urlscan.io logo urlscan.io
SecurityTrails logo

donate.wfp.org Open in urlscan Pro
34.117.85.67  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://donate.wfp.org/
Effective URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Submission: On October 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 54 IPs in 7 countries across 43 domains to perform 299 HTTP transactions. The main IP is 34.117.85.67, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is donate.wfp.org.
TLS certificate: Issued by GTS CA 1D4 on August 31st 2023. Valid for: 3 months.
This is the only time donate.wfp.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 36 34.117.85.67 396982 (GOOGLE-CL...)
13 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 5 172.217.18.6 15169 (GOOGLE)
5 2001:4860:480... 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 54.77.39.146 16509 (AMAZON-02)
48 99.86.4.99 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
4 2001:4860:480... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
1 18.66.97.53 16509 (AMAZON-02)
2 2400:52e0:1e0... 200325 (BUNNYCDN)
7 2600:9000:20e... 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
14 192.229.221.25 15133 (EDGECAST)
3 13.32.27.21 16509 (AMAZON-02)
4 2a00:1450:401... 15169 (GOOGLE)
1 2600:9000:214... 16509 (AMAZON-02)
80 54.186.23.98 16509 (AMAZON-02)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
2 172.217.16.194 15169 (GOOGLE)
1 18.66.112.110 16509 (AMAZON-02)
4 6 193.0.160.130 54312 (ROCKETFUEL)
1 44.212.163.2 14618 (AMAZON-AES)
2 151.101.193.35 54113 (FASTLY)
2 198.137.150.201 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 4 13.32.27.83 16509 (AMAZON-02)
3 35.244.174.68 15169 (GOOGLE)
1 1 142.250.184.226 15169 (GOOGLE)
1 2 185.89.210.101 29990 (ASN-APPNEX)
1 2 34.255.132.0 16509 (AMAZON-02)
1 185.64.191.210 62713 (AS-PUBMATIC)
1 35.244.159.8 15169 (GOOGLE)
1 3.125.70.222 16509 (AMAZON-02)
1 184.30.20.22 16625 (AKAMAI-AS)
1 3.228.255.215 14618 (AMAZON-AES)
1 2 104.18.26.193 13335 (CLOUDFLAR...)
1 69.192.160.219 16625 (AKAMAI-AS)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 35.156.105.211 16509 (AMAZON-02)
1 18.203.183.215 16509 (AMAZON-02)
1 35.156.251.84 16509 (AMAZON-02)
2 2 151.101.194.49 54113 (FASTLY)
2 151.101.192.176 54113 (FASTLY)
2 2606:4700:440... 13335 (CLOUDFLAR...)
3 44.241.88.74 16509 (AMAZON-02)
1 108.138.26.33 16509 (AMAZON-02)
299 54
36    34.117.85.67 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 67.85.117.34.bc.googleusercontent.com
donate.wfp.org
13    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
play.google.com
7    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f6.1e100.net
5499309.fls.doubleclick.net
10390555.fls.doubleclick.net
5    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    54.77.39.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-39-146.eu-west-1.compute.amazonaws.com
c5.adalyser.com
48    99.86.4.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-99.fra6.r.cloudfront.net
js.stripe.com
4    2a00:1450:400c:c03::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
5    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.recaptcha.net
1    18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net
static.hotjar.com
2    2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)
l.getsitecontrol.com
7    2600:9000:20eb:7e00:14:56a0:4680:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.sparkcentral.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
8    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2606:4700:10::6814:8b22 (United States)

ASN13335 (CLOUDFLARENET, US)
pay.gocardless.com
14    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypal.com
www.paypalobjects.com
3    13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net
script.hotjar.com
4    2a00:1450:4013:c08::5c (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
pay.google.com
1    2600:9000:214f:c800:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)
c1.rfihub.net
80    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
r.stripe.com
1    2400:52e0:1e00::722:1 (Germany)

ASN200325 (BUNNYCDN, SI)
s2.getsitecontrol.com
2    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
www.googleadservices.com
1    18.66.112.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-110.fra56.r.cloudfront.net
vc.hotjar.io
6    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
20777079p.rfihub.com
p.rfihub.com
a.rfihub.com
1    44.212.163.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-212-163-2.compute-1.amazonaws.com
events.getsitectrl.com
2    151.101.193.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
2    198.137.150.201 (United States)

ASN16509 (AMAZON-02, US)
merchant-ui-api.stripe.com
2    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    13.32.27.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-83.fra56.r.cloudfront.net
live.rezync.com
3    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
2    185.89.210.101 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    34.255.132.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-132-0.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    3.125.70.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com
contextual.media.net
1    3.228.255.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-255-215.compute-1.amazonaws.com
bpi.rtactivate.com
2    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
1    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
x.dlx.addthis.com
1    2600:1f18:612b:4216:6e55:f763:f02d:d10e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
1    35.156.105.211 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-105-211.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    18.203.183.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-183-215.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    35.156.251.84 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-251-84.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    151.101.192.176 (United States)

ASN54113 (FASTLY, US)
m.stripe.network
2    2606:4700:4400::ac40:9ae3 (United States)

ASN13335 (CLOUDFLARENET, US)
5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io
3    44.241.88.74 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-88-74.us-west-2.compute.amazonaws.com
m.stripe.com
1    108.138.26.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-33.fra56.r.cloudfront.net
media.eu-1.smooch.io
Apex Domain
Subdomains		 Transfer
133 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1487
q.stripe.com — Cisco Umbrella Rank: 8805
merchant-ui-api.stripe.com — Cisco Umbrella Rank: 6279
r.stripe.com — Cisco Umbrella Rank: 4858
m.stripe.com — Cisco Umbrella Rank: 1382
2 MB
36 wfp.org
donate.wfp.org
821 KB
24 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2714
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 118
pay.google.com — Cisco Umbrella Rank: 3064
play.google.com — Cisco Umbrella Rank: 37
420 KB
12 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3011
t.paypal.com — Cisco Umbrella Rank: 3644
264 KB
12 doubleclick.net
5499309.fls.doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
10390555.fls.doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
6 KB
10 gstatic.com
www.gstatic.com
fonts.gstatic.com
529 KB
7 sparkcentral.com
cdn.sparkcentral.com — Cisco Umbrella Rank: 714496
277 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
region1.google-analytics.com — Cisco Umbrella Rank: 2250
21 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
499 KB
6 rfihub.com
20777079p.rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1000
a.rfihub.com — Cisco Umbrella Rank: 3681
9 KB
6 google.de
www.google.de — Cisco Umbrella Rank: 6147
adservice.google.de — Cisco Umbrella Rank: 13042
1 KB
4 rezync.com
live.rezync.com — Cisco Umbrella Rank: 2003
3 KB
4 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2668
35 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 901
script.hotjar.com — Cisco Umbrella Rank: 1101
107 KB
3 smooch.io
5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io
media.eu-1.smooch.io
15 KB
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 445
149 B
3 getsitecontrol.com
l.getsitecontrol.com — Cisco Umbrella Rank: 20318
s2.getsitecontrol.com — Cisco Umbrella Rank: 32181
59 KB
3 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 1528
34 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 427
14 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1603
16 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 782
620 B
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 242
2 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
2 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 153
20 KB
2 adalyser.com
c5.adalyser.com — Cisco Umbrella Rank: 29352
11 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
88 KB
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 387
146 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 903
338 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 587
377 B
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 1376
175 B
1 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1732
182 B
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1723
109 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 780
616 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1189
344 B
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 547
273 B
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 1116
425 B
1 getsitectrl.com
events.getsitectrl.com — Cisco Umbrella Rank: 22710
775 B
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2992
257 B
1 rfihub.net
c1.rfihub.net — Cisco Umbrella Rank: 6238
6 KB
1 gocardless.com
pay.gocardless.com — Cisco Umbrella Rank: 353502
2 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
185 B
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1361
50 KB
299 43
Domain Requested by
63 r.stripe.com js.stripe.com
48 js.stripe.com donate.wfp.org
js.stripe.com
36 donate.wfp.org 1 redirects donate.wfp.org
17 q.stripe.com donate.wfp.org
12 play.google.com www.gstatic.com
10 www.paypal.com donate.wfp.org
www.paypal.com
www.paypalobjects.com
8 www.gstatic.com www.recaptcha.net
pay.google.com
www.gstatic.com
7 cdn.sparkcentral.com donate.wfp.org
cdn.sparkcentral.com
7 www.googletagmanager.com donate.wfp.org
www.googletagmanager.com
www.google-analytics.com
5 www.google.de donate.wfp.org
10390555.fls.doubleclick.net
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 p.rfihub.com 3 redirects donate.wfp.org
4 live.rezync.com 4 redirects
4 www.paypalobjects.com donate.wfp.org
www.paypal.com
www.paypalobjects.com
4 pay.google.com js.stripe.com
pay.google.com
donate.wfp.org
www.gstatic.com
4 www.google.com 1 redirects donate.wfp.org
4 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
3 m.stripe.com m.stripe.network
3 idsync.rlcdn.com donate.wfp.org
5499309.fls.doubleclick.net
3 script.hotjar.com static.hotjar.com
script.hotjar.com
donate.wfp.org
3 www.recaptcha.net donate.wfp.org
www.gstatic.com
www.recaptcha.net
3 bat.bing.com www.googletagmanager.com
bat.bing.com
donate.wfp.org
3 5499309.fls.doubleclick.net 1 redirects www.googletagmanager.com
adservice.google.com
2 5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io cdn.sparkcentral.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 sync-tm.everesttech.net 2 redirects
2 dsum-sec.casalemedia.com 1 redirects donate.wfp.org
2 dpm.demdex.net 1 redirects donate.wfp.org
2 ib.adnxs.com 1 redirects donate.wfp.org
2 fonts.gstatic.com www.recaptcha.net
2 merchant-ui-api.stripe.com js.stripe.com
2 t.paypal.com donate.wfp.org
2 www.googleadservices.com 10390555.fls.doubleclick.net
www.googleadservices.com
2 10390555.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 l.getsitecontrol.com www.googletagmanager.com
l.getsitecontrol.com
2 region1.google-analytics.com www.googletagmanager.com
2 adservice.google.com 5499309.fls.doubleclick.net
10390555.fls.doubleclick.net
2 region1.analytics.google.com www.googletagmanager.com
2 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
2 c5.adalyser.com donate.wfp.org
2 connect.facebook.net donate.wfp.org
connect.facebook.net
1 media.eu-1.smooch.io donate.wfp.org
1 x.bidswitch.net 5499309.fls.doubleclick.net
1 beacon.krxd.net 5499309.fls.doubleclick.net
1 aa.agkn.com 5499309.fls.doubleclick.net
1 partners.tremorhub.com 5499309.fls.doubleclick.net
1 x.dlx.addthis.com 5499309.fls.doubleclick.net
1 bpi.rtactivate.com 5499309.fls.doubleclick.net
1 contextual.media.net 5499309.fls.doubleclick.net
1 ps.eyeota.net donate.wfp.org
1 us-u.openx.net 5499309.fls.doubleclick.net
1 image2.pubmatic.com 5499309.fls.doubleclick.net
1 a.rfihub.com 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 events.getsitectrl.com s2.getsitecontrol.com
1 20777079p.rfihub.com c1.rfihub.net
1 vc.hotjar.io script.hotjar.com
1 s2.getsitecontrol.com l.getsitecontrol.com
1 c1.rfihub.net 5499309.fls.doubleclick.net
1 pay.gocardless.com donate.wfp.org
1 adservice.google.de 1 redirects
1 static.hotjar.com www.googletagmanager.com
1 www.facebook.com donate.wfp.org
1 www.googleoptimize.com donate.wfp.org
299 64
Subject Issuer Validity Valid
wfp.prod.go-donate.uk
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2023-07-26 -
2024-01-22		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-30 -
2023-10-28		 3 months crt.sh
*.adalyser.com
Thawte TLS RSA CA G1		 2023-06-13 -
2024-07-13		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-07-31 -
2023-11-30		 4 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
misc.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.getsitecontrol.com
Go Daddy Secure Certificate Authority - G2		 2023-03-07 -
2024-04-07		 a year crt.sh
sparkcentral.com
Amazon RSA 2048 M01		 2023-06-30 -
2024-07-28		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
gocardless.com
Cloudflare Inc ECC CA-3		 2023-03-29 -
2024-03-28		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-12 -
2024-10-31		 a year crt.sh
*.rfihub.net
Amazon RSA 2048 M01		 2023-02-24 -
2023-12-29		 10 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-10-09 -
2024-01-18		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-27 -
2024-04-27		 a year crt.sh
*.getsitectrl.com
Amazon RSA 2048 M02		 2023-02-22 -
2024-01-13		 a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-09-21 -
2024-10-21		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
rtactivate.com
Amazon RSA 2048 M01		 2023-03-14 -
2024-04-11		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-09-07 -
2024-09-29		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.config.eu-1.smooch.io
E1		 2023-08-22 -
2023-11-20		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-05 -
2024-01-18		 3 months crt.sh
*.eu-1.smooch.io
Amazon RSA 2048 M01		 2023-01-30 -
2024-02-28		 a year crt.sh

This page contains 22 frames:

Primary Page: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Frame ID: 9D290212DB4813C0651672800ADBE140
Requests: 95 HTTP requests in this frame

Frame: https://5499309.fls.doubleclick.net/activityi;dc_pre=CML34uqgh4IDFSMOogMdMzIM_A;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26
Frame ID: F4E821EE9ECD8CFFDB531DAE719E9E30
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CML34uqgh4IDFSMOogMdMzIM_A;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26
Frame ID: 07B16155F2EFDF82D4B7A3339E71728D
Requests: 1 HTTP requests in this frame

Frame: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CML34uqgh4IDFSMOogMdMzIM_A;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26
Frame ID: 7C5BECA4D1C23D7611A8F85374494E27
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-68059e1af226e72493d47209d561b5e2.html
Frame ID: AE67B0CBCBB869ADE3205DAE28C7F0AC
Requests: 40 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-5cec5ef0ae89922bf74fb23adde2f955.html
Frame ID: 07096955B1A82F011ADA32C66DEFB3C3
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-59b3302df274fb9180da7157c226b500.html
Frame ID: 1387E5A2EDFCE40BDCDE405AA2B4DD8A
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-68059e1af226e72493d47209d561b5e2.html
Frame ID: 0BA01B445429F85F5C83135104240E54
Requests: 37 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
Frame ID: C9D769780C74587CBE1C37075FF9363D
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
Frame ID: E5CE237BD640ECAE712E465B6E621C41
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
Frame ID: 7536B75E82BCF4E9EDE5F2CE084A24B2
Requests: 9 HTTP requests in this frame

Frame: https://10390555.fls.doubleclick.net/activityi;dc_pre=COGs2Ough4IDFYoNogMdC0sIJw;src=10390555;type=rem0;cat=allp;ord=915089529905;auiddc=1114864716.1697895285;gtm=45fe3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517
Frame ID: 3EA0E475F9FA4F4E0E01313A1DF45292
Requests: 5 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=rect&style.tagline=false&style.height=45&style.menuPlacement=below&sdkVersion=5.0.405&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJ5cnFFcF9NVzFuRGVHSXVVN3BHWVVOaTg1QjdhOUdkY2Y4dHBXZ2NIcm42bXRJTVBOcnVjMzFCMDZVSnc3REhEZE9kMTBaQ0doMmJBdGgmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0LHZlbm1vJmN1cnJlbmN5PUVVUiIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xxa3h0cWthaWZyamZnd2lzYXVnZWJqdWlvbWJqayJ9fQ&clientID=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&sdkCorrelationID=f822973719422&storageID=uid_29ed4994ec_mtm6mzq6ndc&sessionID=uid_ef0882913e_mtm6mzq6ndc&buttonSessionID=uid_894a6d64ab_mtm6mzq6ndc&env=production&buttonSize=medium&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&disableFunding.12=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612
Frame ID: 03CD555771AF1B99E2BBD41D78C6E5F2
Requests: 5 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-white.svg
Frame ID: B554819663853214D966663F7E1F2F8F
Requests: 1 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw&co=aHR0cHM6Ly9kb25hdGUud2ZwLm9yZzo0NDM.&hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=uq2lq7bmern
Frame ID: 78F943249CFF36D1C809D2C51A85B6DE
Requests: 7 HTTP requests in this frame

Frame: https://20777079p.rfihub.com/ca.html?ver=9&rb=27244&ca=20777079&_o=27244&_t=20777079&pe=https%3A%2F%2F5499309.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCML34uqgh4IDFSMOogMdMzIM_A%3Bsrc%3D5499309%3Btype%3Dsitev00%3Bcat%3Dwfpor0%3Bord%3D1373645475825%3Bauiddc%3D1114864716.1697895285%3Bgtm%3D45He3ai0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B%7Eoref%3Dhttps%253A%252F%252Fdonate.wfp.org%252F1243%252Fdonation%252Fregular%252F%253Fcampaign%253D1517%2526&pf=https%3A%2F%2Fadservice.google.com%2F&ra=6429321617508224
Frame ID: 44DFD83BCA998AFB8A60A642AEFA159E
Requests: 18 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 5F518A0A1031A235AB32768B4B8DDD1F
Requests: 13 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 270E22CD51F96EB2436F3DEBC77F61DE
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-request-83ef514f10289155fe3fb5d6f2523452.html
Frame ID: B8B82AA7B605DE058B1AC3697429393E
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 54D50D2988A97DC41E0CA4181FDD8B7D
Requests: 4 HTTP requests in this frame

Frame: https://cdn.sparkcentral.com/rtm/web/1.25.7/frame.1.25.7.css
Frame ID: D535B9E7AB1A343BEF6851256EBFC4CA
Requests: 6 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 25D827040EE83F2A8D970E9D1A94B73E
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

UN World Food Programme (WFP)

Page URL History Show full URLs

  1. http://donate.wfp.org/ HTTP 307
    https://donate.wfp.org/1243/donation/regular/?campaign=1517& Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

