ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-c83e5fd7cbd25a878b3ffc70ebb53333.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-efad77a536f50b02df7c64c17ae993e5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

06e9cfa1e2fb5b8269f55ebb7dc5ced06737bc1e3faec047ca535265a9d7ac85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-efad77a536f50b02df7c64c17ae993e5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 11 Mar 2024 22:20:12 GMT
via: 1.1 varnish
age: 954558
x-cache: HIT
content-length: 5124
x-request-id: a7756d34-a22e-4688-8d72-cb2292187fd0
x-served-by: cache-fra-etou8220071-FRA
last-modified: Thu, 29 Feb 2024 21:07:03 GMT
server: Fastly
etag: "7946a1d9a17729b6659d22b18a313c0e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8085

GET
H2 200 shared-2f29bbf0a97dd10e59083fe4a34abcda.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5DA7 538 KB
131 KB 68ms
67ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-2f29bbf0a97dd10e59083fe4a34abcda.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-cdc0f8f66398c4206aea80d732b2ebe5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

00a29bda2b26174ec4d6181a9341f76fc37ea2d0245f5c760f032c109e917cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-cdc0f8f66398c4206aea80d732b2ebe5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 11 Mar 2024 22:20:12 GMT
via: 1.1 varnish
age: 8022
x-cache: HIT
content-length: 133552
x-request-id: 62cc4739-dc07-4981-a70e-a9f31b53cf91
x-served-by: cache-fra-etou8220071-FRA
last-modified: Mon, 11 Mar 2024 20:05:16 GMT
server: Fastly
etag: "59c93107e96e9c6fb44ae18e319303ad"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1721

GET
H2 200 payment-request-inner-browser-792795e2c4e2210721d96228540c4e06.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5DA7 13 KB
6 KB 68ms
68ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-792795e2c4e2210721d96228540c4e06.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-cdc0f8f66398c4206aea80d732b2ebe5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fedfc64728beee4dcdf576abb2dd3c44b462afc3b5db8c53704629a1ee6dd14c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-cdc0f8f66398c4206aea80d732b2ebe5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 11 Mar 2024 22:20:12 GMT
via: 1.1 varnish
age: 1518196
x-cache: HIT
content-length: 5631
x-request-id: f0beb9c9-58c5-4cce-9efb-7ee2e2feee12
x-served-by: cache-fra-etou8220071-FRA
last-modified: Fri, 09 Feb 2024 18:11:55 GMT
server: Fastly
etag: "32dba56f50e599b5cc53a055305f8c45"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 22355

GET
H2 200 status Show response
my.americares.org/sso/ 88 B
1 KB 459ms
459ms XHR
application/javascript 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my.americares.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery3610542616836132493_1710195611518&_=1710195611519

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e69b051cedffbcc5fd9ecb6af9cd7c051f2fbaac436a635fd44b43ce6cb22074

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.classy.org;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: UAQEVl5UGwAGV1ZQBgMEVg==
tracestate: 423787@nr=0-1-423787-363751183-cc647c428231e31c----1710195612451
traceparent: 00-58fed3603b28e16d07a0cacd01251817-cc647c428231e31c-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJjYzY0N2M0MjgyMzFlMzFjIiwidHIiOiI1OGZlZDM2MDNiMjhlMTZkMDdhMGNhY2QwMTI1MTgxNyIsInRpIjoxNzEwMTk1NjEyNDUxfX0=
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://my.americares.org/give/527690/
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 11 Mar 2024 22:20:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
content-security-policy: frame-ancestors 'self' https://*.classy.org;
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
p3p: CP="Classy does not have a P3P policy."
cache-control: no-cache, private
cf-ray: 862eee31dfcc18b5-FRA
x-xss-protection: 1; mode=block

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 44A6 930 B
1 KB 70ms
52ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 22
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 11 Mar 2024 22:20:12 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 10
x-content-type-options: nosniff
x-request-id: 59c7382b-ba49-4d06-8d30-82d8347394c0
x-served-by: cache-fra-etou8220071-FRA
x-timer: S1710195612.491183,VS0,VE0