299
Requests

97 %
HTTPS

42 %
IPv6

43
Domains

64
Subdomains

54
IPs

7
Countries

5246 kB
Transfer

19410 kB
Size

55
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://donate.wfp.org/ HTTP 307
    https://donate.wfp.org/1243/donation/regular/?campaign=1517& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://5499309.fls.doubleclick.net/activityi;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26 HTTP 302
  • https://5499309.fls.doubleclick.net/activityi;dc_pre=CML34uqgh4IDFSMOogMdMzIM_A;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26
Request Chain 68
  • https://adservice.google.de/ddm/fls/i/dc_pre=CML34uqgh4IDFSMOogMdMzIM_A;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26 HTTP 302
  • https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CML34uqgh4IDFSMOogMdMzIM_A;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26
Request Chain 114
  • https://10390555.fls.doubleclick.net/activityi;src=10390555;type=rem0;cat=allp;ord=915089529905;auiddc=1114864716.1697895285;gtm=45fe3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517 HTTP 302
  • https://10390555.fls.doubleclick.net/activityi;dc_pre=COGs2Ough4IDFYoNogMdC0sIJw;src=10390555;type=rem0;cat=allp;ord=915089529905;auiddc=1114864716.1697895285;gtm=45fe3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517
Request Chain 162
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685630289485542&referrer=https%3A%2F%2Fadservice.google.com%2F&forward= HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=a96848b3-8bd2-4afc-9002-fa14dcb416b0%3A1697895288.22508&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da96848b3-8bd2-4afc-9002-fa14dcb416b0%253A1697895288.22508%26_%3D1697895288.2274673&cb=1697895288.2274978 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685630289485542&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Da96848b3-8bd2-4afc-9002-fa14dcb416b0%253A1697895288.22508%26_%3D1697895288.2274673 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=a96848b3-8bd2-4afc-9002-fa14dcb416b0%3A1697895288.22508&_=1697895288.2274673
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwOTY4NTYzMDI4OTQ4NTU0Mg==&forward= HTTP 302
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEL81aSr16bho5aADotkLuDk&google_cver=1 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685630289485542&referrer={encSite}&forward= HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=a96848b3-8bd2-4afc-9002-fa14dcb416b0%3A1697895288.22508&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da96848b3-8bd2-4afc-9002-fa14dcb416b0%253A1697895288.22508%26_%3D1697895288.5219412&cb=1697895288.5219703 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685630289485542&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Da96848b3-8bd2-4afc-9002-fa14dcb416b0%253A1697895288.22508%26_%3D1697895288.5219412 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=a96848b3-8bd2-4afc-9002-fa14dcb416b0%3A1697895288.22508&_=1697895288.5219412
Request Chain 164
  • https://ib.adnxs.com/setuid?entity=18&code=5109685630289485542 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685630289485542
Request Chain 165
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5109685630289485542&redir= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5109685630289485542&redir=
Request Chain 168
  • https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
  • https://ps.eyeota.net/match?uid=5109685630289485542&bid=omt9pi0
Request Chain 171
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685630289485542&forward= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685630289485542&forward=&C=1
Request Chain 178
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZTPTeAAZa5Gv6QAN HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=ZTPTeAAZa5Gv6QAN&_test=ZTPTeAAZa5Gv6QAN
Request Chain 224
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/481751819/?random=1518532736&cv=9&fst=1697895287855&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10390555.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOGs2Ough4IDFYoNogMdC0sIJw%3Bsrc%3D10390555%3Btype%3Drem0%3Bcat%3Dallp%3Bord%3D915089529905%3Bauiddc%3D1114864716.1697895285%3Bgtm%3D45fe3ai0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fdonate.wfp.org%252F1243%252Fdonation%252Fregular%252F%253Fcampaign%253D1517%3F&ref=https%3A%2F%2Fdonate.wfp.org%2F&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&ocp_id=d9MzZYrxNb289u8PvuWYkAg&sscte=1&crd=&pscrd=IhMIyoiA7KCHggMVPZ79Bx2-MgaC HTTP 302
  • https://www.google.com/pagead/1p-conversion/481751819/?random=1518532736&cv=9&fst=1697895287855&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10390555.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOGs2Ough4IDFYoNogMdC0sIJw%3Bsrc%3D10390555%3Btype%3Drem0%3Bcat%3Dallp%3Bord%3D915089529905%3Bauiddc%3D1114864716.1697895285%3Bgtm%3D45fe3ai0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fdonate.wfp.org%252F1243%252Fdonation%252Fregular%252F%253Fcampaign%253D1517%3F&ref=https%3A%2F%2Fdonate.wfp.org%2F&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIyoiA7KCHggMVPZ79Bx2-MgaC&is_vtc=1&ocp_id=d9MzZYrxNb289u8PvuWYkAg&cid=CAQSKQDICaaNBzbKK-DFb6hsl2wByOxyf2v8z-bzxKdvSh5PhR4wTe6_RhUB&random=2541851336&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/481751819/?random=1518532736&cv=9&fst=1697895287855&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10390555.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOGs2Ough4IDFYoNogMdC0sIJw%3Bsrc%3D10390555%3Btype%3Drem0%3Bcat%3Dallp%3Bord%3D915089529905%3Bauiddc%3D1114864716.1697895285%3Bgtm%3D45fe3ai0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fdonate.wfp.org%252F1243%252Fdonation%252Fregular%252F%253Fcampaign%253D1517%3F&ref=https%3A%2F%2Fdonate.wfp.org%2F&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIyoiA7KCHggMVPZ79Bx2-MgaC&is_vtc=1&ocp_id=d9MzZYrxNb289u8PvuWYkAg&cid=CAQSKQDICaaNBzbKK-DFb6hsl2wByOxyf2v8z-bzxKdvSh5PhR4wTe6_RhUB&random=2541851336&resp=GooglemKTybQhCsO&ipr=y&ezwbk=AZuM4hAA4Mus6wC4I1ZAE4TggkfjRdSNPoukMLBkoGIG9LqyJoUPYNUSacxBNk_lmfWaD_d9AY0zu00cOm1FuOpUJ7uq

299 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
donate.wfp.org/1243/donation/regular/
Redirect Chain
  • http://donate.wfp.org/
  • https://donate.wfp.org/1243/donation/regular/?campaign=1517&
2 MB
155 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend / Express
Resource Hash
ff117bf9b280b5947d3d05d4d5b19c456059053daa0e458b9be22ab07b032f31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
none
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
max-age=5,stale-when-revalidate=5
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 21 Oct 2023 13:34:44 GMT
etag
"1f6145-1fSZZypkb/ppfVhLQMU9dgYiSCw"
server
Google Frontend
vary
User-Agent, Accept-Encoding
via
1.1 google
x-powered-by
Express

Redirect headers

Cache-Control
private
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sat, 21 Oct 2023 13:34:43 GMT
Location
https://donate.wfp.org:443/1243/donation/regular/?campaign=1517&
optimize.js
www.googleoptimize.com/ 		128 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-P2GL7X7
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1c289a27517057586dd938d3ad89efd1d15966ba381ac9d70e4c740ee5286ba5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://donate.wfp.org/
Origin
https://donate.wfp.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50587
x-xss-protection
0
last-modified
Sat, 21 Oct 2023 12:00:00 GMT
server
Google Tag Manager
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://donate.wfp.org
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 21 Oct 2023 13:34:44 GMT
b2a457a.modern.js
donate.wfp.org/_wfp/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/b2a457a.modern.js
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
ddeead0bf45de6827976be6b4cc01037068e8e45c1f35cad1b2f491a44454efe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/1243/donation/regular/?campaign=1517&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 15:01:52 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 09 Oct 2023 16:49:08 GMT
server
Google Frontend
age
340372
etag
W/"a24-18b1557a7a0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1318
13bb4f0.modern.js
donate.wfp.org/_wfp/ 		232 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/13bb4f0.modern.js
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
f3cb3c087377fcd1ff6696de65730b49d301d4f18c962818b4e353f4f304295b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/1243/donation/regular/?campaign=1517&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:59:14 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 09 Oct 2023 16:49:08 GMT
server
Google Frontend
age
2130
etag
W/"10954-18b1557a7a0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
877015d493c168e23c3a53b10a9f0b20
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67924
78441d1.css
donate.wfp.org/_wfp/css/ 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/css/78441d1.css
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
8a8d4136dabd1cf4aa79d26dfc7ff9a04b8c381eca79f2898529dff1fad43c1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/1243/donation/regular/?campaign=1517&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 11:21:49 GMT
content-encoding
br
via
1.1 google
last-modified
Wed, 27 Sep 2023 16:46:12 GMT
server
Google Frontend
age
1649575
etag
W/"8bd-18ad788a820"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
x-cloud-trace-context
b9ccac0bf4f04b763de336e8d2b0b73c
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2237
eeb3f82.modern.js
donate.wfp.org/_wfp/ 		160 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/eeb3f82.modern.js
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
ed417060406c092b5c7bd0feaba39d54414da92854b708382b4dae643afa2162

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/1243/donation/regular/?campaign=1517&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 15:01:52 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 09 Oct 2023 16:49:08 GMT
server
Google Frontend
age
340372
etag
W/"7279-18b1557a7a0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
65f1e4314d6af9aa6b39a2cddedda1f8
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29305
e5c9029.css
donate.wfp.org/_wfp/css/ 		335 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/css/e5c9029.css
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
85e0445d24cfa83afcc9f008f279842a3f908626f8526de2dfff8830a82d7968

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/1243/donation/regular/?campaign=1517&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 15:00:08 GMT
content-encoding
br
via
1.1 google
last-modified
Wed, 27 Sep 2023 16:46:12 GMT
server
Google Frontend
age
686076
etag
W/"a804-18ad788a820"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
x-cloud-trace-context
05a780bb88c1926290bc538d16e78a71
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43012
6804a59.modern.js
donate.wfp.org/_wfp/ 		541 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/6804a59.modern.js
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e87c029f38797686278a2571b3a945e56f9787058536c2be9a6064dc6df43f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/1243/donation/regular/?campaign=1517&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 15:01:52 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 09 Oct 2023 16:49:08 GMT
server
Google Frontend
age
340372
etag
W/"1f17a-18b1557a7a0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
d5f7aef233d434ae5979a2dc7d66dea6
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127354
gtm.js
www.googletagmanager.com/ 		343 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
74b64f7ee3705f747741c063fd757db7a0c1423fc87ea65731e1b6b7d8c4a13c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://donate.wfp.org/
Origin
https://donate.wfp.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
107080
x-xss-protection
0
last-modified
Sat, 21 Oct 2023 12:00:00 GMT
server
Google Tag Manager
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://donate.wfp.org
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 21 Oct 2023 13:34:44 GMT
Open_Sans-400-latin48.a09c41f.woff2
donate.wfp.org/_wfp/fonts/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/fonts/Open_Sans-400-latin48.a09c41f.woff2
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/css/78441d1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Request headers

Referer
https://donate.wfp.org/_wfp/css/78441d1.css
Origin
https://donate.wfp.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 14:30:53 GMT
via
1.1 google
last-modified
Wed, 20 Sep 2023 09:42:47 GMT
server
Google Frontend
age
2329431
etag
W/"af00-18ab1f87dd8"
content-type
font/woff2
x-cloud-trace-context
4817688d110f04af235b078825eeda20
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44800
2dda680.modern.js
donate.wfp.org/_wfp/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/2dda680.modern.js
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/b2a457a.modern.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
89d23c80cd405eb7c2eac1f1ff719f3db7261870c6bd7532eced55c04d75f3c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/1243/donation/regular/?campaign=1517&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 15:01:28 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 09 Oct 2023 16:49:08 GMT
server
Google Frontend
age
340397
etag
W/"177f-18b1557a7a0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
161a7488a8ba932aed12d2bb9b551230
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6015
e87ce1e.modern.js
donate.wfp.org/_wfp/ 		139 B
156 B 		Script
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/e87ce1e.modern.js
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/b2a457a.modern.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
8dc5232f0ce9d4a84d95b6d83cf77c20b788accdaee706e57c5030a36faa19e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/1243/donation/regular/?campaign=1517&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 11:29:13 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 09 Oct 2023 16:49:08 GMT
server
Google Frontend
age
7532
etag
W/"8b-18b1557a7a0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135
activityi;dc_pre=CML34uqgh4IDFSMOogMdMzIM_A;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~or...
5499309.fls.doubleclick.net/ Frame F4E8
Redirect Chain
  • https://5499309.fls.doubleclick.net/activityi;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~...
  • https://5499309.fls.doubleclick.net/activityi;dc_pre=CML34uqgh4IDFSMOogMdMzIM_A;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb...
585 B
500 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5499309.fls.doubleclick.net/activityi;dc_pre=CML34uqgh4IDFSMOogMdMzIM_A;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f6.1e100.net
Software
cafe /
Resource Hash
a441d49f7cc06b76e031d42703fcbe43273ae2c9646c968f7d7a40d435294eec
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://donate.wfp.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
324
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 13:34:45 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 13:34:45 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5499309.fls.doubleclick.net/activityi;dc_pre=CML34uqgh4IDFSMOogMdMzIM_A;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 12:43:55 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3050
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 21 Oct 2023 14:43:55 GMT
bat.js
bat.bing.com/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a7006c9765b3997f8d2ff41cc0560fe325677b74d57c26084c958431d2325574
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sat, 21 Oct 2023 13:34:44 GMT
last-modified
Thu, 12 Oct 2023 17:36:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: ED468BA0BEAC4173A65CBA463635D4AA Ref B: FRAEDGE1908 Ref C: 2023-10-21T13:34:45Z
etag
"808ec9ad32fdd91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12978
fbevents.js
connect.facebook.net/en_US/ 		199 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 21 Oct 2023 13:34:45 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53588
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
iTzkZ56Dz6TwqgW1fo8/zHTOL8sx4LEU0Q5G1DUqjY/vmQQyiJh4taBbiZ8t/DTanOIhqRhI4aHjAuzBYM4LGg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		194 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-597680250
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
70ecbaa77b004bafd74ba7d122642a239f19e95e8a5ffefa1989689712dfde47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72453
x-xss-protection
0
last-modified
Sat, 21 Oct 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 21 Oct 2023 13:34:45 GMT
adalyser.js
c5.adalyser.com/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c5.adalyser.com/adalyser.js?cid=wfp
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.39.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-39-146.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
e51fc1d194ae40ce2db4ba6abce427ad95cc98d505a4e7346c0c6f6eae33b1c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:45 GMT
content-encoding
gzip
x-powered-by
Express
etag
"c45b12ad070ae9f57c6c09ebf86fe40d82a75110"
p3p
CP="ADMa OUR IND DSP NON COR"
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=21600
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
10207
js
www.googletagmanager.com/gtag/ 		284 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TL7TXTVCYL&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9cd5f4acf93db7922b385fd867d622cc0e042f01a6adf5515f7a72e196487887
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96642
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 21 Oct 2023 13:34:45 GMT
v3
js.stripe.com/ 		544 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/2dda680.modern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6a4ea63b8016b4d94651cee8f321ca01552c2fb59c2692dfc5fbe80c7ac6bed6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 13:34:39 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
7
x-cache
Hit from cloudfront
last-modified
Sat, 21 Oct 2023 02:08:07 GMT
server
Cloudfront
etag
W/"2c74072bc4cb7d1b9bccbc540bd0d5e4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
AFMv-HX73BpcvHyiW_L67aOygajOK3oid4MKDRKUB--ACtqSY5oGvg==
1243
donate.wfp.org/_content/get/pages/en-gb/ 		11 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_content/get/pages/en-gb/1243
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/13bb4f0.modern.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend / Express
Resource Hash
d4e3e3ab2d1430539181a8d2124c78c8cf21a4d8a1cab51cc7cdb44ffc54c33a

Request headers

Accept
application/json, text/plain, */*
Referer
https://donate.wfp.org/1243/donation/regular/?campaign=1517&
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:45 GMT
content-encoding
gzip
via
1.1 google
server
Google Frontend
x-powered-by
Express
etag
W/"2c72-L6PNbV74+lE3l0oXHafpzTl83BU"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
translations
donate.wfp.org/_content/get/bundle/en-gb/ 		81 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_content/get/bundle/en-gb/translations
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/13bb4f0.modern.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend / Express
Resource Hash
ddbe1388107d343ad1c2dfcb6fbb0db7078708a2be94e960c110b3b7b5379bc6

Request headers

Accept
application/json, text/plain, */*
Referer
https://donate.wfp.org/1243/donation/regular/?campaign=1517&
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:41 GMT
content-encoding
gzip
via
1.1 google
server
Google Frontend
age
4
x-powered-by
Express
etag
W/"14353-M3aSTeMQDq61PY0I87gvXA5XpLI"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9279
collect
www.google-analytics.com/j/ 		16 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=149080572&t=pageview&_s=1&dl=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26&ul=en-us&de=UTF-8&dt=UN%20World%20Food%20Programme%20(WFP)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1075231801&gjid=326491831&cid=786123756.1697895285&tid=UA-127155074-1&_gid=1479837288.1697895285&_r=1&_slc=1&gtm=45He3ai0n71KN3K8D&z=1122777168
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
523ccc05bf563e4086b1e1ffbf44fa63b0777f85d40b0119e8739a3aaeec900b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 13:34:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://donate.wfp.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=149080572&t=pageview&_s=1&dl=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26&ul=en-us&de=UTF-8&dt=UN%20World%20Food%20Programme%20(WFP)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAiEABBAAAACAAI~&jid=513401934&gjid=1219921331&cid=786123756.1697895285&tid=UA-2556524-1&_gid=1479837288.1697895285&_slc=1&gtm=45He3ai0n71KN3K8D&z=310674987
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 13:34:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://donate.wfp.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2556524-1&cid=786123756.1697895285&jid=513401934&gjid=1219921331&_gid=1479837288.1697895285&_u=YGDAiEABBAAAAGAAI~&z=1762312317
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 21 Oct 2023 13:34:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://donate.wfp.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=149080572&t=pageview&_s=1&dl=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26&ul=en-us&de=UTF-8&dt=UN%20World%20Food%20Programme%20(WFP)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAAGAAI~&jid=1282331784&gjid=305062527&cid=786123756.1697895285&tid=UA-2556524-57&_gid=1479837288.1697895285&_r=1&_slc=1&gtm=45He3ai0n71KN3K8D&z=1274684047
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9ee1bc4923dc7344b0c712352a782fcadcd1bbeda8b3a7059f60944a7e1305b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 13:34:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://donate.wfp.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
1877519415676647
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1877519415676647?v=2.9.135&r=stable&domain=donate.wfp.org
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7199ab7751b130d28584e764ceddd5836bb92166b17e9ae493510bf93749e70d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 21 Oct 2023 13:34:45 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35316
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
bRY92hKmdB52qcV0jXwemw402EUVtUdWDFgr63/VaKfVwmzaZ6+j3t8WR7c6OR/78tdqBep3ynOgmsEcsBWRIA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
7eb7061.modern.js
donate.wfp.org/_wfp/ 		1 KB
414 B 		Script
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/7eb7061.modern.js
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/b2a457a.modern.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
607f124f180d0722361dbf030fb56190ab6bc2a8695661eb101a0fee1efa55c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/1243/donation/regular/?campaign=1517
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:12:23 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 09 Oct 2023 16:49:08 GMT
server
Google Frontend
age
4942
etag
W/"403-18b1557a7a0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
393
collect
stats.g.doubleclick.net/j/ 		1 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-127155074-1&cid=786123756.1697895285&jid=1075231801&gjid=326491831&_gid=1479837288.1697895285&_u=YEBAAEAAAAAAACAAI~&z=1657675107
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 21 Oct 2023 13:34:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://donate.wfp.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		228 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7B8MHJ3Q6W&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
51342149cbfd0de87ba6c217478574cc606296b40cfed3459c2c10a819bc7414
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83016
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 21 Oct 2023 13:34:45 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/597680250/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/597680250/?random=1697895285345&cv=11&fst=1697895285345&bg=ffffff&guid=ON&async=1&gtm=45be3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517&hn=www.googleadservices.com&frm=0&tiba=UN%20World%20Food%20Programme%20(WFP)&auid=1114864716.1697895285&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-597680250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d241c2db656d673e741ed285d0e89dcf435a5297f76c3367492cd306887157d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 13:34:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1352
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-TL7TXTVCYL&gtm=45je3ai0&_p=149080572&_gaz=1&cid=786123756.1697895285&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697895285&sct=1&seg=0&dl=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517&dt=UN%20World%20Food%20Programme%20(WFP)&en=page_view&_fv=1&_ss=1&_c=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TL7TXTVCYL&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 13:34:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://donate.wfp.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TL7TXTVCYL&cid=786123756.1697895285&gtm=45je3ai0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TL7TXTVCYL&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 13:34:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://donate.wfp.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TL7TXTVCYL&cid=786123756.1697895285&gtm=45je3ai0&aip=1&z=910202438
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 13:34:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		228 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-C9S5DE8LYK&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d8fe338d744866f58351bb6e6fca2853915d75202688aa6145815c4d95862360
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82915
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 21 Oct 2023 13:34:45 GMT
22021902.js
bat.bing.com/p/action/ 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/22021902.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Sat, 21 Oct 2023 13:34:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B16D4F8A84CF4B3BB81E760F6D674667 Ref B: FRAEDGE1908 Ref C: 2023-10-21T13:34:45Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=22021902&tm=gtm002&Ver=2&mid=3e395c78-766b-4513-82b2-efb7f2061964&sid=99096480701611ee86791fe09f3ccdd8&vid=99098cf0701611eeb446c167dde138cb&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=UN%20World%20Food%20Programme%20(WFP)&p=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517&r=&lt=1517&evt=pageLoad&sv=1&rn=422544
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 21 Oct 2023 13:34:45 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9355AC5355E14C30B02260055EAC7B7F Ref B: FRAEDGE1908 Ref C: 2023-10-21T13:34:45Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2556524-1&cid=786123756.1697895285&jid=513401934&_u=YGDAiEABBAAAAGAAI~&z=1630441856
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 13:34:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2556524-1&cid=786123756.1697895285&jid=513401934&_u=YGDAiEABBAAAAGAAI~&z=1630441856
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 13:34:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CML34uqgh4IDFSMOogMdMzIM_A;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3...
adservice.google.com/ddm/fls/i/ Frame 07B1 		584 B
704 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CML34uqgh4IDFSMOogMdMzIM_A;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26
Requested by
Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/activityi;dc_pre=CML34uqgh4IDFSMOogMdMzIM_A;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c32248313d690bb410071a8cea4bc85437f6e18793810ea83cb6486ef46c5ff0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5499309.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
329
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 13:34:45 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1877519415676647&ev=PageView&dl=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517&rl=&if=false&ts=1697895285470&sw=1600&sh=1200&v=2.9.135&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1697895285468.1667099615&ler=empty&it=1697895285318&coo=false&rqm=GET
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 21 Oct 2023 13:34:45 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
p
c5.adalyser.com/tracking/track/v3/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c5.adalyser.com/tracking/track/v3/p?stm=1697895285478&e=lce1&url=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517&cid=wfp&p=%7B%22et%22%3A1697895285476%2C%22nr%22%3A%22New%22%2C%22cg%22%3A%22Direct%22%2C%22dt%22%3A%22desktop%22%2C%22so%22%3A%22direct%22%2C%22me%22%3A%22none%22%2C%22ca%22%3A%22direct%22%2C%22co%22%3A%22(not%20set)%22%2C%22ke%22%3A%22(not%20set)%22%2C%22vid%22%3A%221%22%2C%22sid%22%3A%221b396db1-e205-4ce7-aa49-c99ee70a8ecf%22%2C%22duid%22%3A%22eec6a2fb-df05-4d9e-ade4-c389de3ee930%22%2C%22cw%22%3A1697895285476%2C%22lp%22%3A%22https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%22%7D&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.88%20Safari%2F537.36&domain=donate.wfp.org
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.39.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-39-146.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 13:34:45 GMT
x-powered-by
Express
etag
W/"2b-B//0C13UlayirE4cP7xgqg"
p3p
CP="ADMa OUR IND DSP NON COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
43
expires
0
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-7B8MHJ3Q6W&gtm=45je3ai0&_p=149080572&ul=en-us&sr=1600x1200&cid=786123756.1697895285&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26&dt=UN%20World%20Food%20Programme%20(WFP)&sid=1697895285&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7B8MHJ3Q6W&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 13:34:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://donate.wfp.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
960d92a.modern.js
donate.wfp.org/_wfp/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/960d92a.modern.js
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/b2a457a.modern.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
3a726662d35cda6fc724a47636793e28aeca63ad7fd7586edd53db4815def981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/1243/donation/regular/?campaign=1517
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:30:34 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 09 Oct 2023 16:49:08 GMT
server
Google Frontend
age
3851
etag
W/"146e-18b1557a7a0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
3cb15bbc98f140c403d4f140132e36a6
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5230
46073b0.modern.js
donate.wfp.org/_wfp/ 		411 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/46073b0.modern.js
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/b2a457a.modern.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
ac8aa96e1da838f3af3d354dce527e833927ec4f40dfaed294b22b72eb41821b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/1243/donation/regular/?campaign=1517
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 18:21:41 GMT
content-encoding
br
via
1.1 google
last-modified
Wed, 20 Sep 2023 09:42:47 GMT
server
Google Frontend
age
2229184
etag
W/"1613a-18ab1f87dd8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
5bc1ccd21e0c8f9003f1c5a7dfdf7423
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90426
241bc23.modern.js
donate.wfp.org/_wfp/ 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/241bc23.modern.js
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/b2a457a.modern.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
fb8a5407a4d6d3f2f75b3accb0e27248a053efeb437dcffce147fe941d2a3071

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/1243/donation/regular/?campaign=1517
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:57:31 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 09 Oct 2023 16:49:08 GMT
server
Google Frontend
age
2234
etag
W/"115e-18b1557a7a0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
557fad6fffcc86c349edfa4bd81df7f3
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4446
api.js
www.recaptcha.net/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js?render=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/6804a59.modern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c2375af6e2ed9a9a1a1e69febf958f27c98717951bfd0248d59a209441a56ab1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 21 Oct 2023 13:34:45 GMT
hotjar-2048364.js
static.hotjar.com/c/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2048364.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-53.fra56.r.cloudfront.net
Software
/
Resource Hash
9b23e60c2a7a892c8691773099e107153ee147b45043b2b11a7c7181373ac0e4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 13:34:45 GMT
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
6
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/e478bc8132ffa42362d9e7c0667ff07f
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
OnP1Bkwj-KeqAXSHkG7aPI55qzzQSXNffFu5CI00ZBjPETbOkirNVw==
Open_Sans-700-latin72.a09c41f.woff2
donate.wfp.org/_wfp/fonts/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/fonts/Open_Sans-700-latin72.a09c41f.woff2
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/css/78441d1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Request headers

Referer
https://donate.wfp.org/_wfp/css/78441d1.css
Origin
https://donate.wfp.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 21:26:37 GMT
via
1.1 google
last-modified
Tue, 26 Sep 2023 12:06:24 GMT
server
Google Frontend
age
2131688
etag
W/"af00-18ad1622200"
content-type
font/woff2
x-cloud-trace-context
2a2a545bbef6478b9164db2227653e29
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44800
Open_Sans-800-latin80.a09c41f.woff2
donate.wfp.org/_wfp/fonts/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/fonts/Open_Sans-800-latin80.a09c41f.woff2
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/css/78441d1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Request headers

Referer
https://donate.wfp.org/_wfp/css/78441d1.css
Origin
https://donate.wfp.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 24 Sep 2023 11:35:38 GMT
via
1.1 google
last-modified
Wed, 20 Sep 2023 09:42:47 GMT
server
Google Frontend
age
2339947
etag
W/"af00-18ab1f87dd8"
content-type
font/woff2
x-cloud-trace-context
a5d3bcc74ba0b734ad870755afbddfa3
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44800
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=149080572&t=event&ni=1&_s=1&dl=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517&ul=en-us&de=UTF-8&dt=UN%20World%20Food%20Programme%20(WFP)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=IG%20Forms&ea=Donation%20Page%20View&_u=aGDACEABBAAAAGAAI~&jid=788457564&gjid=1551358935&cid=786123756.1697895285&tid=UA-2556524-1&_gid=1479837288.1697895285&_r=1&gtm=45He3ai0n71KN3K8D&z=1477746014
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 13:34:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://donate.wfp.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
xwk0klq7.js
l.getsitecontrol.com/ 		433 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://l.getsitecontrol.com/xwk0klq7.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN3K8D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
7dd394c401138f8120a30565d9b89bc3c87d104dc3a7b87bdc87472675356aa5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:45 GMT
content-encoding
br
cdn-edgestorageid
1080
x-amz-request-id
4PC6JB4GSYJRRQWM
x-amz-server-side-encryption
AES256
cdn-cachedat
10/20/2023 12:32:13
cdn-pullzone
89704
cross-origin-resource-policy
cross-origin
x-amz-id-2
ZtioF3+lfREtWuAam79kyPOeU+4Luj0AvPHKT9kJ39FaY53i3f2SlMqX+cHbQyaoYVhRWVbmtxU=
last-modified
Fri, 20 Oct 2023 07:17:48 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"6bbd9410dc5a0072febdc35f9f6ba426"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=0
cdn-requestid
adc86df08f3e21b81b2b96451c52fb04
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
loader.json
cdn.sparkcentral.com/rtm/web/1.25.7/ 		80 B
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.sparkcentral.com/rtm/web/1.25.7/loader.json
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:7e00:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9909925d4ab51d22ae9bab97f369a550542efa7ed88b3282980b8ce816d16677

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 07:31:08 GMT
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
21818
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-meta-lastmodified
2020-03-16 15:17:38 +0000 UTC
content-length
80
last-modified
Fri, 19 Feb 2021 16:46:29 GMT
server
AmazonS3
etag
"f404840dc69a65c5380c1f11207d1c15"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
n7EibDJgXKvOAWzxudHB65_xCCbL0Q1wPFQLY43DkgnuS31zigc88g==
aq-en-it-wf1680166-mobile.webp
donate.wfp.org/media/768/fvym0jp0/3x4/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://donate.wfp.org/media/768/fvym0jp0/3x4/aq-en-it-wf1680166-mobile.webp
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9f001bc269b29201683598a04376232f9c508190b92ae26238cb74901c065087

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/1243/donation/regular/?campaign=1517
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:16:26 GMT
age
1099
x-guploader-uploadid
ABPtcPojPTnpdBTSNtK56izYRM9N55JmeosVhPTpScxAhsFfMuQ1nB3p5Y23mXn8RmXhJf0T7nygv1hFVs4lZ06UVezOcpNx81zX
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9176
last-modified
Wed, 18 Oct 2023 13:19:39 GMT
server
UploadServer
etag
"e579967e0077cbe4ffd0220b094edbb0"
x-goog-generation
1697626309655724
x-goog-hash
crc32c=aMQR7g==, md5=5XmWfgB3y+T/0CILCU7bsA==
content-type
image/webp
cache-control
public,max-age=3600
x-goog-stored-content-length
9176
accept-ranges
bytes
aq-en-it-desktop-nigeria-vest-women-2022-wf1680166.webp
donate.wfp.org/media/768/ivodn3wq/3x4/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://donate.wfp.org/media/768/ivodn3wq/3x4/aq-en-it-desktop-nigeria-vest-women-2022-wf1680166.webp
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
507acb76a964ac9d3ddccee523e2b85b59321da56c71ff5e22ddba8e70a89e46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/1243/donation/regular/?campaign=1517
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:16:26 GMT
age
1099
x-guploader-uploadid
ABPtcPqoDFLG6CEztOypFo1ZT6GGpjjuSXcbRHqMYfCcJdT40-TBlz4w1HwJ39gd4xFHrxm7tkNxuFt2-fXZysXB1lmX
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34304
last-modified
Fri, 20 Oct 2023 08:17:51 GMT
server
UploadServer
etag
"0f067b8158e8b0f57af86fa7357a9edf"
x-goog-generation
1697559485735236
x-goog-hash
crc32c=kFjR8A==, md5=DwZ7gVjosPV6+G+nNXqe3w==
content-type
image/webp
cache-control
public,max-age=3600
x-goog-stored-content-length
34304
accept-ranges
bytes
untitled-design.png
donate.wfp.org/media/nmjj3mc2/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://donate.wfp.org/media/nmjj3mc2/untitled-design.png
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
266f5618550c5497dccc49cd0aea9f2faada467f60f13ea748e9b7c8af9b0d14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/1243/donation/regular/?campaign=1517
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:52:15 GMT
age
2550
x-guploader-uploadid
ABPtcPoG-vaJPN8gADLdzP8mmwFn72mztoSJJJaxAI0fVEb13NEUc5BgQO7wJxXbUATSCM3xcKw6zs6fB-lmer4gRzVHTw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31868
last-modified
Thu, 18 Aug 2022 09:53:30 GMT
server
UploadServer
etag
"1af98eed0a6947856cfebc54cf8adca5"
x-goog-generation
1660816410607378
x-goog-hash
crc32c=pF8BbA==, md5=GvmO7QppR4Vs/rxUz4rcpQ==
content-type
image/png
cache-control
public,max-age=3600
x-goog-stored-content-length
31868
accept-ranges
bytes
Open_Sans-500-latin56.a09c41f.woff2
donate.wfp.org/_wfp/fonts/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://donate.wfp.org/_wfp/fonts/Open_Sans-500-latin56.a09c41f.woff2
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/css/78441d1.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Request headers

Referer
https://donate.wfp.org/_wfp/css/78441d1.css
Origin
https://donate.wfp.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 17:13:12 GMT
via
1.1 google
last-modified
Tue, 26 Sep 2023 12:06:24 GMT
server
Google Frontend
age
2060493
etag
W/"af00-18ad1622200"
content-type
font/woff2
x-cloud-trace-context
1bc34ac232ff74a82daf3419601e80f3
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44800
hearts.png
donate.wfp.org/assets/img/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://donate.wfp.org/assets/img/icons/hearts.png
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
428941d3e89cc8f1333768f46d03ad981f32dd43ac0dfb0cbdb9cfdf7b8175a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/1243/donation/regular/?campaign=1517
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:46 GMT
via
1.1 google
last-modified
Mon, 09 Oct 2023 16:46:32 GMT
server
Google Frontend
etag
W/"dae-18b15554640"
content-type
image/png
x-cloud-trace-context
d21706823f6f5131e37a177f05539e4c
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3502
unwfpde.webp
donate.wfp.org/media/320/v43ehpwf/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://donate.wfp.org/media/320/v43ehpwf/unwfpde.webp
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
255f4d4f93f28e66a913e6b6ccd458f17367ff79b032e220115e61810fa93c34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/1243/donation/regular/?campaign=1517
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:46 GMT
age
0
x-guploader-uploadid
ABPtcPpMvIHZLVovV26HyYJpE9VzhucZSherTsbJkS2yWESTsEMc2m69pb_bXLE4O1ZWf6QKMCl2dpoukWigQA4mnSMS5F8ff0cW
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12172
last-modified
Tue, 11 Oct 2022 13:21:25 GMT
server
UploadServer
etag
"9eaf91c3b68addd37cd1d02756955629"
x-goog-generation
1665494485935388
x-goog-hash
crc32c=ZpySnA==, md5=nq+Rw7aK3dN80dAnVpVWKQ==
content-type
image/webp
cache-control
public,max-age=3600
x-goog-stored-content-length
12172
accept-ranges
bytes
unwfp-standard-black-rgb-en.png
donate.wfp.org/media/5gzfbyox/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://donate.wfp.org/media/5gzfbyox/unwfp-standard-black-rgb-en.png
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e612830c72c5254782cf85d0a3a9a776dd3b8ded34b0aa4a09ed5393729b103a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/1243/donation/regular/?campaign=1517
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:36:21 GMT
age
3505
x-guploader-uploadid
ABPtcPoKOKaNJjOLtksWWBkWDUyanPVItXbtPTZyNHH5CorChanOZjkG4YztXJwoxl4WTK7_-WveO8KUkPvdPAqQmCHTEmxSLwro
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7370
last-modified
Tue, 18 Oct 2022 16:09:23 GMT
server
UploadServer
etag
"5eb6d92587747e39c57d5bad3dd093f2"
x-goog-generation
1666109363864446
x-goog-hash
crc32c=LEaDNQ==, md5=XrbZJYd0fjnFfVutPdCT8g==
content-type
image/png
cache-control
public,max-age=3600
x-goog-stored-content-length
7370
accept-ranges
bytes
email-t.svg
donate.wfp.org/media/qsnbnjsm/ 		761 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://donate.wfp.org/media/qsnbnjsm/email-t.svg
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
15c5c05e1c7787a5caacde914ea0316bfaa79d8e0d027d4e1f555252b4658654