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/704f0391/www-widgetapi.vflset/ 215 KB
67 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/704f0391/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0852e94fe6a7d02738190b5293e8cb93157b5790fb42df40532e2ee58f8a2e8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 07:20:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53972
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68207
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 04:21:44 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Mar 2025 07:20:40 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
29 KB 99ms
47ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:54:32 GMT
x-content-type-options: nosniff
age: 5140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Mar 2025 20:54:32 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
29 KB 126ms
75ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:54:32 GMT
x-content-type-options: nosniff
age: 5140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Mar 2025 20:54:32 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
30 KB 73ms
23ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:54:32 GMT
x-content-type-options: nosniff
age: 5140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Mar 2025 20:54:32 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
29 KB 105ms
60ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:54:32 GMT
x-content-type-options: nosniff
age: 5140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Mar 2025 20:54:32 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/ 32 KB
32 KB 134ms
97ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:52:43 GMT
x-content-type-options: nosniff
age: 566849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32492
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:20:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 08:52:43 GMT

GET
H2 200 1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/ 32 KB
32 KB 127ms
91ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:52:43 GMT
x-content-type-options: nosniff
age: 566849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32492
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:20:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 08:52:43 GMT

GET
H2 200 1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 29 KB
29 KB 119ms
83ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://my.americares.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:54:32 GMT
x-content-type-options: nosniff
age: 5140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30096
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:18:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Mar 2025 20:54:32 GMT

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 44A6 87 KB
15 KB 55ms
55ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Mon, 11 Mar 2024 22:20:12 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 189
x-cache: HIT
content-length: 15509
x-request-id: a99658cc-91f0-4114-a25f-903323009ae1
x-served-by: cache-fra-etou8220071-FRA
server: Fastly
x-timer: S1710195613.551823,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 75

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame B49F 474 B
374 B 87ms
27ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2f29bbf0a97dd10e59083fe4a34abcda.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5e05d6875025ae160951988d1dbe109a254794f158b1210a8311bdc7070b91e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-ed6b13f72106b486064dabd723a34e01.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 11 Mar 2024 22:20:12 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 61
x-cache: HIT
content-length: 297
x-request-id: 3585720a-ff6d-4aae-b1c1-bc6392d206e0
x-served-by: cache-fra-etou8220096-FRA
last-modified: Mon, 11 Mar 2024 20:42:57 GMT
server: Fastly
etag: "5f41bcd011468561b95d7615b20047b9"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame B49F 474 B
614 B 73ms
26ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2f29bbf0a97dd10e59083fe4a34abcda.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5e05d6875025ae160951988d1dbe109a254794f158b1210a8311bdc7070b91e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-ed6b13f72106b486064dabd723a34e01.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 11 Mar 2024 22:20:12 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 60
x-cache: HIT
content-length: 297
x-request-id: 8d285f9a-b8a2-4d97-8860-3e63bd1f54b9
x-served-by: cache-fra-etou8220096-FRA
last-modified: Mon, 11 Mar 2024 20:42:57 GMT
server: Fastly
etag: "5f41bcd011468561b95d7615b20047b9"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 20

POST
H2 200 6 Show response
m.stripe.com/ Frame 44A6 156 B
669 B 611ms
200ms XHR
application/json 44.237.151.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.151.236 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-151-236.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

84e81aec5461ce73b51eadfae834360cb6119de01eb35fff94b9abeef25f0a4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 11 Mar 2024 22:20:13 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1710195613315046
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1710195613314731
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 382D 19 KB
8 KB 79ms
78ms Document
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

756f51059d3e1611ac2b7f5cc0518042e643e43a6a2a2903a20cb341c44bfbcf

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-2mKtVKPWRlX7XAU1E_b1gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-2mKtVKPWRlX7XAU1E_b1gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Mon, 11 Mar 2024 22:20:12 GMT
expires: Mon, 11 Mar 2024 22:20:12 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjKtDikmJw0pBiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-ZBN88Z3r35SUTz9eXTBJArAHE2308WMR8prMejp7OyrduOqsKEOuun84aCsRO6TNYg4DYp34GawwQC_FwzGnft55N4MP5p0uZAe2-MVY"
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 b Show response
r.stripe.com/ Frame B49F 0
274 B 625ms
207ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2f29bbf0a97dd10e59083fe4a34abcda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 11 Mar 2024 22:20:13 GMT
x-stripe-server-envoy-start-time-us: 1710195613371268
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1710195613370720
access-control-allow-credentials: true
content-length: 0