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/1243/donation/regular/?campaign=1517
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:31:29 GMT
age
197
x-guploader-uploadid
ABPtcPqDkApvUTXz6VRUPuVUWWtzsUtaFZ1VkXfBoaJqSOtVHzYcok3aJz8u_exghPLxn5_Cd3Brvbqlcppaz50tOiZ-Wg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
761
last-modified
Wed, 17 Aug 2022 14:48:46 GMT
server
UploadServer
etag
"d3a5551ded7ee06303ce091b41922983"
x-goog-generation
1660747726973559
x-goog-hash
crc32c=mQQ7WA==, md5=06VVHe1+4GMDzgkbQZIpgw==
content-type
image/svg+xml
cache-control
public,max-age=3600
x-goog-stored-content-length
761
accept-ranges
bytes
microsoftteams-image.png
donate.wfp.org/media/55cp51ue/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://donate.wfp.org/media/55cp51ue/microsoftteams-image.png
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
fc9e37fabc51947d3aaa8597bdc3df4aafd79759730b995d6e70686fca30ac8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/1243/donation/regular/?campaign=1517
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:57:01 GMT
age
2265
x-guploader-uploadid
ABPtcPpQRM_Z_8EooPkYK23D93Xipctjh5EZ86174PdluNrfwHIkkrWwMFBQq-2wngEvXTg35AZNQDZACbI3AN6FLKwN8Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9214
last-modified
Wed, 23 Nov 2022 08:52:43 GMT
server
UploadServer
etag
"df1562ba666dd8a3beaa254fbaa5ed1a"
x-goog-generation
1669193563934111
x-goog-hash
crc32c=L0NwhQ==, md5=3xViumZt2KO+qiVPuqXtGg==
content-type
image/png
cache-control
public,max-age=3600
x-goog-stored-content-length
9214
accept-ranges
bytes
twitter.svg
donate.wfp.org/assets/img/icons/ 		433 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://donate.wfp.org/assets/img/icons/twitter.svg
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
25d6a90087c11bb3e87d40c12de81441ec389d39b587a77c1e0d771d9eadfa20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/1243/donation/regular/?campaign=1517
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:46 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 09 Oct 2023 16:46:32 GMT
server
Google Frontend
etag
W/"1b1-18b15554640"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
facebook.svg
donate.wfp.org/assets/img/icons/ 		552 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://donate.wfp.org/assets/img/icons/facebook.svg
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
c6034e158d46463cf39b67667d1f14fc3767042d02244d98335189291184e3a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/1243/donation/regular/?campaign=1517
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:46 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 09 Oct 2023 16:46:32 GMT
server
Google Frontend
etag
W/"228-18b15554640"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
instagram.svg
donate.wfp.org/assets/img/icons/ 		2 KB
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://donate.wfp.org/assets/img/icons/instagram.svg
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
bf190f53b34ca5a0445da2fbd9ff9a7155487c067c907fa7540d855e603fb807

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/1243/donation/regular/?campaign=1517
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:46 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 09 Oct 2023 16:46:32 GMT
server
Google Frontend
etag
W/"74b-18b15554640"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
linkedin.svg
donate.wfp.org/assets/img/icons/ 		616 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://donate.wfp.org/assets/img/icons/linkedin.svg
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
0f9aa279fa08f83278e9ae8de1c27ba480c6cb8a6c41e017b7b71e86305f13fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/1243/donation/regular/?campaign=1517
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:46 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 09 Oct 2023 16:46:32 GMT
server
Google Frontend
etag
W/"268-18b15554640"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
youtube.svg
donate.wfp.org/assets/img/icons/ 		547 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://donate.wfp.org/assets/img/icons/youtube.svg
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9812cb6d54877fc4bf9e7129b85d16475af9b00b367ad8e812a7365c48867a8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/1243/donation/regular/?campaign=1517
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:46 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 09 Oct 2023 16:46:32 GMT
server
Google Frontend
etag
W/"223-18b15554640"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
destination
www.googletagmanager.com/gtag/ 		180 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-10390555&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C9S5DE8LYK&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a410147668c39d7b918d804b2a4274865b6733cbb31cda7bd580a884dc1d63b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67700
x-xss-protection
0
last-modified
Sat, 21 Oct 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 21 Oct 2023 13:34:46 GMT
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-C9S5DE8LYK&gtm=45je3ai0&_p=149080572&ul=en-us&sr=1600x1200&cid=786123756.1697895285&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26&dt=UN%20World%20Food%20Programme%20(WFP)&sid=1697895286&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C9S5DE8LYK&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 13:34:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://donate.wfp.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CML34uqgh4IDFSMOogMdMzIM_A;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3...
5499309.fls.doubleclick.net/ddm/fls/r/ Frame 7C5B
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/dc_pre=CML34uqgh4IDFSMOogMdMzIM_A;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;...
  • https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CML34uqgh4IDFSMOogMdMzIM_A;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb...
1 KB
513 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CML34uqgh4IDFSMOogMdMzIM_A;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CML34uqgh4IDFSMOogMdMzIM_A;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f6.1e100.net
Software
cafe /
Resource Hash
eb5eba66e0727f3ff99dea0d7b2f33805d4342c2441377525fb8305354e37a13
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
488
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 13:34:46 GMT
expires
Sat, 21 Oct 2023 13:34:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 13:34:46 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CML34uqgh4IDFSMOogMdMzIM_A;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/597680250/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/597680250/?random=1697895285345&cv=11&fst=1697893200000&bg=ffffff&guid=ON&async=1&gtm=45be3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517&frm=0&tiba=UN%20World%20Food%20Programme%20(WFP)&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=854253254&rmt_tld=0&ipr=y
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 13:34:46 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/597680250/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/597680250/?random=1697895285345&cv=11&fst=1697893200000&bg=ffffff&guid=ON&async=1&gtm=45be3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517&frm=0&tiba=UN%20World%20Food%20Programme%20(WFP)&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=854253254&rmt_tld=1&ipr=y
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 13:34:46 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2556524-1&cid=786123756.1697895285&jid=788457564&gjid=1551358935&_gid=1479837288.1697895285&_u=aGDACEABBAAAAGAAI~&z=1905451269
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c03::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 21 Oct 2023 13:34:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://donate.wfp.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
sparkcentral.1.25.7.min.js
cdn.sparkcentral.com/rtm/web/1.25.7/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sparkcentral.com/rtm/web/1.25.7/sparkcentral.1.25.7.min.js
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:7e00:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3fc75d058624330c6f1611633822e4023b960fad6a3f35876046f3adaa6349c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 04:48:38 GMT
content-encoding
gzip
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Fri, 19 Feb 2021 16:46:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
31569
x-amz-server-side-encryption
AES256
etag
W/"cd3c7f973f6b72e066d3f3f23b53d94f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-meta-lastmodified
2020-03-16 15:17:38 +0000 UTC
x-amz-cf-id
Hv7svyqa0OB9VoNLqHA5zwHB1rvR5_TZCYD3yoeUKdj8Cn4xz2lV5w==
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2556524-1&cid=786123756.1697895285&jid=788457564&_u=aGDACEABBAAAAGAAI~&z=529970789
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 13:34:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2556524-1&cid=786123756.1697895285&jid=788457564&_u=aGDACEABBAAAAGAAI~&z=529970789
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 13:34:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ 		464 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72514e9f2f3de452cc34255e7a688e532b2b738cb8db80e0430c81823574f61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://donate.wfp.org/
Origin
https://donate.wfp.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 12:16:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91121
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
190277
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 04:01:46 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Oct 2024 12:16:05 GMT
initialise.js
pay.gocardless.com/billing/static/dropin/v2/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.gocardless.com/billing/static/dropin/v2/initialise.js
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/eeb3f82.modern.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:8b22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
100082a5a528e4e7117b02aa04631420999caaa3823cad14addb139ba07622bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:46 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
age
3116
x-guploader-uploadid
ADPycdvj8PXNbSSvhCOaZol9iJbqyeTH_vcdXbisDCeMRz6G2gLm0HObnC2FJMzwEB7WY-DpqRqhF5r4VK1mePd4W5opVdW71dRg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1384
last-modified
Wed, 13 Sep 2023 13:21:44 GMT
server
cloudflare
etag
"bfe4acaca79d9ff4f75632dfea89d06a"
vary
Accept-Encoding
x-goog-generation
1694611304685049
content-type
application/javascript
x-goog-hash
crc32c=YCECfQ==, md5=v+SsrKedn/T3VjLf6onQag==
cache-control
public, max-age=3600
x-goog-stored-content-length
1384
accept-ranges
bytes
cf-ray
8199e144e81d18d4-FRA
expires
Sat, 21 Oct 2023 13:42:50 GMT
js
www.paypal.com/sdk/ 		273 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disable-funding=card,credit,bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort,venmo&currency=EUR
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/_wfp/2dda680.modern.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD5) /
Resource Hash
905b7eb5f65817f2c129dbfa4241f754e6325ac3ee4380abfa44818c38bc86c4
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-UZOVUDfsl8kN6JTA9D19kL5TwkuCz6/JkhQJ0Ubyzkk7040p' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-UZOVUDfsl8kN6JTA9D19kL5TwkuCz6/JkhQJ0Ubyzkk7040p' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-UZOVUDfsl8kN6JTA9D19kL5TwkuCz6/JkhQJ0Ubyzkk7040p' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-UZOVUDfsl8kN6JTA9D19kL5TwkuCz6/JkhQJ0Ubyzkk7040p' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 13:34:46 GMT
disable-set-cookie
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
10391
x-cache
HIT
p3p
true
paypal-debug-id
08408296b8991
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
76662
x-xss-protection
1; mode=block
last-modified
Sat, 21 Oct 2023 10:41:36 GMT
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4CD5)
traceparent
00-000000000000000000008408296b8991-eeaed201498c8c06-01
etag
W/"12b76-dN1HByQ+jHJztSPMAa2N0ekY7gM"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
timing-allow-origin
*
pb-stripe.svg
donate.wfp.org/assets/img/icons/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://donate.wfp.org/assets/img/icons/pb-stripe.svg
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
3f39956e5e5efe0dc248d9574a7a7071f5ac512ae3d553d3f949653cb8147962

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/1243/donation/regular/?campaign=1517
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:46 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 09 Oct 2023 16:46:32 GMT
server
Google Frontend
etag
W/"f81-18b15554640"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
controller-68059e1af226e72493d47209d561b5e2.html
js.stripe.com/v3/ Frame AE67 		325 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-68059e1af226e72493d47209d561b5e2.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
554566effefe1b13338bbbc4504ffe98e5ce03e7a71c68a8d9ee41f429e32ec0
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
37
cache-control
max-age=60
content-length
325
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 21 Oct 2023 13:34:10 GMT
etag
"68059e1af226e72493d47209d561b5e2"
last-modified
Sat, 21 Oct 2023 01:32:10 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-id
rd5lmpZRybg-yM-cnRVvlhY_7CMxwstyDERWWLFI5xUQZiFUB_wEXA==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
payment-request-inner-google-pay-5cec5ef0ae89922bf74fb23adde2f955.html
js.stripe.com/v3/ Frame 0709 		408 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-google-pay-5cec5ef0ae89922bf74fb23adde2f955.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
fe461e8460c7da77499624431951d65439abfd06447b53781b641d77c2aa343e
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2410
cache-control
max-age=31536000
content-length
408
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 21 Oct 2023 12:54:50 GMT
etag
"5cec5ef0ae89922bf74fb23adde2f955"
last-modified
Sat, 21 Oct 2023 01:32:26 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-id
o4_BPd7m41GntY6Z7ivERcaVwduKJcc93SNmaNDGgItZEx7_3AP0rw==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
payment-request-inner-browser-59b3302df274fb9180da7157c226b500.html
js.stripe.com/v3/ Frame 1387 		344 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-browser-59b3302df274fb9180da7157c226b500.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
d5679ed0231e83382e858b0255f1d75987fc23964085ca68f7269dbe6004aff2
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
5
cache-control
max-age=60
content-length
344
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 21 Oct 2023 13:34:46 GMT
etag
"59b3302df274fb9180da7157c226b500"
last-modified
Sat, 21 Oct 2023 01:32:26 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-id
PIPjCWbHYLKJjUbkd8MknobFXbANVr6JoM4ku0l-E3SMF5CT05G5Fg==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
controller-68059e1af226e72493d47209d561b5e2.html
js.stripe.com/v3/ Frame 0BA0 		325 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-68059e1af226e72493d47209d561b5e2.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
554566effefe1b13338bbbc4504ffe98e5ce03e7a71c68a8d9ee41f429e32ec0
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
37
cache-control
max-age=60
content-length
325
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 21 Oct 2023 13:34:10 GMT
etag
"68059e1af226e72493d47209d561b5e2"
last-modified
Sat, 21 Oct 2023 01:32:10 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-id
gnLYUaPbTdZpdBceJ08r3vzy0mQ0fwdiRuJV5k7KgrjqWChoxxVpDg==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
js.stripe.com/v3/ Frame C9D7 		798 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
7812e58ffc6dc530c08cd2d99e1ce7229cd84da228f5ce13fc27bfe47d61c8e9
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3526
cache-control
max-age=31536000
content-length
798
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 21 Oct 2023 12:36:39 GMT
etag
"a691ec2ac77b6aae50dc7bd89ea1226b"
last-modified
Sat, 21 Oct 2023 01:32:11 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-id
vtIyCX6dTLqTAw9Ki9lbZkqiSk_qxV3qDqu_Wfn1IHgmJp0CkXgPxQ==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
js.stripe.com/v3/ Frame E5CE 		798 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
7812e58ffc6dc530c08cd2d99e1ce7229cd84da228f5ce13fc27bfe47d61c8e9
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3526
cache-control
max-age=31536000
content-length
798
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 21 Oct 2023 12:36:39 GMT
etag
"a691ec2ac77b6aae50dc7bd89ea1226b"
last-modified
Sat, 21 Oct 2023 01:32:11 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-id
eOe8zw9PeaXjtIiRIPVkXLffqPft5iwqcp8G9dhjCPjezSZPYm6Azg==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
js.stripe.com/v3/ Frame 7536 		798 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
7812e58ffc6dc530c08cd2d99e1ce7229cd84da228f5ce13fc27bfe47d61c8e9
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3526
cache-control
max-age=31536000
content-length
798
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 21 Oct 2023 12:36:39 GMT
etag
"a691ec2ac77b6aae50dc7bd89ea1226b"
last-modified
Sat, 21 Oct 2023 01:32:11 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-id
JjaF0t494mtkqWWObQ4vzYbESXV-pZLqqZJV_qgWUTrzYgTisciOMA==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
credit-card.png
donate.wfp.org/assets/img/icons/ 		407 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://donate.wfp.org/assets/img/icons/credit-card.png
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2a6ab45df9e4d7ba1661e98f9e57c9ae68ed0475f05f23117746c78d2e4fc43b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/1243/donation/regular/?campaign=1517
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:46 GMT
via
1.1 google
last-modified
Mon, 09 Oct 2023 16:46:32 GMT
server
Google Frontend
etag
W/"197-18b15554640"
content-type
image/png
x-cloud-trace-context
b9e2652e6085f877a5f1f8d4fac90e9c
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
407
dd.png
donate.wfp.org/assets/img/icons/ 		434 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://donate.wfp.org/assets/img/icons/dd.png
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.85.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.85.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
5d5819aa088c4e4c50335bedcded537098e23e7946b9feaca6a323e70e9bc69a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/1243/donation/regular/?campaign=1517
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:46 GMT
via
1.1 google
last-modified
Mon, 09 Oct 2023 16:46:32 GMT
server
Google Frontend
etag
W/"1b2-18b15554640"
content-type
image/png
x-cloud-trace-context
44583b46abb9db2250beca20a02fa8b5
cache-control
public, max-age=0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
434
modules.e1dfa7708b9d9a8bea71.js
script.hotjar.com/ 		228 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.e1dfa7708b9d9a8bea71.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2048364.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
/
Resource Hash
37c5cc6fa83a5392f51d53cba3892630c02c0e02219d88a043db6d530aa64664
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 12:05:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
178180
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56552
last-modified
Thu, 19 Oct 2023 12:04:32 GMT
etag
"6767acf9424d83d0946202b3a45c9012"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
0C0R7Rhh2wBz9vWtw1Ine5cjTBAJD-xSCgAg3tCTTKsCva-DT4PBwg==
xwk0klq7.json
l.getsitecontrol.com/ 		24 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.getsitecontrol.com/xwk0klq7.json
Requested by
Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/xwk0klq7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
8c43189051cdcb76245449544f1b97d8fe3b0b5feeead6003fde45929b4cf7ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:46 GMT
content-encoding
br
cdn-edgestorageid
1082
x-amz-request-id
H09VJHJQDVEJC8XQ
x-amz-server-side-encryption
AES256
cdn-cachedat
10/20/2023 07:17:47
cdn-pullzone
89704
cross-origin-resource-policy
cross-origin
x-amz-id-2
wcRKABnGOojiM6B+JFBhzXJEc4caa+5k+FuodMY7hZpbOCjh8Tq5wbkJzLx5UuvnFFoiCUhYJmVgTqZNZWWfvA==
last-modified
Fri, 20 Oct 2023 07:17:47 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"2ff1940641441d1e04260b0413a50c8d"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cdn-cache
REVALIDATED
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=0
access-control-max-age
3000
cdn-requestid
535844b11169bf7af34575aced55b283
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
shared-2d019fba8684ddfac3c27f10ec8da923.js
js.stripe.com/v3/fingerprinted/js/ Frame AE67 		513 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-68059e1af226e72493d47209d561b5e2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
7ff5912494fb7b3cdfd5de7ce1773cfc10b96385a3d1e19194ff7263a4aefbfb
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-68059e1af226e72493d47209d561b5e2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 12:35:02 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
3586
x-cache
Hit from cloudfront
last-modified
Sat, 21 Oct 2023 01:32:25 GMT
server
Cloudfront
etag
W/"53d43596d52bd1ed85b7244add7eeb0c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
neZSJIKnd7fqReSIDpo8Ks2WL2AdEVccU6mqK-xGxL764c7xUewm-Q==
controller-96808ed5cafa652d64b4c71dbe466a8e.js
js.stripe.com/v3/fingerprinted/js/ Frame AE67 		633 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-96808ed5cafa652d64b4c71dbe466a8e.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-68059e1af226e72493d47209d561b5e2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3143b2972c789ed40eb3dffb5383868305798cf3dd7b5582ce543262137e7ea5
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-68059e1af226e72493d47209d561b5e2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 12:35:01 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
3587
x-cache
Hit from cloudfront
last-modified
Sat, 21 Oct 2023 01:32:22 GMT
server
Cloudfront
etag
W/"36610e0f980502eb0b49406e2e4ca874"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
NL57Feqor1GvyXKheCNswkWwNYof6Xu8JXT9OHx64ZRTr_1Rj1Xvvw==
pay.js
pay.google.com/gp/p/js/ Frame 0709 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-5cec5ef0ae89922bf74fb23adde2f955.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c08::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b7e82e6f7c70e3a25f97065417a5bb4dd5690931fdb16f71a49dab26f9d480ca
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-GltjbcYfKi3d2y-vn0tQ1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:47 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-GltjbcYfKi3d2y-vn0tQ1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Sat, 21 Oct 2023 13:34:47 GMT
shared-2d019fba8684ddfac3c27f10ec8da923.js
js.stripe.com/v3/fingerprinted/js/ Frame 0709 		513 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-5cec5ef0ae89922bf74fb23adde2f955.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
7ff5912494fb7b3cdfd5de7ce1773cfc10b96385a3d1e19194ff7263a4aefbfb
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-5cec5ef0ae89922bf74fb23adde2f955.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 12:35:02 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
3586
x-cache
Hit from cloudfront
last-modified
Sat, 21 Oct 2023 01:32:25 GMT
server
Cloudfront
etag
W/"53d43596d52bd1ed85b7244add7eeb0c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
cWpQHV1AymVr6wVpzpM3uMFGgGuq8-h_4DIpphLugblsUPCI1EUVbQ==
payment-request-inner-google-pay-c1393017a41a9a55f1972b366ff43e92.js
js.stripe.com/v3/fingerprinted/js/ Frame 0709 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-c1393017a41a9a55f1972b366ff43e92.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-5cec5ef0ae89922bf74fb23adde2f955.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f05a075dfa9cee7ab76b28bf5ebb367646493c4c3712ad1fb6bff0378f49a573
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-5cec5ef0ae89922bf74fb23adde2f955.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 12:47:34 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
2845
x-cache
Hit from cloudfront
last-modified
Fri, 06 Oct 2023 20:54:32 GMT
server
Cloudfront
etag
W/"8f9acb52354218d5f45674debf56b2bd"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
GTAAgWvWBg9fFu4-Z_bvuBvELTXaTjdQ7bbQRao8HaEu_jyd3ffW1A==
shared-2d019fba8684ddfac3c27f10ec8da923.js
js.stripe.com/v3/fingerprinted/js/ Frame 0BA0 		513 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-68059e1af226e72493d47209d561b5e2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
7ff5912494fb7b3cdfd5de7ce1773cfc10b96385a3d1e19194ff7263a4aefbfb
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-68059e1af226e72493d47209d561b5e2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 12:35:02 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
3586
x-cache
Hit from cloudfront
last-modified
Sat, 21 Oct 2023 01:32:25 GMT
server
Cloudfront
etag
W/"53d43596d52bd1ed85b7244add7eeb0c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
hZCsM5jOFxJpUYWIFsL0Ng8AugI5jHHXD9Wxk8nbgYr-E26n_2Kalg==
controller-96808ed5cafa652d64b4c71dbe466a8e.js
js.stripe.com/v3/fingerprinted/js/ Frame 0BA0 		633 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-96808ed5cafa652d64b4c71dbe466a8e.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-68059e1af226e72493d47209d561b5e2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3143b2972c789ed40eb3dffb5383868305798cf3dd7b5582ce543262137e7ea5
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-68059e1af226e72493d47209d561b5e2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 12:35:01 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
3587
x-cache
Hit from cloudfront
last-modified
Sat, 21 Oct 2023 01:32:22 GMT
server
Cloudfront
etag
W/"36610e0f980502eb0b49406e2e4ca874"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
IGjwJuJi1NQe-ObQeo58gdpitxmSwVFStPjYDtmZ0grGVjkeE0xYrQ==
shared-2d019fba8684ddfac3c27f10ec8da923.js
js.stripe.com/v3/fingerprinted/js/ Frame 1387 		513 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-59b3302df274fb9180da7157c226b500.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
7ff5912494fb7b3cdfd5de7ce1773cfc10b96385a3d1e19194ff7263a4aefbfb
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-59b3302df274fb9180da7157c226b500.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 12:35:02 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
3586
x-cache
Hit from cloudfront
last-modified
Sat, 21 Oct 2023 01:32:25 GMT
server
Cloudfront
etag
W/"53d43596d52bd1ed85b7244add7eeb0c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
gGOLx8UYdBZ0r88ENjlkrNFu3T9VKGRR2Q9yhjIM117bhw9_Ll048Q==
payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js
js.stripe.com/v3/fingerprinted/js/ Frame 1387 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-59b3302df274fb9180da7157c226b500.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-59b3302df274fb9180da7157c226b500.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 13:33:07 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
108
x-cache
Hit from cloudfront
last-modified
Thu, 12 Oct 2023 20:01:48 GMT
server
Cloudfront
etag
W/"330666bb238cf77ae96a867563ebc09a"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
sT3xGL7u84Z58vQAqrDcU-RwPezuYx2HE9pikknXau2X5R-iMJYr7Q==
shared-2d019fba8684ddfac3c27f10ec8da923.js
js.stripe.com/v3/fingerprinted/js/ Frame C9D7 		513 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
7ff5912494fb7b3cdfd5de7ce1773cfc10b96385a3d1e19194ff7263a4aefbfb
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 12:35:02 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
3586
x-cache
Hit from cloudfront
last-modified
Sat, 21 Oct 2023 01:32:25 GMT
server
Cloudfront
etag
W/"53d43596d52bd1ed85b7244add7eeb0c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
06v5Q8Oqs-FeAcM-3ipX3WUN33XzEZ1pynUbfRasImpwRDPtCyQSTw==
ui-shared-bf771df1dc4bd1475064218c0f692cc9.js
js.stripe.com/v3/fingerprinted/js/ Frame C9D7 		311 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-bf771df1dc4bd1475064218c0f692cc9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
8680b322dcb49757ed608ae0b8669262f15af4961f6bc4a9dcc2b30feb9ce0c5
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 13:05:24 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1770
x-cache
Hit from cloudfront
last-modified
Fri, 20 Oct 2023 17:03:09 GMT
server
Cloudfront
etag
W/"b64da36ea106b3fb6c84a4db42de091b"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
GzsSSegcu3bL0JMimirDrsRWI8022qZ3nGDoEff0FIX1BzwTYQ4caA==
elements-inner-card-1b53eb1f35c0c3c7167878c34f88e7b7.js
js.stripe.com/v3/fingerprinted/js/ Frame C9D7 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-1b53eb1f35c0c3c7167878c34f88e7b7.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
d5cd509c4886598bcade37c60dd24e92416c92bb6c55f53ddfed1a67a917aa35
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 13:32:04 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
202
x-cache
Hit from cloudfront
last-modified
Tue, 10 Oct 2023 20:02:13 GMT
server
Cloudfront
etag
W/"3654f8ee80aad58c4de51853bd7c293d"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
xXdoyNQxpLxmqo-b-qWD6BHunsZ8WyEaLfHe7t1BWDb6QyXet1Awmg==
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame C9D7 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 13:01:54 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1975
x-cache
Hit from cloudfront
last-modified
Fri, 06 Oct 2023 20:54:19 GMT
server
Cloudfront
etag
W/"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
UJc4ya1DpUROyblArjZj6Y8U6eSIGST45DtAOHGJ3zEglDYG2XsajA==
elements-inner-card-de3d82752e334539cc74c26294525473.css
js.stripe.com/v3/fingerprinted/css/ Frame C9D7 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-de3d82752e334539cc74c26294525473.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
e62edfdb0575acbdce5c582447530e931df30ba86e9036e93c58cc7944ed56c6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 13:17:07 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1108
x-cache
Hit from cloudfront
last-modified
Wed, 11 Oct 2023 20:04:16 GMT
server
Cloudfront
etag
W/"c3f0079066a9db411821d0838d892a89"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
-N7_m703qwZxtW7VMo9d9Bsg_KqRI95BFJ9143t82ttH48abl1CohQ==
shared-2d019fba8684ddfac3c27f10ec8da923.js
js.stripe.com/v3/fingerprinted/js/ Frame E5CE 		513 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
7ff5912494fb7b3cdfd5de7ce1773cfc10b96385a3d1e19194ff7263a4aefbfb
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 12:35:02 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
3586
x-cache
Hit from cloudfront
last-modified
Sat, 21 Oct 2023 01:32:25 GMT
server
Cloudfront
etag
W/"53d43596d52bd1ed85b7244add7eeb0c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
J---0V0nUMpU2C8rx55Cl12m6zRCEd492zTe7FSnc0Zx0f_v-1d7CA==
ui-shared-bf771df1dc4bd1475064218c0f692cc9.js
js.stripe.com/v3/fingerprinted/js/ Frame E5CE 		311 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-bf771df1dc4bd1475064218c0f692cc9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
8680b322dcb49757ed608ae0b8669262f15af4961f6bc4a9dcc2b30feb9ce0c5
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 13:05:24 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1770
x-cache
Hit from cloudfront
last-modified
Fri, 20 Oct 2023 17:03:09 GMT
server
Cloudfront
etag
W/"b64da36ea106b3fb6c84a4db42de091b"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
mdMt5BZNB1FxtcXMrgqAQQgzvjlWiLiHcGacAFP3IpGpuzr9a4pGrg==
elements-inner-card-1b53eb1f35c0c3c7167878c34f88e7b7.js
js.stripe.com/v3/fingerprinted/js/ Frame E5CE 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-1b53eb1f35c0c3c7167878c34f88e7b7.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
d5cd509c4886598bcade37c60dd24e92416c92bb6c55f53ddfed1a67a917aa35
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 13:32:04 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
202
x-cache
Hit from cloudfront
last-modified
Tue, 10 Oct 2023 20:02:13 GMT
server
Cloudfront
etag
W/"3654f8ee80aad58c4de51853bd7c293d"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
dN9yJtyRbXyUJLEz-1Uf-JGDmxZcrTOQ1YyCGzriNWv25N8j9ALK5g==
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame E5CE 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 13:01:54 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1975
x-cache
Hit from cloudfront
last-modified
Fri, 06 Oct 2023 20:54:19 GMT
server
Cloudfront
etag
W/"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
GSeMVGBKQNb-yH0y3VJNiPsc0lACChuI_LF37_R-NxbOd4SeKfOxdQ==
elements-inner-card-de3d82752e334539cc74c26294525473.css
js.stripe.com/v3/fingerprinted/css/ Frame E5CE 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-de3d82752e334539cc74c26294525473.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
e62edfdb0575acbdce5c582447530e931df30ba86e9036e93c58cc7944ed56c6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 13:17:07 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1108
x-cache
Hit from cloudfront
last-modified
Wed, 11 Oct 2023 20:04:16 GMT
server
Cloudfront
etag
W/"c3f0079066a9db411821d0838d892a89"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
AeFrOfsDxLBAUQ9PXgreVhWlWWff-ZE3elBMs3-9bz7fHx7dxNeUkw==
shared-2d019fba8684ddfac3c27f10ec8da923.js
js.stripe.com/v3/fingerprinted/js/ Frame 7536 		513 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
7ff5912494fb7b3cdfd5de7ce1773cfc10b96385a3d1e19194ff7263a4aefbfb
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 12:35:02 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
3586
x-cache
Hit from cloudfront
last-modified
Sat, 21 Oct 2023 01:32:25 GMT
server
Cloudfront
etag
W/"53d43596d52bd1ed85b7244add7eeb0c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
jwFVlm2Qi2OYw3DZKjEYX3ECl0K6yKnJGxuFLom0E8S5IbUpYadvTw==
ui-shared-bf771df1dc4bd1475064218c0f692cc9.js
js.stripe.com/v3/fingerprinted/js/ Frame 7536 		311 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-bf771df1dc4bd1475064218c0f692cc9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
8680b322dcb49757ed608ae0b8669262f15af4961f6bc4a9dcc2b30feb9ce0c5
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 13:05:24 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1770
x-cache
Hit from cloudfront
last-modified
Fri, 20 Oct 2023 17:03:09 GMT
server
Cloudfront
etag
W/"b64da36ea106b3fb6c84a4db42de091b"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
G4_TP8dUHQRqDNiQ81hVHbas38kjklemNsr_JyJu_OcMb77ZTDqhAg==
elements-inner-card-1b53eb1f35c0c3c7167878c34f88e7b7.js
js.stripe.com/v3/fingerprinted/js/ Frame 7536 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-1b53eb1f35c0c3c7167878c34f88e7b7.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
d5cd509c4886598bcade37c60dd24e92416c92bb6c55f53ddfed1a67a917aa35
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 13:32:04 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
202
x-cache
Hit from cloudfront
last-modified
Tue, 10 Oct 2023 20:02:13 GMT
server
Cloudfront
etag
W/"3654f8ee80aad58c4de51853bd7c293d"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
mT23RyKpScpxokjclQ2qGUGZqSa5PFM5NcgKMwP9-kqMzcPCDPLfKQ==
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 7536 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 13:01:54 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1975
x-cache
Hit from cloudfront
last-modified
Fri, 06 Oct 2023 20:54:19 GMT
server
Cloudfront
etag
W/"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
pl-YOmFePDvNem8nuC_0HCFCmT9G5x-dzPJdMdsFbzQqf0UMlsPRyA==
elements-inner-card-de3d82752e334539cc74c26294525473.css
js.stripe.com/v3/fingerprinted/css/ Frame 7536 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-de3d82752e334539cc74c26294525473.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
e62edfdb0575acbdce5c582447530e931df30ba86e9036e93c58cc7944ed56c6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 13:17:07 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1108
x-cache
Hit from cloudfront
last-modified
Wed, 11 Oct 2023 20:04:16 GMT
server
Cloudfront
etag
W/"c3f0079066a9db411821d0838d892a89"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
3AmJPYLskiGXvDRqxJ3mruzPbJR7MhHWv_uwGaWHZ3gkxD613D1bRw==
activityi;dc_pre=COGs2Ough4IDFYoNogMdC0sIJw;src=10390555;type=rem0;cat=allp;ord=915089529905;auiddc=1114864716.1697895285;gtm=45fe3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=ht...
10390555.fls.doubleclick.net/ Frame 3EA0
Redirect Chain
  • https://10390555.fls.doubleclick.net/activityi;src=10390555;type=rem0;cat=allp;ord=915089529905;auiddc=1114864716.1697895285;gtm=45fe3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref...
  • https://10390555.fls.doubleclick.net/activityi;dc_pre=COGs2Ough4IDFYoNogMdC0sIJw;src=10390555;type=rem0;cat=allp;ord=915089529905;auiddc=1114864716.1697895285;gtm=45fe3ai0;uaa=;uab=;uafvl=;uamb=0;u...
1 KB
557 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10390555.fls.doubleclick.net/activityi;dc_pre=COGs2Ough4IDFYoNogMdC0sIJw;src=10390555;type=rem0;cat=allp;ord=915089529905;auiddc=1114864716.1697895285;gtm=45fe3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10390555&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f6.1e100.net
Software
cafe /
Resource Hash
e7870df28f89fe0cd077694ca845431146a9f7f94cb980fd75008b71474407e7
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://donate.wfp.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
534
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 13:34:47 GMT
expires
Sat, 21 Oct 2023 13:34:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 13:34:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10390555.fls.doubleclick.net/activityi;dc_pre=COGs2Ough4IDFYoNogMdC0sIJw;src=10390555;type=rem0;cat=allp;ord=915089529905;auiddc=1114864716.1697895285;gtm=45fe3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
tc.min.js
c1.rfihub.net/js/ Frame 7C5B 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.rfihub.net/js/tc.min.js
Requested by
Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CML34uqgh4IDFSMOogMdMzIM_A;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:c800:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jetty(9.4.51.v20230217) /
Resource Hash
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5499309.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 12:35:11 GMT
content-encoding
gzip
via
1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified
Sat, 21 Oct 2023 12:35:01 GMT
server
Jetty(9.4.51.v20230217)
x-amz-cf-pop
FRA53-C1
age
3576
x-cache
Hit from cloudfront
content-type
application/x-javascript
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
public, max-age=3600
content-length
6162
x-amz-cf-id
8l9rxdhh526e_ltmlx9UVM3rNq-P668PrHbIJIlCYQWPAc2cPGXdxw==
expires
Sat, 21 Oct 2023 13:35:11 GMT
csp-report
q.stripe.com/ Frame AE67 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 21 Oct 2023 13:34:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1697895287884903
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1697895287884053
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 0709 		0
718 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 21 Oct 2023 13:34:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1697895287884407
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1697895287884033
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 0709 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 21 Oct 2023 13:34:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1697895287889210
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1697895287888384
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 0BA0 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 21 Oct 2023 13:34:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1697895287889847
x-envoy-upstream-service-time
6
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1697895287888387
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 1387 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 21 Oct 2023 13:34:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1697895287890316
x-envoy-upstream-service-time
6
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1697895287888517
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 1387 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 21 Oct 2023 13:34:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1697895287889376
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1697895287888692
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame C9D7 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 21 Oct 2023 13:34:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1697895287892969
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1697895287892336
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame C9D7 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 21 Oct 2023 13:34:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1697895287892938
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1697895287892345
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame E5CE 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 21 Oct 2023 13:34:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1697895287893322
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1697895287892318
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame E5CE 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 21 Oct 2023 13:34:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1697895287895033
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1697895287894639
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 7536 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 21 Oct 2023 13:34:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1697895287893243
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1697895287892351
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 7536 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 21 Oct 2023 13:34:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1697895287892981
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1697895287892346
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
runtime.f35dcd6.js
s2.getsitecontrol.com/widgets/es6/ 		151 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.getsitecontrol.com/widgets/es6/runtime.f35dcd6.js
Requested by
Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/xwk0klq7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::722:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-722 /
Resource Hash
346edf3fabc718995f044c7f5ec0b78010a8180a01a31600ac3d1371e3ea5c42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:47 GMT
content-encoding
br
cdn-edgestorageid
755
x-amz-request-id
9T77JBEY2MFPM6AR
x-amz-server-side-encryption
AES256
cdn-cachedat
10/16/2023 09:11:45
cdn-pullzone
83560
cross-origin-resource-policy
cross-origin
x-amz-id-2
vqyxN6Ba6IrXCubG69GULcI5UJ0vXNRZX0X3rw7NihT7r/mTzrEaUEpSQhTDDmke8o0epJVxKWQ=
last-modified
Mon, 16 Oct 2023 09:07:28 GMT
server
BunnyCDN-DE1-722
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"2e7818c5a61ac83e2021bd3b5ed35094"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=22809600
cdn-requestid
e3e499cdf0e7cd9342e39f83b7ffead8
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
pptm.js
www.paypal.com/tagmanager/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=donate.wfp.org&t=xo&v=5.0.405&source=payments_sdk&client_id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disableSetCookie=true&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disable-funding=card,credit,bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort,venmo&currency=EUR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CDF) /
Resource Hash
9480d029b9dad90083d817d4ce03bce8a9a0f61a8f937573aeaf950dc32ed4af
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-ZlpQKtgH3WYqr6eRuE9lNq4XZKmq1HgmJGkJlDREpE1d0BTp' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-ZlpQKtgH3WYqr6eRuE9lNq4XZKmq1HgmJGkJlDREpE1d0BTp' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 13:34:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
78874
x-cache
HIT
paypal-debug-id
04588537227a2
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
4778
x-xss-protection
1; mode=block
last-modified
Fri, 20 Oct 2023 15:40:14 GMT
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4CDF)
traceparent
00-000000000000000000004588537227a2-e5a0d440e0127dc4-01
etag
W/"366d-E5/y+vp34CYyxOUQkQA+kwD0eao"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
timing-allow-origin
*
buttons
www.paypal.com/smart/ Frame 03CD 		397 KB
102 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=rect&style.tagline=false&style.height=45&style.menuPlacement=below&sdkVersion=5.0.405&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJ5cnFFcF9NVzFuRGVHSXVVN3BHWVVOaTg1QjdhOUdkY2Y4dHBXZ2NIcm42bXRJTVBOcnVjMzFCMDZVSnc3REhEZE9kMTBaQ0doMmJBdGgmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0LHZlbm1vJmN1cnJlbmN5PUVVUiIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xxa3h0cWthaWZyamZnd2lzYXVnZWJqdWlvbWJqayJ9fQ&clientID=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&sdkCorrelationID=f822973719422&storageID=uid_29ed4994ec_mtm6mzq6ndc&sessionID=uid_ef0882913e_mtm6mzq6ndc&buttonSessionID=uid_894a6d64ab_mtm6mzq6ndc&env=production&buttonSize=medium&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&disableFunding.12=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disable-funding=card,credit,bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort,venmo&currency=EUR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CDC) /
Resource Hash
249dafc979c2938b867e13582132dc7edfa7f2b38f6cb9b344a8b21b14a5223e
Security Headers
Name Value
Content-Security-Policy form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://donate.wfp.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-disposition
inline
content-encoding
gzip
content-security-policy
form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
date
Sat, 21 Oct 2023 13:34:47 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"633fe-l0boQjT/BYR/Imokd2TulHCznxQ"
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p
true
paypal-debug-id
03b2b207a3202
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server
ECAcc (frc/4CDC)
server-timing
traceparent;desc="00-000000000000000000003b2b207a3202-8710bc132bfe7496-01" content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
traceparent
00-000000000000000000003b2b207a3202-6f8cfa59d605cf03-01
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-csrf-jwt
__blank__
x-xss-protection
1; mode=block
paypal-white.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame B554 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-white.svg
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CEB) /
Resource Hash
3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
6f351d43d2f8e
dc
ccg11-origin-www-1.paypal.com
content-length
1210
last-modified
Tue, 04 Apr 2023 21:46:19 GMT
server
ECAcc (frc/4CEB)
traceparent
00-00000000000000000006f351d43d2f8e-57db498aac5658a6-01
etag
W/"642c9aab-cc2"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sat, 21 Oct 2023 14:34:47 GMT
anchor
www.recaptcha.net/recaptcha/api2/ Frame 78F9 		57 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw&co=aHR0cHM6Ly9kb25hdGUud2ZwLm9yZzo0NDM.&hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=uq2lq7bmern
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
10b758f7ab9aab423f4a227d3e8f5c0b7a2656ab04e9c3cd6e2e39c1b85ba1dc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-B-zkXVeOx4TpG2ytRyqMNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://donate.wfp.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-B-zkXVeOx4TpG2ytRyqMNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 13:34:47 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
conversion.js
www.googleadservices.com/pagead/ Frame 3EA0 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: 10390555.fls.doubleclick.net
URL: https://10390555.fls.doubleclick.net/activityi;dc_pre=COGs2Ough4IDFYoNogMdC0sIJw;src=10390555;type=rem0;cat=allp;ord=915089529905;auiddc=1114864716.1697895285;gtm=45fe3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
5ac8183d99a10a81499f263bb33a19492d64b9dcacee82b36a3bdc9bebf65bd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10390555.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18670
x-xss-protection
0
server
cafe
etag
10315177827113509921
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 21 Oct 2023 13:34:47 GMT
dc_pre=COGs2Ough4IDFYoNogMdC0sIJw;src=10390555;type=rem0;cat=allp;ord=915089529905;auiddc=*;gtm=45fe3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1...
adservice.google.com/ddm/fls/z/ Frame 3EA0 		42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=COGs2Ough4IDFYoNogMdC0sIJw;src=10390555;type=rem0;cat=allp;ord=915089529905;auiddc=*;gtm=45fe3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517
Requested by
Host: 10390555.fls.doubleclick.net
URL: https://10390555.fls.doubleclick.net/activityi;dc_pre=COGs2Ough4IDFYoNogMdC0sIJw;src=10390555;type=rem0;cat=allp;ord=915089529905;auiddc=1114864716.1697895285;gtm=45fe3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10390555.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 13:34:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2048364
vc.hotjar.io/sessions/ 		0
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/2048364?s=0.25&r=0.04057365325252005
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e1dfa7708b9d9a8bea71.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-110.fra56.r.cloudfront.net
Software
Python/3.8 aiohttp/3.8.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:47 GMT
via
1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
server
Python/3.8 aiohttp/3.8.4
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
yDh9riYqfxw6E9w0fAmF7RsIsItCrD6lxcyyaY7tr9_oqm1nsUNsXg==
preact-incoming-feedback.681fa5dbc0b5e8eb5ebf.js
script.hotjar.com/ 		200 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/preact-incoming-feedback.681fa5dbc0b5e8eb5ebf.js
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e1dfa7708b9d9a8bea71.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
/
Resource Hash
a7272080390992209addb7af7193b8f2d4008b64babd80b4a13c3aeb043d6a71
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 12:05:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
178180
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
43710
last-modified
Thu, 19 Oct 2023 12:04:32 GMT
etag
"031de1730b7532e72e895016c0bea703"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
fdER3auBS1py_8kOFTJDUO8VnJBBGNNhwUrbR12GE278a5u6_SbLxw==
styles__ltr.css
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ Frame 78F9 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw&co=aHR0cHM6Ly9kb25hdGUud2ZwLm9yZzo0NDM.&hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=uq2lq7bmern
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 11:24:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7791
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 04:01:46 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 20 Oct 2024 11:24:56 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ Frame 78F9 		464 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw&co=aHR0cHM6Ly9kb25hdGUud2ZwLm9yZzo0NDM.&hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=uq2lq7bmern
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72514e9f2f3de452cc34255e7a688e532b2b738cb8db80e0430c81823574f61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 12:16:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91122
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
190277
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 04:01:46 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Oct 2024 12:16:05 GMT
ca.html
20777079p.rfihub.com/ Frame 44DF 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://20777079p.rfihub.com/ca.html?ver=9&rb=27244&ca=20777079&_o=27244&_t=20777079&pe=https%3A%2F%2F5499309.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCML34uqgh4IDFSMOogMdMzIM_A%3Bsrc%3D5499309%3Btype%3Dsitev00%3Bcat%3Dwfpor0%3Bord%3D1373645475825%3Bauiddc%3D1114864716.1697895285%3Bgtm%3D45He3ai0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B%7Eoref%3Dhttps%253A%252F%252Fdonate.wfp.org%252F1243%252Fdonation%252Fregular%252F%253Fcampaign%253D1517%2526&pf=https%3A%2F%2Fadservice.google.com%2F&ra=6429321617508224
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.4.51.v20230217) /
Resource Hash
5ceecae67bb87600953d623c946505da371a5d191985b37b910c7e28c582b5fd