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame B49F 2 KB
3 KB 362ms
244ms Fetch
application/json 198.202.176.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2f29bbf0a97dd10e59083fe4a34abcda.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.202.176.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

40c1b4a27cabf201617647745875f150fd375855ee62d78a2958eeb2c9c54758

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 11 Mar 2024 22:20:13 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 2536
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report
expires: 0

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.aqX7pkxgOnY.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 382D 160 KB
57 KB 77ms
24ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.aqX7pkxgOnY.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhKyIL4arCjTfnkGMbuWONEQTvXqw/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29142282807f543b36899836ab87938c76744364bfa1888bdbadff146330a196

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 20:33:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57824
x-xss-protection: 0
last-modified: Fri, 08 Mar 2024 02:34:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Mar 2025 20:33:51 GMT

GET
H2 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.aqX7pkxgOnY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ekWB2n... Frame 382D 75 KB
27 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.aqX7pkxgOnY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ekWB2nw5o-4.L.B1.O/am=gEEy/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhl8XGQSkBsMrzECWGPn78xLLseVA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.aqX7pkxgOnY.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhKyIL4arCjTfnkGMbuWONEQTvXqw/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26262bf301b196a97779adbdea9ca974c356801ae712d5864b5bb0d6a90b775b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 20:34:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27547
x-xss-protection: 0
last-modified: Wed, 06 Mar 2024 04:06:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Mar 2025 20:34:07 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 382D 1 MB
377 KB 86ms
85ms XHR
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb68a7b4811b093e47d043350699830020da387c0156ed3f1359b43de75a7a9e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-wFVwDhGO5Qdkpp0HaZK8Rw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:13 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-wFVwDhGO5Qdkpp0HaZK8Rw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjKtDikmJw0pBiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-ZBN88Z3r35SUTz9eXTBJArAHE2308WMR8prMejp7OyrduOqsKEOuun84aCsRO6TNYg4DYp34GawwQC3FzzG3ft55N4MbOC0kAu1cwzQ"
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 11 Mar 2024 22:20:13 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.aqX7pkxgOnY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ekWB2n... Frame 382D 10 KB
4 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.aqX7pkxgOnY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ekWB2nw5o-4.L.B1.O/am=gEEy/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhl8XGQSkBsMrzECWGPn78xLLseVA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdfda2d14f2de164f14d95ad0b9b0fd5effbf51850fffd4bb3ee8e01674cf292

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 20:34:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4170
x-xss-protection: 0
last-modified: Wed, 06 Mar 2024 04:06:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Mar 2025 20:34:07 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.aqX7pkxgOnY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ekWB2n... Frame 382D 37 KB
14 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.aqX7pkxgOnY.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ekWB2nw5o-4.L.B1.O/am=gEEy/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhl8XGQSkBsMrzECWGPn78xLLseVA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9b31c557888de5a5ba74cab90820cfb4118a541f29a322e21bfd2e84fbfc436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 20:34:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14259
x-xss-protection: 0
last-modified: Wed, 06 Mar 2024 04:06:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Mar 2025 20:34:07 GMT

POST
H3 200 log Show response
play.google.com/ Frame 382D 131 B
155 B 126ms
74ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 11 Mar 2024 22:20:13 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Mar 2024 22:20:13 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 107ms
49ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 11 Mar 2024 22:20:13 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 382D 131 B
155 B 124ms
73ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 11 Mar 2024 22:20:13 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Mar 2024 22:20:13 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 106ms
50ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 11 Mar 2024 22:20:13 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 382D 131 B
155 B 122ms
73ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 11 Mar 2024 22:20:13 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Mar 2024 22:20:13 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 105ms
50ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 11 Mar 2024 22:20:13 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 382D 131 B
155 B 125ms
74ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 11 Mar 2024 22:20:13 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Mar 2024 22:20:13 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 101ms
49ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 11 Mar 2024 22:20:13 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 382D 131 B
155 B 125ms
73ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 11 Mar 2024 22:20:13 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Mar 2024 22:20:13 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 99ms
48ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 11 Mar 2024 22:20:13 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 382D 131 B
155 B 122ms
72ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 11 Mar 2024 22:20:13 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Mar 2024 22:20:13 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 95ms
50ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 11 Mar 2024 22:20:13 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 b Show response
r.stripe.com/ Frame B49F 0
274 B 486ms
406ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2f29bbf0a97dd10e59083fe4a34abcda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 11 Mar 2024 22:20:13 GMT
x-stripe-server-envoy-start-time-us: 1710195613571770
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1710195613571416
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame B49F 0
274 B 436ms
408ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2f29bbf0a97dd10e59083fe4a34abcda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 11 Mar 2024 22:20:13 GMT
x-stripe-server-envoy-start-time-us: 1710195613571793
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1710195613571514
access-control-allow-credentials: true
content-length: 0

GET
H2 200 GooglePay-logo.svg
my.americares.org/static/global/images/digitalWallets/ 3 KB
2 KB 61ms
60ms Image
image/svg+xml 2606:4700::6812:7c49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.americares.org/static/global/images/digitalWallets/GooglePay-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.americares.org/give/527690/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 22:20:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 26 Feb 2024 21:58:44 GMT
server: cloudflare
age: 5456
etag: W/"65dd0994-b41"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 862eee36ccf718b5-FRA
expires: Tue, 11 Mar 2025 20:49:17 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 44A6 156 B
667 B 203ms
202ms XHR
application/json 44.237.151.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.151.236 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-151-236.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

84e81aec5461ce73b51eadfae834360cb6119de01eb35fff94b9abeef25f0a4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 11 Mar 2024 22:20:13 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1710195613530129
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1710195613529677
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame 44A6 156 B
668 B 253ms
253ms XHR
application/json 44.237.151.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.151.236 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-151-236.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

84e81aec5461ce73b51eadfae834360cb6119de01eb35fff94b9abeef25f0a4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 11 Mar 2024 22:20:13 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1710195613580306
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1710195613579818
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 b Show response
r.stripe.com/ Frame B49F 0
274 B 209ms
208ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2f29bbf0a97dd10e59083fe4a34abcda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 11 Mar 2024 22:20:13 GMT
x-stripe-server-envoy-start-time-us: 1710195613954579
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1710195613954079
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame B49F 0
274 B 208ms
208ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2f29bbf0a97dd10e59083fe4a34abcda.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 11 Mar 2024 22:20:14 GMT
x-stripe-server-envoy-start-time-us: 1710195614347014
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1710195614346290
access-control-allow-credentials: true
content-length: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame 44A6 156 B
668 B 216ms
215ms XHR
application/json 44.237.151.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.151.236 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-151-236.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