Request headers

Referer
https://5499309.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Content-Length
2546
Content-Type
text/html;charset=utf-8
Date
Sat, 21 Oct 2023 13:34:47 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
events
events.getsitectrl.com/api/v1/ 		527 B
775 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.getsitectrl.com/api/v1/events?query=campaign%3D1517
Requested by
Host: s2.getsitecontrol.com
URL: https://s2.getsitecontrol.com/widgets/es6/runtime.f35dcd6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.212.163.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-212-163-2.compute-1.amazonaws.com
Software
Getsitecontrol /
Resource Hash
b547118b91a70f93ef1bd5e2351f90bdf49ac9ea77911f50c64a2e878a92de28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:47 GMT
server
Getsitecontrol
access-control-allow-methods
GET,POST
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache
access-control-allow-credentials
false
access-control-allow-headers
Content-Type,X-Requested-With
content-length
527
.deploy_status_henson.json
js.stripe.com/v3/ Frame AE67 		474 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a3167d4e8a04a27e517b1d8fd7c828bfade5cff80fc8ed8fad40f62c7c42fa65

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-68059e1af226e72493d47209d561b5e2.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 21 Oct 2023 13:34:44 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
last-modified
Sat, 21 Oct 2023 02:08:08 GMT
server
Cloudfront
x-amz-cf-pop
FRA6-C1
age
4
etag
"8de4a0a096a6a8eda5585f8dd3ca7a37"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
RryyWA6c-bPTFjbg2jEHXmWC66CMSCkFxOvuIoZCrb6hPxS_IRkzXg==
.deploy_status_henson.json
js.stripe.com/v3/ Frame AE67 		474 B
860 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a3167d4e8a04a27e517b1d8fd7c828bfade5cff80fc8ed8fad40f62c7c42fa65

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-68059e1af226e72493d47209d561b5e2.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 21 Oct 2023 13:34:44 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
last-modified
Sat, 21 Oct 2023 02:08:08 GMT
server
Cloudfront
x-amz-cf-pop
FRA6-C1
age
4
etag
"8de4a0a096a6a8eda5585f8dd3ca7a37"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
uCBpFKvfrrWwU8htpezLIs1yEEabI_Xa-PjnCl6ayrntEbgLg8R2ow==
.deploy_status_henson.json
js.stripe.com/v3/ Frame 0BA0 		474 B
860 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a3167d4e8a04a27e517b1d8fd7c828bfade5cff80fc8ed8fad40f62c7c42fa65

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-68059e1af226e72493d47209d561b5e2.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 21 Oct 2023 13:34:44 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
last-modified
Sat, 21 Oct 2023 02:08:08 GMT
server
Cloudfront
x-amz-cf-pop
FRA6-C1
age
4
etag
"8de4a0a096a6a8eda5585f8dd3ca7a37"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
OCtHp1rf-Wb2qCDlXuteTGS67QCsZJtlt9pdmlplV7_Vnbnc18bVsg==
.deploy_status_henson.json
js.stripe.com/v3/ Frame 0BA0 		474 B
861 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a3167d4e8a04a27e517b1d8fd7c828bfade5cff80fc8ed8fad40f62c7c42fa65

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-68059e1af226e72493d47209d561b5e2.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 21 Oct 2023 13:34:44 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
last-modified
Sat, 21 Oct 2023 02:08:08 GMT
server
Cloudfront
x-amz-cf-pop
FRA6-C1
age
4
etag
"8de4a0a096a6a8eda5585f8dd3ca7a37"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
GDtzSfkkAsgNMuMaUPpQ2Q0OD9dos1QNO8n3dFAB9YHPvSdAko982Q==
.deploy_status_henson.json
js.stripe.com/v3/ Frame E5CE 		474 B
862 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a3167d4e8a04a27e517b1d8fd7c828bfade5cff80fc8ed8fad40f62c7c42fa65

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 21 Oct 2023 13:34:44 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
last-modified
Sat, 21 Oct 2023 02:08:08 GMT
server
Cloudfront
x-amz-cf-pop
FRA6-C1
age
4
etag
"8de4a0a096a6a8eda5585f8dd3ca7a37"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
DRp3iiQRMEek0pIwXYRPBBv0yWFdvsDvEc7pRClPW9p1pWlvjMfKsw==
.deploy_status_henson.json
js.stripe.com/v3/ Frame C9D7 		474 B
861 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a3167d4e8a04a27e517b1d8fd7c828bfade5cff80fc8ed8fad40f62c7c42fa65

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 21 Oct 2023 13:34:44 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
last-modified
Sat, 21 Oct 2023 02:08:08 GMT
server
Cloudfront
x-amz-cf-pop
FRA6-C1
age
4
etag
"8de4a0a096a6a8eda5585f8dd3ca7a37"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
MZbZs4qKEpFI6FsGvbkH1uGuWWwnKCuLa2AGKg5nvj_V11kg_aE9lw==
.deploy_status_henson.json
js.stripe.com/v3/ Frame 7536 		474 B
862 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a3167d4e8a04a27e517b1d8fd7c828bfade5cff80fc8ed8fad40f62c7c42fa65

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-a691ec2ac77b6aae50dc7bd89ea1226b.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 21 Oct 2023 13:34:44 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
last-modified
Sat, 21 Oct 2023 02:08:08 GMT
server
Cloudfront
x-amz-cf-pop
FRA6-C1
age
4
etag
"8de4a0a096a6a8eda5585f8dd3ca7a37"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
HK4pNB8CQfOIbxqXA1b9TqtPen4HVa4XdkW6f3XuKfHWZZccGyvvpg==
payframe
pay.google.com/gp/p/ui/ Frame 5F51 		19 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c08::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7058720b8528ebd82d31bf2273510e6d72aa8332b1315c8c7367c203730bc54f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VdFJuk3AHEFl205T2BgoeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-VdFJuk3AHEFl205T2BgoeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Sat, 21 Oct 2023 13:34:47 GMT
expires
Sat, 21 Oct 2023 13:34:47 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
muse.js
www.paypalobjects.com/muse/ 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=donate.wfp.org&t=xo&v=5.0.405&source=payments_sdk&client_id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disableSetCookie=true&vault=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CA9) /
Resource Hash
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
13671cb19dac5
dc
ccg11-origin-www-1.paypal.com
content-length
16488
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
server
ECAcc (frc/4CA9)
traceparent
00-000000000000000000013671cb19dac5-f0962c300aa22ac3-01
etag
"64f25363-daa8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sat, 21 Oct 2023 14:34:47 GMT
ts
t.paypal.com/ 		42 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AZ2YYMM8UVWX3A-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AZ2YYMM8UVWX3A-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=cb71c1d9-41a7-416c-91f5-405984c59fba&fltp=analytics&mrid=Z2YYMM8UVWX3A&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=UN%20World%20Food%20Programme%20(WFP)&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1697895287809&g=-120&completeurl=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517&disableSetCookie=true
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-cache-hits
0
date
Sat, 21 Oct 2023 13:34:48 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
b1f05f0cbc946
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-eddf8230125-FRA
pragma
no-cache
correlation-id
b1f05f0cbc946
traceparent
00-0000000000000000000b1f05f0cbc946-65f9a705422d976f-01
x-timer
S1697895288.930824,VS0,VE161
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Oct 2023 13:34:48 GMT
/
www.googleadservices.com/pagead/conversion/481751819/ Frame 3EA0 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/481751819/?random=1697895287855&cv=9&fst=1697895287855&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10390555.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOGs2Ough4IDFYoNogMdC0sIJw%3Bsrc%3D10390555%3Btype%3Drem0%3Bcat%3Dallp%3Bord%3D915089529905%3Bauiddc%3D1114864716.1697895285%3Bgtm%3D45fe3ai0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fdonate.wfp.org%252F1243%252Fdonation%252Fregular%252F%253Fcampaign%253D1517%3F&ref=https%3A%2F%2Fdonate.wfp.org%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
afa4656a236e1cf63ade8e676571ed73cb7f809e14502b0620f242f30f431ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10390555.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 13:34:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1579
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
font-hotjar_5.65042d.woff2
script.hotjar.com/ 		2 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/font-hotjar_5.65042d.woff2
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
/
Resource Hash
fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
Origin
https://donate.wfp.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 23:49:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
4283127
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Fri, 01 Sep 2023 09:38:54 GMT
etag
"c9fb9163f8b7be37023ebe649688bebf"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
x-robots-tag
none
x-amz-cf-id
Bil_b8gvqTSmeW8nAvjzvvqH2kG8YkIVxo9sgL-z9fw4wyYkdLsiLg==
wallet-config
merchant-ui-api.stripe.com/elements/ Frame AE67 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://merchant-ui-api.stripe.com/elements/wallet-config
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.137.150.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2c1d768baa2d4673f73026fd73da4bf80955e5adaa46c07d60a59dfa79a97e8c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 21 Oct 2023 13:34:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy-report-only
report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
cross-origin-resource-policy
same-site
content-length
1751
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
vary
Origin
access-control-max-age
300
access-control-allow-methods
GET, POST
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://js.stripe.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
x-stripe-csrf-token
expires
0
js
www.paypal.com/sdk/ Frame 03CD 		273 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disable-funding=card,credit,bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort,venmo&currency=EUR
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=rect&style.tagline=false&style.height=45&style.menuPlacement=below&sdkVersion=5.0.405&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJ5cnFFcF9NVzFuRGVHSXVVN3BHWVVOaTg1QjdhOUdkY2Y4dHBXZ2NIcm42bXRJTVBOcnVjMzFCMDZVSnc3REhEZE9kMTBaQ0doMmJBdGgmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0LHZlbm1vJmN1cnJlbmN5PUVVUiIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xxa3h0cWthaWZyamZnd2lzYXVnZWJqdWlvbWJqayJ9fQ&clientID=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&sdkCorrelationID=f822973719422&storageID=uid_29ed4994ec_mtm6mzq6ndc&sessionID=uid_ef0882913e_mtm6mzq6ndc&buttonSessionID=uid_894a6d64ab_mtm6mzq6ndc&env=production&buttonSize=medium&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&disableFunding.12=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD5) /
Resource Hash
905b7eb5f65817f2c129dbfa4241f754e6325ac3ee4380abfa44818c38bc86c4
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-UZOVUDfsl8kN6JTA9D19kL5TwkuCz6/JkhQJ0Ubyzkk7040p' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-UZOVUDfsl8kN6JTA9D19kL5TwkuCz6/JkhQJ0Ubyzkk7040p' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=rect&style.tagline=false&style.height=45&style.menuPlacement=below&sdkVersion=5.0.405&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJ5cnFFcF9NVzFuRGVHSXVVN3BHWVVOaTg1QjdhOUdkY2Y4dHBXZ2NIcm42bXRJTVBOcnVjMzFCMDZVSnc3REhEZE9kMTBaQ0doMmJBdGgmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0LHZlbm1vJmN1cnJlbmN5PUVVUiIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xxa3h0cWthaWZyamZnd2lzYXVnZWJqdWlvbWJqayJ9fQ&clientID=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&sdkCorrelationID=f822973719422&storageID=uid_29ed4994ec_mtm6mzq6ndc&sessionID=uid_ef0882913e_mtm6mzq6ndc&buttonSessionID=uid_894a6d64ab_mtm6mzq6ndc&env=production&buttonSize=medium&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&disableFunding.12=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-UZOVUDfsl8kN6JTA9D19kL5TwkuCz6/JkhQJ0Ubyzkk7040p' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-UZOVUDfsl8kN6JTA9D19kL5TwkuCz6/JkhQJ0Ubyzkk7040p' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 13:34:47 GMT
disable-set-cookie
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
10392
x-cache
HIT
p3p
true
paypal-debug-id
08408296b8991
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
76662
x-xss-protection
1; mode=block
last-modified
Sat, 21 Oct 2023 10:41:36 GMT
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4CD5)
traceparent
00-000000000000000000008408296b8991-eeaed201498c8c06-01
etag
W/"12b76-dN1HByQ+jHJztSPMAa2N0ekY7gM"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
timing-allow-origin
*
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.yeLoFtoz-vI.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 5F51 		156 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.yeLoFtoz-vI.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrh7bTC_5oQUFsBOD1U_YFTuLOFUjQ/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b0db1031add0f67d1fa0b6745267500cebca7ea9a489777fd3210ae36427796
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 16:20:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76455
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56370
x-xss-protection
0
last-modified
Fri, 20 Oct 2023 07:30:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Oct 2024 16:20:32 GMT
truncated
/ Frame 03CD 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
wallet-config
merchant-ui-api.stripe.com/elements/ Frame 0BA0 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://merchant-ui-api.stripe.com/elements/wallet-config
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.137.150.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ab59da15a91d1da7c902b7c2a4f27f4093abbfeb9a56a9ceeecf295d836a759f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 21 Oct 2023 13:34:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy-report-only
report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
cross-origin-resource-policy
same-site
content-length
1751
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
vary
Origin
access-control-max-age
300
access-control-allow-methods
GET, POST
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://js.stripe.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
x-stripe-csrf-token
expires
0
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 5F51 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4013:c08::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 21 Oct 2023 13:34:48 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1608
content-type
text/html; charset=UTF-8
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 78F9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 15:15:26 GMT
x-content-type-options
nosniff
age
166762
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 26 Oct 2023 15:15:26 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 78F9 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw&co=aHR0cHM6Ly9kb25hdGUud2ZwLm9yZzo0NDM.&hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=uq2lq7bmern
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
Origin
https://www.recaptcha.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 06:47:09 GMT
x-content-type-options
nosniff
age
24459
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Oct 2024 06:47:09 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 78F9 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw&co=aHR0cHM6Ly9kb25hdGUud2ZwLm9yZzo0NDM.&hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=uq2lq7bmern
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
Origin
https://www.recaptcha.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:26:35 GMT
x-content-type-options
nosniff
age
144493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Oct 2024 21:26:35 GMT
501709.gif
idsync.rlcdn.com/ Frame 44DF
Redirect Chain
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685630289485542&referrer=https%3A%2F%2Fadservice.google.com%2F&forward=
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=a96848b3-8bd2-4afc-9002-fa14dcb416b0%3A1697895288.22508&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da96848b3-8bd2-4afc-9002-fa14dcb41...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685630289485542&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Da96848b3-8bd2-4afc-90...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=a96848b3-8bd2-4afc-9002-fa14dcb416b0%3A1697895288.22508&_=1697895288.2274673
0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=a96848b3-8bd2-4afc-9002-fa14dcb416b0%3A1697895288.22508&_=1697895288.2274673
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:48 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Sat, 21 Oct 2023 13:34:48 GMT
via
1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
FRA56-C2
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=a96848b3-8bd2-4afc-9002-fa14dcb416b0%3A1697895288.22508&_=1697895288.2274673
content-length
443
x-amz-cf-id
hYOo1s4OfOYYYjnUC_fVkfFodu0UkbQVi9m418hGg9yVwdXm8OIB7w==
501709.gif
idsync.rlcdn.com/ Frame 44DF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwOTY4NTYzMDI4OTQ4NTU0Mg==&forward=
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEL81aSr16bho5aADotkLuDk&google_cver=1
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685630289485542&referrer={encSite}&forward=
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=a96848b3-8bd2-4afc-9002-fa14dcb416b0%3A1697895288.22508&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da96848b3-8bd2-4afc-9002-fa14dcb41...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5109685630289485542&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Da96848b3-8bd2-4afc-90...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=a96848b3-8bd2-4afc-9002-fa14dcb416b0%3A1697895288.22508&_=1697895288.5219412
0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=a96848b3-8bd2-4afc-9002-fa14dcb416b0%3A1697895288.22508&_=1697895288.5219412
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:48 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Sat, 21 Oct 2023 13:34:48 GMT
via
1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
FRA56-C2
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=a96848b3-8bd2-4afc-9002-fa14dcb416b0%3A1697895288.22508&_=1697895288.5219412
content-length
443
x-amz-cf-id
MNmElLCHdATO0ccHIW75yWNp4AtRtvkm8kF7A70Kk5D_m9qOD-wZmw==
bounce
ib.adnxs.com/ Frame 44DF
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=18&code=5109685630289485542
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685630289485542
43 B
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685630289485542
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H2
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 13:34:48 GMT
an-x-request-uuid
5797edf7-7577-4410-a23f-8d331c56dd45
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.136; 178.162.209.136; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 13:34:48 GMT
an-x-request-uuid
7ba750af-9b1a-46ee-bd2b-bfd2e93626e8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5109685630289485542
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.136; 178.162.209.136; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame 44DF
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5109685630289485542&redir=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5109685630289485542&redir=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5109685630289485542&redir=
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
HTTP/1.1
Server
34.255.132.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-132-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v052-0709722eb.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
QW0MwJKiTCE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v052-0a88dcc06.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
6/wNF45VTmA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5109685630289485542&redir=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
Pug
image2.pubmatic.com/AdServer/ Frame 44DF 		42 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5109685630289485542&r=
Requested by
Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CML34uqgh4IDFSMOogMdMzIM_A;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 21 Oct 2023 13:34:48 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sd
us-u.openx.net/w/1.0/ Frame 44DF 		43 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=5109685630289485542&r=
Requested by
Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CML34uqgh4IDFSMOogMdMzIM_A;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 13:34:48 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
match
ps.eyeota.net/ Frame 44DF
Redirect Chain
  • https://p.rfihub.com/cm?pub=24472&in=1
  • https://ps.eyeota.net/match?uid=5109685630289485542&bid=omt9pi0
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=5109685630289485542&bid=omt9pi0
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
HTTP/1.1
Server
3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 13:34:48 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
https://ps.eyeota.net/match?uid=5109685630289485542&bid=omt9pi0
Date
Sat, 21 Oct 2023 13:34:48 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cksync.php
contextual.media.net/ Frame 44DF 		53 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5109685630289485542
Requested by
Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CML34uqgh4IDFSMOogMdMzIM_A;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 21 Oct 2023 13:34:48 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Sat, 21 Oct 2023 13:34:48 GMT
/
bpi.rtactivate.com/tag/ Frame 44DF 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=11017&user_id=5109685630289485542
Requested by
Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CML34uqgh4IDFSMOogMdMzIM_A;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.255.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-255-215.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:48 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 44DF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685630289485542&forward=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685630289485542&forward=&C=1
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5109685630289485542&forward=&C=1
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 13:34:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7cJwm%2F1F5knZGFejiWozjMRouUwpfhNgICg68wStiTQs5CEZpSQPX8QWojDG2KoqyHZzsiEPzAezONf%2FR9Ib8vh%2Fj1dgRA7R90m%2FJRKnkFWgvkCjhBWIWI9is1f7kCZcOtBhv8YltbQsFw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8199e14efeab9bf4-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 13:34:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XYp6Y8Wn%2BjwUGomEz8xqmul0MIW8shAU9unHh%2FP4XNf9LQs7g8yJ2iSV3iV1bo63%2BRc1zzXyVI8Fxa7EzjotTqhd6NXAj0FhFs94xFbAgd5P56Riq%2F1aHiHn7FnaRL8xdeXp9ZjTepGXMg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=57&external_user_id=5109685630289485542&forward=&C=1
cache-control
no-cache
cf-ray
8199e14ebe389bf4-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
360947.gif
idsync.rlcdn.com/ Frame 44DF 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/360947.gif?partner_uid=5109685630289485542
Requested by
Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CML34uqgh4IDFSMOogMdMzIM_A;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:48 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rocketfuel_sync
x.dlx.addthis.com/e/ Frame 44DF 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5109685630289485542
Requested by
Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CML34uqgh4IDFSMOogMdMzIM_A;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Sat, 21 Oct 2023 13:34:48 GMT
pragma
no-cache
date
Sat, 21 Oct 2023 13:34:48 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif
sync
partners.tremorhub.com/ Frame 44DF 		43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIRF=5109685630289485542&r=l7KifXZjoaic
Requested by
Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CML34uqgh4IDFSMOogMdMzIM_A;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:6e55:f763:f02d:d10e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sat, 21 Oct 2023 13:34:48 GMT
server
nginx
content-type
image/gif
g.pixel
aa.agkn.com/adscores/ Frame 44DF 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5109685630289485542
Requested by
Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CML34uqgh4IDFSMOogMdMzIM_A;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.105.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-105-211.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 13:34:48 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
expires
0
usermatch.gif
beacon.krxd.net/ Frame 44DF 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5109685630289485542
Requested by
Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CML34uqgh4IDFSMOogMdMzIM_A;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.183.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-183-215.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-served-by
beacon-n022-dub-prod.krxd.net
date
Sat, 21 Oct 2023 13:34:48 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1697895288
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/ Frame 44DF 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=119&user_id=5109685630289485542&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Requested by
Host: 5499309.fls.doubleclick.net
URL: https://5499309.fls.doubleclick.net/ddm/fls/r/dc_pre=CML34uqgh4IDFSMOogMdMzIM_A;src=5499309;type=sitev00;cat=wfpor0;ord=1373645475825;auiddc=1114864716.1697895285;gtm=45He3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517%26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.251.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-251-84.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cm
p.rfihub.com/ Frame 44DF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZTPTeAAZa5Gv6QAN
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=ZTPTeAAZa5Gv6QAN&_test=ZTPTeAAZa5Gv6QAN
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZTPTeAAZa5Gv6QAN&_test=ZTPTeAAZa5Gv6QAN
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
HTTP/1.1
Server
193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.4.51.v20230217) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20777079p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sat, 21 Oct 2023 13:34:48 GMT
Cache-Control
no-cache
Server
Jetty(9.4.51.v20230217)
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-fra-eddf8230066-FRA
pragma
no-cache
date
Sat, 21 Oct 2023 13:34:48 GMT
via
1.1 varnish
server
Varnish
x-timer
S1697895288.476685,VS0,VE0
x-cache
HIT
location
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZTPTeAAZa5Gv6QAN&_test=ZTPTeAAZa5Gv6QAN
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288353921
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288353662
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288184288
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288184049
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288184389
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1697895288184099
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288184848
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1697895288184355
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288184564
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288184288
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288184425
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288184309
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288353855
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288353628
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288354167
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1697895288353619
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288354368
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1697895288353713
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288184343
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288184187
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288184860
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1697895288184299
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288185020
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288184372
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288184553
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288184234
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288184895
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1697895288184256
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288184665
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1697895288184113
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288184703
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288184197
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 0BA0 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288354177
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1697895288353675
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 0BA0 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288353800
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288353691
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 0BA0 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288354022
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1697895288353811
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 0BA0 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288354029
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288353799
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 0BA0 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288354031
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1697895288353922
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 0BA0 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288354094
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1697895288353849
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 0BA0 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288354421
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1697895288353867
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 0BA0 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288354505
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1697895288353912
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 0BA0 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288354669
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288353907
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 0BA0 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288354575
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1697895288354012
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 0BA0 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288354200
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288354007
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 0BA0 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288354218
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1697895288354099
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 0BA0 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288354251
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1697895288354032
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 0BA0 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288354158
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288354053
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 0BA0 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288354600
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288354083
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 0BA0 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288354894
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1697895288354241
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 0BA0 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288354656
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
6
x-stripe-client-envoy-start-time-us
1697895288354289
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 0BA0 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288354966
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1697895288354308
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 0BA0 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288354454
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288354324
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 0BA0 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288354743
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288354399
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 0BA0 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288354789
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1697895288354508
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 0BA0 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288355142
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288354436
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 0BA0 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288355103
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288354529
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 0BA0 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288354802
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288354480
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 0BA0 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288354793
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288354577
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 0BA0 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288354995
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288354811
access-control-allow-credentials
true
content-length
0
webworker.js
www.recaptcha.net/recaptcha/api2/ Frame 78F9 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw&co=aHR0cHM6Ly9kb25hdGUud2ZwLm9yZzo0NDM.&hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=uq2lq7bmern
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
30975b0b631b9f6f88072ddf89478e63d755bff1d6cc5d6d799790067438c578
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcW0K4kAAAAAIvAD4LnnB0XoYSHPXpH6MuedSFw&co=aHR0cHM6Ly9kb25hdGUud2ZwLm9yZzo0NDM.&hl=de&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=uq2lq7bmern
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 21 Oct 2023 13:34:48 GMT
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288355037
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288354925
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 0BA0 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288355466
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1697895288354839
access-control-allow-credentials
true
content-length
0
/
www.google.de/pagead/1p-conversion/481751819/ Frame 3EA0
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/481751819/?random=1518532736&cv=9&fst=1697895287855&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=3756032...
  • https://www.google.com/pagead/1p-conversion/481751819/?random=1518532736&cv=9&fst=1697895287855&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C5122...
  • https://www.google.de/pagead/1p-conversion/481751819/?random=1518532736&cv=9&fst=1697895287855&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C51224...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/481751819/?random=1518532736&cv=9&fst=1697895287855&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10390555.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOGs2Ough4IDFYoNogMdC0sIJw%3Bsrc%3D10390555%3Btype%3Drem0%3Bcat%3Dallp%3Bord%3D915089529905%3Bauiddc%3D1114864716.1697895285%3Bgtm%3D45fe3ai0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fdonate.wfp.org%252F1243%252Fdonation%252Fregular%252F%253Fcampaign%253D1517%3F&ref=https%3A%2F%2Fdonate.wfp.org%2F&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIyoiA7KCHggMVPZ79Bx2-MgaC&is_vtc=1&ocp_id=d9MzZYrxNb289u8PvuWYkAg&cid=CAQSKQDICaaNBzbKK-DFb6hsl2wByOxyf2v8z-bzxKdvSh5PhR4wTe6_RhUB&random=2541851336&resp=GooglemKTybQhCsO&ipr=y&ezwbk=AZuM4hAA4Mus6wC4I1ZAE4TggkfjRdSNPoukMLBkoGIG9LqyJoUPYNUSacxBNk_lmfWaD_d9AY0zu00cOm1FuOpUJ7uq
Requested by
Host: 10390555.fls.doubleclick.net
URL: https://10390555.fls.doubleclick.net/activityi;dc_pre=COGs2Ough4IDFYoNogMdC0sIJw;src=10390555;type=rem0;cat=allp;ord=915089529905;auiddc=1114864716.1697895285;gtm=45fe3ai0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517?
Protocol
H3
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10390555.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 13:34:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 13:34:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/481751819/?random=1518532736&cv=9&fst=1697895287855&num=1&npa=1&label=5IJhCIaT_O0BEIvm2-UB&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F10390555.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOGs2Ough4IDFYoNogMdC0sIJw%3Bsrc%3D10390555%3Btype%3Drem0%3Bcat%3Dallp%3Bord%3D915089529905%3Bauiddc%3D1114864716.1697895285%3Bgtm%3D45fe3ai0%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fdonate.wfp.org%252F1243%252Fdonation%252Fregular%252F%253Fcampaign%253D1517%3F&ref=https%3A%2F%2Fdonate.wfp.org%2F&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIyoiA7KCHggMVPZ79Bx2-MgaC&is_vtc=1&ocp_id=d9MzZYrxNb289u8PvuWYkAg&cid=CAQSKQDICaaNBzbKK-DFb6hsl2wByOxyf2v8z-bzxKdvSh5PhR4wTe6_RhUB&random=2541851336&resp=GooglemKTybQhCsO&ipr=y&ezwbk=AZuM4hAA4Mus6wC4I1ZAE4TggkfjRdSNPoukMLBkoGIG9LqyJoUPYNUSacxBNk_lmfWaD_d9AY0zu00cOm1FuOpUJ7uq
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
www.paypalobjects.com/muse/analytics/ Frame 270E 		55 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBF) /
Resource Hash
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
16892
content-type
text/html
date
Sat, 21 Oct 2023 13:34:48 GMT
dc
ccg11-origin-www-1.paypal.com
etag
"64f25363-dacc"
expires
Sat, 21 Oct 2023 14:34:48 GMT
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id
29462ef21a38e
server
ECAcc (frc/4CBF)
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-000000000000000000029462ef21a38e-df1f128264eb4235-01
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
m=Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.yeLoFtoz-vI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.x33S2e... Frame 5F51 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.yeLoFtoz-vI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.x33S2eD108U.L.B1.O/am=EIYY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhYxZlGnr4L9UAV9VUF_P0KY2u7qw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.yeLoFtoz-vI.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrh7bTC_5oQUFsBOD1U_YFTuLOFUjQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
244accee46e846a287c7a92b93b917a12a5cdd7fb1c8082d0a83430c00f9e4aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 18:56:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27213
x-xss-protection
0
last-modified
Fri, 20 Oct 2023 03:27:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Oct 2024 18:56:51 GMT
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288452738
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288452598
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288455281
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288454750
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 0BA0 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288459174
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288458645
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 0BA0 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288460593
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288460483
access-control-allow-credentials
true
content-length
0
noop.js
www.paypalobjects.com/muse/ Frame 270E 		18 B
235 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/noop.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (daa/7CCC) /
Resource Hash
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypalobjects.com/muse/analytics/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
paypal-debug-id
c00a6a288f6d4
dc
ccg11-origin-www-1.paypal.com
content-length
18
last-modified
Sat, 13 Feb 2021 00:26:56 GMT
server
ECAcc (daa/7CCC)
traceparent
00-0000000000000000000c00a6a288f6d4-c8f011450255c804-01
etag
"60271cd0-12"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sat, 21 Oct 2023 13:34:47 GMT
ts
t.paypal.com/ 		42 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AZ2YYMM8UVWX3A-1&page=muse%3Aoffer%3A%3A%3AZ2YYMM8UVWX3A-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=cb71c1d9-41a7-416c-91f5-405984c59fba&es=visitorInfoFlowStarted&mrid=Z2YYMM8UVWX3A&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=UN%20World%20Food%20Programme%20(WFP)&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1697895288385&g=-120&completeurl=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517&disableSetCookie=true
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-cache-hits
0
date
Sat, 21 Oct 2023 13:34:48 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
25d12457bd97f
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-eddf8230125-FRA
pragma
no-cache
correlation-id
25d12457bd97f
traceparent
00-000000000000000000025d12457bd97f-007064a5e99e2bae-01
x-timer
S1697895288.390280,VS0,VE160
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Oct 2023 13:34:48 GMT
pay
pay.google.com/gp/p/ui/ Frame 5F51 		1 MB
371 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.yeLoFtoz-vI.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrh7bTC_5oQUFsBOD1U_YFTuLOFUjQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4013:c08::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a9ceb489f9c5b4f9e257f1f1e72dcdce6fa853362423ee9c737c70081e2b89e5
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-C6B1_TOzQUaFxzyklYfV-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:48 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-C6B1_TOzQUaFxzyklYfV-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Sat, 21 Oct 2023 13:34:48 GMT
phone-numbers-lib-f19807cd8cf5390c9afa641cb061e0d6.js
js.stripe.com/v3/fingerprinted/js/ 		129 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-f19807cd8cf5390c9afa641cb061e0d6.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
bd3305cbe248a3e41e6515b13252574e43ca28e21b1a768cae80e883199763c0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 13:05:06 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1813
x-cache
Hit from cloudfront
last-modified
Thu, 12 Oct 2023 20:01:48 GMT
server
Cloudfront
etag
W/"7b4e2a05caba7714610def4c9240cad9"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
rb4lwpLUF8xJIqbGW051YrBV8fzx92r1iUr9sM3VEAA-fa6ZGCoQXA==
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288517241
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
6
x-stripe-client-envoy-start-time-us
1697895288517024
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288519260
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288518899
access-control-allow-credentials
true
content-length
0
logger
www.paypal.com/xoplatform/logger/api/ Frame 03CD 		1022 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disable-funding=card,credit,bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort,venmo&currency=EUR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC0) /
Resource Hash
f955bfcf0219c60473f78817c7fd141e332870c452feb095d766dad369ffa3f6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=rect&style.tagline=false&style.height=45&style.menuPlacement=below&sdkVersion=5.0.405&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJ5cnFFcF9NVzFuRGVHSXVVN3BHWVVOaTg1QjdhOUdkY2Y4dHBXZ2NIcm42bXRJTVBOcnVjMzFCMDZVSnc3REhEZE9kMTBaQ0doMmJBdGgmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0LHZlbm1vJmN1cnJlbmN5PUVVUiIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xxa3h0cWthaWZyamZnd2lzYXVnZWJqdWlvbWJqayJ9fQ&clientID=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&sdkCorrelationID=f822973719422&storageID=uid_29ed4994ec_mtm6mzq6ndc&sessionID=uid_ef0882913e_mtm6mzq6ndc&buttonSessionID=uid_894a6d64ab_mtm6mzq6ndc&env=production&buttonSize=medium&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&disableFunding.12=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
application/json