84e81aec5461ce73b51eadfae834360cb6119de01eb35fff94b9abeef25f0a4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 11 Mar 2024 22:20:16 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1710195616329408
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1710195616328906
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
my.americares.org/	1970-01-21 04:39:15	Name: connect.sid Value: s%3AH8gSXyBtLTigpnpakqBd8xE69c9KXzSV.5niNFkY%2BDw4PGVwK7rKGqy6hXbzRksAhlB%2FDVYfu9HM
.my.americares.org/	1970-01-20 19:03:17	Name: __cf_bm Value: SfSLFWcuPUi7xEZxA.F9rLkNBYA8SBzWlEtpviIQdJw-1710195610-1.0.1.1-nkr_hspBRvGAlNcYAmmj6Tl2t00M0MLoBzfs2FY1zAipHVJn497Hs3W.ZZF.Xu9dCUAKp05ehHHfuMmUoUsghg
.my.americares.org/	1969-12-31 23:59:59	Name: __cfruid Value: 0209524be141f02cbbc8b75708bc5aa7a650c0bf-1710195610
.my.americares.org/	1969-12-31 23:59:59	Name: _cfuvid Value: q0RVdcPEgg6GOPvSnnkSo7aqVgCIWtqKtZc0KFCCEOQ-1710195610323-0.0.1.1-604800000
.classy.org/	1970-01-20 19:03:17	Name: __cf_bm Value: LT46oWLvzCR4nCsnFNuoGPOJ0Bvg2gSH5ZIX247Mni0-1710195610-1.0.1.1-hT1_r4ei0D6zXizHBHgf8c5KSro7M1wngk4.I0TsNHhhJ3cS8TMLmEqyBTtfEe78pDDb_KehGDZ12Yzw1wP0cQ
.classy.org/	1969-12-31 23:59:59	Name: _cfuvid Value: zsK_sWGJwDVa2F94oLOE0_1nLBXw_IV03qNdwaaRdi8-1710195610611-0.0.1.1-604800000
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: a1u3f3c6fko
.youtube.com/	1970-01-20 23:22:27	Name: VISITOR_INFO1_LIVE Value: zy8jsMiT4uM
.youtube.com/	1970-01-20 23:22:27	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgMA%3D%3D
my.americares.org/	1969-12-31 23:59:59	Name: CSRF-TOKEN Value: AWtTn9TJ-aI7jtGjHhrCxHC39WpR_4F8XGFI
widgets.guidestar.org/	1970-01-20 19:13:20	Name: AWSALBCORS Value: 0RBoKRfSnAdCLPFsov5lXCYLxgE275V/36/PxN1b3zYOjCYlOUKliLTlwcTKcghauswLpFlcp3SFkYF7oFM7E0aXpZmXKBvZ+LeJWXz7VUD0inOVs6jg0qBL483d
my.americares.org/	1970-01-20 19:03:16	Name: XSRF-TOKEN Value: eyJpdiI6Im5vRkhuaHFyZHc2cWlVSjVNWTFXNnc9PSIsInZhbHVlIjoiaG1ZQ3EyZFJsTCsrS0lCQjBYK2w4eVhoclpJKzhyd292UmRIYlVpSnVLdjFDeUpWR2JwVndaanF0Z0dJZTE5ZytvMWN5OXdsS2s1eVBCRjhKSjlDSzRnUDhsSW5PVGRMSzd3UlRRVVRWT3oyTmxxb2dDcTBkQWJmS3poNUEvaEoiLCJtYWMiOiJkOWMwYTUxNjlmNDg1MWU4ZjFiZTNkZDMzOWRmY2I4ZTZkNTFhMDUxZjkzZjA4YWQ4NWRhY2IxZTMwMjU1ZmQ2IiwidGFnIjoiIn0%3D
my.americares.org/	1969-12-31 23:59:59	Name: sid Value: eyJpdiI6IlRtSDhuTzJOWUF1M0hMckdyZEQySUE9PSIsInZhbHVlIjoiVmRGa2hBUFlYREdLSnBEbzQxbzhrRzVtbEd4T1BMWGRJU25XTjNQVkRwWEhXSm4rVzROU3ZUWFlJcjRXWWFxMGdNRmRHSlU3OGVGQ2JzYTVvL09tT0pxUER6NlpEeWZhRmV2N1ppRHZUTllqMkM3TU1ha3hlNHJnSmUweGExMlYiLCJtYWMiOiI0NDZiNjI0YmE2NTY0Y2QwZjc1ZDA1NDcwMjlhNTU0YjdkMzRkN2FmMTMwZDRjNjQzMzg3NjkwMGQwYjZlYWRiIiwidGFnIjoiIn0%3D
www.americares.org/	1970-01-20 19:04:42	Name: _uid Value: CgEAJGXvg5yxkQB6DNLkAg==
.google.com/	1970-01-20 23:26:46	Name: NID Value: 512=OcfOh_uTQZSr-hOiZVe_NWaZ9YriaQM5lyKRiHV5H6Gsb30EsLUOsxM8EVx0bNVWou0_bLoO39Jn2jF6v35zHG9-X3ZYkfmoSyGkVbBsTaUkWZcECnhUniNODpUhdomcsL2kDLMUW4UFVRrtRWzSBVrEMvMz8erveUtOsNrIG7Y
m.stripe.com/	1970-01-21 04:39:15	Name: m Value: 48416067-ea2f-4c78-bee4-f074cc3f6b8eff0085
.my.americares.org/	1970-01-21 03:48:51	Name: __stripe_mid Value: d3508f42-de25-445a-a0bd-01204788f926d03fcd
.my.americares.org/	1970-01-20 19:03:17	Name: __stripe_sid Value: 8f699ec9-4541-4b9d-bd47-18fa0495a71af64971

58 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl&amount=125 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl&amount=125 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://files.doublethedonation.com/fontello/css/fontello.css Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl&amount=125 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl&amount=125 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl&amount=125 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl&amount=125 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl&amount=125 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl&amount=125 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://my.americares.org/give/527690/#!/donation/checkout?amount=125&utm_medium=email&utm_campaign=24_march_gaza_4&c_src=DI24J3U3&c_src2=jtk1395-fr-fl Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.classy.org
cdn.plaid.com
cdn.transcend.io
click.hello.americares.org
code.jquery.com
files.doublethedonation.com
fonts.googleapis.com
fonts.gstatic.com
htp.tokenex.com
image.hello.americares.org
js.stripe.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
my.americares.org
pay.google.com
play.google.com
prod-frs.content.classy.org
r.stripe.com
static.cloudflareinsights.com
unpkg.com
widgets.guidestar.org
www.americares.org
www.googleadservices.com
www.gstatic.com
www.youtube.com
104.22.54.118
13.110.221.60
13.33.187.40
142.250.185.194
151.101.64.176
198.202.176.81
2600:9000:2250:a800:2:8531:afc0:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6810:5049
2606:4700::6810:7baf
2606:4700::6812:7c49
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:813::2003
2a00:1450:4001:828::200e
2a00:1450:4001:831::200a
2a00:1450:400c:c00::5c
2a02:26f0:280:9::213:7a24
2a04:4e42:400::649
34.68.9.145
44.237.151.236
52.143.247.24
54.186.23.98
00a29bda2b26174ec4d6181a9341f76fc37ea2d0245f5c760f032c109e917cbb
061906633f249332d25115dd606fdd22d30006b25cc45039ad67c6d2008814f8
0666278516505182592bacc1b82e6603d0f33ebf8c43f2b51b89e712a94e151a
06e9cfa1e2fb5b8269f55ebb7dc5ced06737bc1e3faec047ca535265a9d7ac85
0852e94fe6a7d02738190b5293e8cb93157b5790fb42df40532e2ee58f8a2e8e
13c9eba319b411d9711a1c997322107310af7f7938aac1ec8f9cdc7c662bb9e5
14699735f336f6c852f63359232ce256d1f0c20a1d430cdea3adbb55b809e520
1da2ece3369af4c663f11daa62f4e591806f0c1ce17e17f0a4162d0d09455c5a
1dd6bb8d66c1bb0277c1276dc14abf028f9c634d592dbf8b0594d25fb6fb7590
20b8f82923f15420d50977d8efde324e462ddde5affcdfafa9ac126660838127
2168cb44a41a5cf43ef8b6e87aee8e3b9178685755df6ad1a5c0dd4cccd52c7e
22cedcbd981cbe7498e7d9f64a5ef04a3052f8826b95b3838ade989d9102240d
26262bf301b196a97779adbdea9ca974c356801ae712d5864b5bb0d6a90b775b
27230c5af91b76c15e054c4d88048027c9045d2f1411fdbf082d074173ffcadb
29142282807f543b36899836ab87938c76744364bfa1888bdbadff146330a196
29cfebbdf0a9801764f1c5bec42a56fd773d4290821ecb6b5553f511c200815c
3022c8a32d41b95a1a8ed9066c3fcb396cdef772f01a6df1179db516973023f7
3294667fb626223067e6245c0826ce87efac71b478c53798cceb81f55d85f88a
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
3761950f8159320bb209f23d8f2d4cabe130bd774fec107d62a6eec6fb005bb5
3b1f43a81eb74758bdd53016dfc5578645564bd16d083631c12d98f0de675041
3ce16945b50c0161739c74c68b6c9ff3c897a8bdf2e3bb64853f86dd43ee7c11
3f489b11ac44efc0a827c33ce148de36e37030002176e09c2a3bdaf9efdcff3b
40c1b4a27cabf201617647745875f150fd375855ee62d78a2958eeb2c9c54758
44c3e3e2f41238711b2089cb691786453d450c389a271068690ee0ef654a08f9
45e9b59fcd2486c88fd617281b79e2fa27a67600efbd31cc66e2da0958b3b164
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50c6a67b9d511e280ce6a13e8dfdde8211c655cf6d03eb45b455f2df014f2e1d
50ea9e7af437d3219d4210a63e0bc2bcf4cf7ad13f98cda6763e6e8dc7d12d8f
5ac2455757fbb14a9fa21a8afce49055f48f28e20e4e41a8f5eee9c5a2dc3f3a
5ee4dbeb415263a1bd1ff3f3903cac7f086f10d596e250c6fb68194e284f11fb
60891a54df49aac87f56b67ebcd37582eae4b01e7b20b35b5b141a5ddd7e66c5
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
62ab2ab3a16c6d4f96e5ae538005ca6be5bb97d46affaac9ed79f8e2e163a808
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
668db5d0deab22ec5906caa082c5b39d39c1ec701dd58b35aadd2ad9b349feea
66e1bc00387661b1476191a36445a5614f6f234572a6f462a84741920757a101
67a60e8d0877049f837dff6121f5db7d5799af3ee03bf0f8b77dd491904c5c52
71afb008c8b3406257f101d95a4f69b97e6a331a293a5ed4ddcdd6501ffdc4ee
756f51059d3e1611ac2b7f5cc0518042e643e43a6a2a2903a20cb341c44bfbcf
7cf649422c31e519b480124ba4b46d71fd6b668888cb9d6aed84fdaa4b620493
7df2f591cb5998cbf6e24dcb7489cb13cfc5303bb30716bd4e9c7eeda053ea10
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
84e81aec5461ce73b51eadfae834360cb6119de01eb35fff94b9abeef25f0a4f
87d48af85ba0878ccd67abaaf1caf5067d42f34bbc72a711aa1c550c25a3d122
8913290a4db258fa9e0d3fd267fb61666aa81f82b1a459ba098352c427a57c37
8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
98fc3ccf8d2281982134cca54f9f58bf129e135eb60470633271e1c86aac12c5
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a5e05d6875025ae160951988d1dbe109a254794f158b1210a8311bdc7070b91e
a77f5e7aa207c37450c588a74a423e46b0bf14e0f1c4b49ae6c567368d46f46f
aa23f68b3d5c7eed8f0ebfa79457437800fa6d915b50755195217fc6d3d0916d
b1de6de0b51f56c4e689886df0f7e8750647f50f68a90891eb48c6fa6b829845
b76d55ce69f335df0f011ca7ad04fa9cc9f34d3e0ffc6ee347d1019140b43e88
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bdfda2d14f2de164f14d95ad0b9b0fd5effbf51850fffd4bb3ee8e01674cf292
c3d0f31cdbd4af414bab8b29ecf3e33dfe3bf69692bb229cba2b1a146cf79ce4
c4c26dfde09ed6e458fd1d42c13169455ea98d479d85d3242a61cb0d15bdd00f
c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49
c91fcb89871b3af47fd3a4f5e17d40ac582ed9a6046963ab48caa4baa7c3dfe2
c9b31c557888de5a5ba74cab90820cfb4118a541f29a322e21bfd2e84fbfc436
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdec3488628c8e03a89788c80a01f1eaeb9add7e6c911f970c01960ea640c62f
ce14c9c50ec633603b6a1e130678a447128b803ec5a03f26f020ef2b8db623d1
d2f4ea788543cf0dc7e1149c87d86548511aa75fcd53412526f0969701fd5f00
d917abfaa0f30f974778481aa03a81efbe439f4b379ae1d9c4b91d462f2c1064
daf6c010e1371f312df60aa5b9041f2571f0b0f32be661fe8546f7f8772966cd
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e248a69e9e24cbf5258c27257fb132fbbae4a85d58d9f46c718c22d56f30f6bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69b051cedffbcc5fd9ecb6af9cd7c051f2fbaac436a635fd44b43ce6cb22074
e8da40fe2d8ddf214ddfaea3e74eebcc4d77c0f492376af1ec629c92276b07db
eb68a7b4811b093e47d043350699830020da387c0156ed3f1359b43de75a7a9e
ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78
ef453c16da45d31acaaf053b4c361c28af20f85edb5037ba02d82c88cc14314b
f9ea176aae876360c1933a6dde1400b0554961ab8eb7331e5939b5e1a3c30e95
fedfc64728beee4dcdf576abb2dd3c44b462afc3b5db8c53704629a1ee6dd14c
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

my.americares.org Open in urlscan Pro 2606:4700::6812:7c49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

109 Requests

100 %HTTPS

57 %IPv6

17 Domains

26 Subdomains

22 IPs

4 Countries

3913 kBTransfer

12399 kBSize

18 Cookies

10 Outgoing links

Page URL History

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

my.americares.org Open in urlscan Pro
2606:4700::6812:7c49 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

100 %
HTTPS

57 %
IPv6

17
Domains

26
Subdomains

22
IPs

4
Countries

3913 kB
Transfer

12399 kB
Size

18
Cookies

109 HTTP transactions
0 data transactions