Response headers

date
Sat, 21 Oct 2023 13:34:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
0b1a70621a911
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
614
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4CC0)
traceparent
00-00000000000000000000b1a70621a911-2f5bf881dc92486b-01
etag
W/"3fe-dZlHTv7FCOdquXawFVCPaILf9b0"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin
*
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.yeLoFtoz-vI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.x33S2e... Frame 5F51 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.yeLoFtoz-vI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.x33S2eD108U.L.B1.O/am=EIYY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhYxZlGnr4L9UAV9VUF_P0KY2u7qw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.yeLoFtoz-vI.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrh7bTC_5oQUFsBOD1U_YFTuLOFUjQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd0262a4252df13a4ddc1284ffcc7ae10da3e268bbe29a8be68e80b8515054cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 18:56:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3915
x-xss-protection
0
last-modified
Fri, 20 Oct 2023 03:27:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Oct 2024 18:56:51 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.yeLoFtoz-vI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.x33S2e... Frame 5F51 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.yeLoFtoz-vI.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.x33S2eD108U.L.B1.O/am=EIYY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhYxZlGnr4L9UAV9VUF_P0KY2u7qw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.yeLoFtoz-vI.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrh7bTC_5oQUFsBOD1U_YFTuLOFUjQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
187972db754c49fe0909034f454f59921d71908160b4d65fff4e4f2a1b3bcfc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 18:56:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
67077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14050
x-xss-protection
0
last-modified
Fri, 20 Oct 2023 03:27:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Oct 2024 18:56:51 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 21 Oct 2023 13:34:48 GMT
expires
Sat, 21 Oct 2023 13:34:48 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 5F51 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.yeLoFtoz-vI.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrh7bTC_5oQUFsBOD1U_YFTuLOFUjQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 21 Oct 2023 13:34:48 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 21 Oct 2023 13:34:48 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 21 Oct 2023 13:34:48 GMT
expires
Sat, 21 Oct 2023 13:34:48 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 5F51 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.yeLoFtoz-vI.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrh7bTC_5oQUFsBOD1U_YFTuLOFUjQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 21 Oct 2023 13:34:48 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 21 Oct 2023 13:34:48 GMT
log
play.google.com/ Frame 5F51 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.yeLoFtoz-vI.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrh7bTC_5oQUFsBOD1U_YFTuLOFUjQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 21 Oct 2023 13:34:48 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 21 Oct 2023 13:34:48 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 21 Oct 2023 13:34:48 GMT
expires
Sat, 21 Oct 2023 13:34:48 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 21 Oct 2023 13:34:48 GMT
expires
Sat, 21 Oct 2023 13:34:48 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 5F51 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.yeLoFtoz-vI.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrh7bTC_5oQUFsBOD1U_YFTuLOFUjQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 21 Oct 2023 13:34:48 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 21 Oct 2023 13:34:48 GMT
log
play.google.com/ Frame 5F51 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.yeLoFtoz-vI.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrh7bTC_5oQUFsBOD1U_YFTuLOFUjQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 21 Oct 2023 13:34:48 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 21 Oct 2023 13:34:48 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 21 Oct 2023 13:34:48 GMT
expires
Sat, 21 Oct 2023 13:34:48 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
logger
www.paypal.com/xoplatform/logger/api/ Frame 03CD 		1 KB
743 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=rect&style.tagline=false&style.height=45&style.menuPlacement=below&sdkVersion=5.0.405&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJ5cnFFcF9NVzFuRGVHSXVVN3BHWVVOaTg1QjdhOUdkY2Y4dHBXZ2NIcm42bXRJTVBOcnVjMzFCMDZVSnc3REhEZE9kMTBaQ0doMmJBdGgmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0LHZlbm1vJmN1cnJlbmN5PUVVUiIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xxa3h0cWthaWZyamZnd2lzYXVnZWJqdWlvbWJqayJ9fQ&clientID=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&sdkCorrelationID=f822973719422&storageID=uid_29ed4994ec_mtm6mzq6ndc&sessionID=uid_ef0882913e_mtm6mzq6ndc&buttonSessionID=uid_894a6d64ab_mtm6mzq6ndc&env=production&buttonSize=medium&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&disableFunding.12=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC0) /
Resource Hash
0c4378d0b4afcf625d0a943573246292d3ec8de99f0f3f6f6b41f82c92a383b6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=rect&style.tagline=false&style.height=45&style.menuPlacement=below&sdkVersion=5.0.405&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJ5cnFFcF9NVzFuRGVHSXVVN3BHWVVOaTg1QjdhOUdkY2Y4dHBXZ2NIcm42bXRJTVBOcnVjMzFCMDZVSnc3REhEZE9kMTBaQ0doMmJBdGgmZGlzYWJsZS1mdW5kaW5nPWNhcmQsY3JlZGl0LGJhbmNvbnRhY3QsYmxpayxlcHMsZ2lyb3BheSxpZGVhbCxtZXJjYWRvcGFnbyxteWJhbmsscDI0LHNlcGEsc29mb3J0LHZlbm1vJmN1cnJlbmN5PUVVUiIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xxa3h0cWthaWZyamZnd2lzYXVnZWJqdWlvbWJqayJ9fQ&clientID=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&sdkCorrelationID=f822973719422&storageID=uid_29ed4994ec_mtm6mzq6ndc&sessionID=uid_ef0882913e_mtm6mzq6ndc&buttonSessionID=uid_894a6d64ab_mtm6mzq6ndc&env=production&buttonSize=medium&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=EUR&intent=capture&commit=true&vault=false&disableFunding.0=card&disableFunding.1=credit&disableFunding.2=bancontact&disableFunding.3=blik&disableFunding.4=eps&disableFunding.5=giropay&disableFunding.6=ideal&disableFunding.7=mercadopago&disableFunding.8=mybank&disableFunding.9=p24&disableFunding.10=sepa&disableFunding.11=sofort&disableFunding.12=venmo&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 21 Oct 2023 13:34:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
03a83ab053222
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
614
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4CC0)
traceparent
00-000000000000000000003a83ab053222-eef13dddec637fb0-01
etag
W/"404-pIizBcofJ0Y6gemM/yWcmMZyR4w"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin
*
0
r.stripe.com/ Frame 0BA0 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288592151
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1697895288592051
access-control-allow-credentials
true
content-length
0
log
play.google.com/ Frame 5F51 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.yeLoFtoz-vI.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrh7bTC_5oQUFsBOD1U_YFTuLOFUjQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 21 Oct 2023 13:34:48 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 21 Oct 2023 13:34:48 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 21 Oct 2023 13:34:48 GMT
expires
Sat, 21 Oct 2023 13:34:48 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288604328
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1697895288603906
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288610317
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
6
x-stripe-client-envoy-start-time-us
1697895288609777
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288612943
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1697895288612709
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288613467
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1697895288612866
access-control-allow-credentials
true
content-length
0
elements-inner-payment-request-83ef514f10289155fe3fb5d6f2523452.html
js.stripe.com/v3/ Frame B8B8 		820 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-payment-request-83ef514f10289155fe3fb5d6f2523452.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
d9ed57f5bb876cc494711b60a8e00b98b3841815496b6fe5ae151e5dfef852fe
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1859
cache-control
max-age=31536000
content-length
820
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 21 Oct 2023 13:05:28 GMT
etag
"83ef514f10289155fe3fb5d6f2523452"
last-modified
Sat, 21 Oct 2023 01:32:11 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-id
MzeHaxHgUxu23FsOjJQK8eTYmCHh-Vwvt7D1LCdlIV5SEn8K9a8xIQ==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288620716
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1697895288620499
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288622385
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1697895288622144
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288623206
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288622903
access-control-allow-credentials
true
content-length
0
shared-2d019fba8684ddfac3c27f10ec8da923.js
js.stripe.com/v3/fingerprinted/js/ Frame B8B8 		513 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-83ef514f10289155fe3fb5d6f2523452.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
7ff5912494fb7b3cdfd5de7ce1773cfc10b96385a3d1e19194ff7263a4aefbfb
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-83ef514f10289155fe3fb5d6f2523452.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 12:35:02 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
3587
x-cache
Hit from cloudfront
last-modified
Sat, 21 Oct 2023 01:32:25 GMT
server
Cloudfront
etag
W/"53d43596d52bd1ed85b7244add7eeb0c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
qSbFUb5svBQGXIGqWtzIqRwjBFjH633QdZlTPKcMBc8Wt0sezD4Jkw==
ui-shared-bf771df1dc4bd1475064218c0f692cc9.js
js.stripe.com/v3/fingerprinted/js/ Frame B8B8 		311 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-bf771df1dc4bd1475064218c0f692cc9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-83ef514f10289155fe3fb5d6f2523452.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
8680b322dcb49757ed608ae0b8669262f15af4961f6bc4a9dcc2b30feb9ce0c5
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-83ef514f10289155fe3fb5d6f2523452.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 13:05:24 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1771
x-cache
Hit from cloudfront
last-modified
Fri, 20 Oct 2023 17:03:09 GMT
server
Cloudfront
etag
W/"b64da36ea106b3fb6c84a4db42de091b"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
ZoKvw6dp76AA5wpRRfB85SAqw8ItSnZpqCzjWKQd2nWAIEdjKZI-Zg==
elements-inner-payment-request-256b638538c37cfb1dadae11894394ad.js
js.stripe.com/v3/fingerprinted/js/ Frame B8B8 		71 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-request-256b638538c37cfb1dadae11894394ad.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-83ef514f10289155fe3fb5d6f2523452.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a280749b0a97af2f92ce85800ff9934875548288614c29c76ece6e6b3a62431a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-83ef514f10289155fe3fb5d6f2523452.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 13:11:24 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1428
x-cache
Hit from cloudfront
last-modified
Wed, 18 Oct 2023 20:07:28 GMT
server
Cloudfront
etag
W/"95c8c6adf177173405865911cdd100c5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
Kk6XMFIu84uz-XD0uSheOK1WzMmt2i8_iFmRP43Y0hcTgHhsRBi7Pw==
ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame B8B8 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-83ef514f10289155fe3fb5d6f2523452.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-83ef514f10289155fe3fb5d6f2523452.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 13:01:54 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1976
x-cache
Hit from cloudfront
last-modified
Fri, 06 Oct 2023 20:54:19 GMT
server
Cloudfront
etag
W/"b361d7109e9925ca18e32c9da528520f"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
NXdX4EdImiWTAVoazP6lr0vlQQ6VTi4eib2ww3u50sxIzBT-wvnZEA==
elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css
js.stripe.com/v3/fingerprinted/css/ Frame B8B8 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-83ef514f10289155fe3fb5d6f2523452.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
5033e337e474e5d2818fee21b093eaef81d5f545fd49b5f635b3e1160fa83abe
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-payment-request-83ef514f10289155fe3fb5d6f2523452.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 13:27:11 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
506
x-cache
Hit from cloudfront
last-modified
Fri, 06 Oct 2023 20:54:19 GMT
server
Cloudfront
etag
W/"828ee6578d45b518446bf74a1cc39038"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
BCqh3clZI_Tb1_gyk3JZfI5hDAhj8DvM1jbCeWYjyP6dhdT1UOmbEA==
csp-report
q.stripe.com/ Frame B8B8 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 21 Oct 2023 13:34:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1697895288637001
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1697895288636622
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame B8B8 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 21 Oct 2023 13:34:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1697895288637158
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1697895288636654
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
.deploy_status_henson.json
js.stripe.com/v3/ Frame B8B8 		474 B
861 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a3167d4e8a04a27e517b1d8fd7c828bfade5cff80fc8ed8fad40f62c7c42fa65

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-payment-request-83ef514f10289155fe3fb5d6f2523452.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 21 Oct 2023 13:34:44 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
last-modified
Sat, 21 Oct 2023 02:08:08 GMT
server
Cloudfront
x-amz-cf-pop
FRA6-C1
age
5
etag
"8de4a0a096a6a8eda5585f8dd3ca7a37"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
duUJt78mRcSGa90FK5Wo2X3wluJIje9EDn0iknvNOZug_FrQrrwrvg==
m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame 54D5 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://donate.wfp.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3418
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 21 Oct 2023 12:37:51 GMT
etag
"27c67c0d52761104439bb051c7856ab1"
last-modified
Mon, 16 Oct 2023 20:06:32 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-id
JaU5lwoS5CnAfxJi3Cz_jsMkCQRQP3Z9x4wDyIFlo5VL-f593CCdlw==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
sparkcentral.1.25.7.css
cdn.sparkcentral.com/rtm/web/1.25.7/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.sparkcentral.com/rtm/web/1.25.7/sparkcentral.1.25.7.css
Requested by
Host: cdn.sparkcentral.com
URL: https://cdn.sparkcentral.com/rtm/web/1.25.7/sparkcentral.1.25.7.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:7e00:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
73f7889bf92cf273187c2cd8353f4c92005ae3164e6d6c8ec997df4c93401038

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 07:20:59 GMT
content-encoding
gzip
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Fri, 19 Feb 2021 16:46:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
22430
x-amz-server-side-encryption
AES256
etag
W/"4c74258ace5e1e172fe16e0f81170ea4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-meta-lastmodified
2020-03-16 15:17:38 +0000 UTC
x-amz-cf-id
J7lsqXZvXfnhOdc5mUFnuihho5XC1DnAlhNeQfkpvBDYwvaaw0jeDQ==
frame.1.25.7.css
cdn.sparkcentral.com/rtm/web/1.25.7/ Frame D535 		96 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.sparkcentral.com/rtm/web/1.25.7/frame.1.25.7.css
Requested by
Host: cdn.sparkcentral.com
URL: https://cdn.sparkcentral.com/rtm/web/1.25.7/sparkcentral.1.25.7.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:7e00:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2279acbe0b909f296878149708331941cdb1f78fdd049ae04689eb17c44f7962

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 07:21:00 GMT
content-encoding
gzip
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Fri, 19 Feb 2021 16:46:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
22429
x-amz-server-side-encryption
AES256
etag
W/"79560a9f764fa94e6e9d749b61ac292a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-meta-lastmodified
2020-03-16 15:17:38 +0000 UTC
x-amz-cf-id
qIHdKnq9j8x2S6Rn7qRs6Y5TVjMszYQPB0FJzxvmWywYMfYUFoTe7w==
frame.1.25.7.min.js
cdn.sparkcentral.com/rtm/web/1.25.7/ Frame D535 		833 KB
252 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sparkcentral.com/rtm/web/1.25.7/frame.1.25.7.min.js
Requested by
Host: cdn.sparkcentral.com
URL: https://cdn.sparkcentral.com/rtm/web/1.25.7/sparkcentral.1.25.7.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:7e00:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c35771cad9dde5289558c52bd9f64f795170b265066370898c2f6d01b47ff5d

Request headers

Referer
https://donate.wfp.org/
Origin
https://donate.wfp.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 03:56:31 GMT
content-encoding
gzip
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
34698
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-meta-lastmodified
2020-03-16 15:17:38 +0000 UTC
last-modified
Fri, 19 Feb 2021 16:46:30 GMT
server
AmazonS3
etag
W/"461058a8e768a1691575ed540ddecdab"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
gxcUhPNOWKn8knQ7S6ps5z1Nx-ru8h0spycKaNUU0l7Vurnof1tAeg==
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288712238
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1697895288711759
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288713183
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
5
x-stripe-client-envoy-start-time-us
1697895288712906
access-control-allow-credentials
true
content-length
0
m-outer-6576085ca35ee42f2f484cda6763e4aa.js
js.stripe.com/v3/fingerprinted/js/ Frame 54D5 		631 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Sat, 21 Oct 2023 13:25:35 GMT
x-content-type-options
nosniff
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
556
x-cache
Hit from cloudfront
content-length
631
last-modified
Fri, 06 Oct 2023 20:54:32 GMT
server
Cloudfront
etag
"70cacf09ae81711ac6dcbc5ee59750c4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
76Ho1lHf8b1P1lszx_NtsSs7SoL9mN2saYp9L3EGIg_mD6fRZ62gug==
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?v=3&t=l&pid=682925294&rv=3ai0&u=AAAAAAAIAAAAACAI&h=Ag&gtm=45je3ai0&ccid=100514608&cid=G-TL7TXTVCYL&l=G-TL7TXTVCYL.L1191.S33.B27.E3243.EC10.TC18.HTC0~gtm.init.S0.V0.E77.TS5ogtsessiontimeout.TI15.TE1.TS5ogtgasend.TI17.TE0.TS5ogt1pdatav2.TI18.TE1.TS5ccdgalast.TI19.TE0.TS5ccdautoredact.TI20.TE0.TS5ccdconversionmarking.TI21.TE0.TS5ccdemvideo.TI22.TE0.TS5ccdemsitesearch.TI23.TE0.TS5ccdemscroll.TI24.TE0.TS5ccdempageview.TI25.TE0.TS5ccdemoutboundclick.TI26.TE0.TS5ccdemform.TI27.TE0.TS5ccdemdownload.TI28.TE1.TS5ccdgaregscope.TI29.TE1.TS5ogtgooglesignals.TI30.TE0.TS5setproductsettings.TI31.TE0.TS5ccdgafirst.TI32.TE0~gtm.js.S0.V0.E64.TS5gct.TI12.TE0~gtm.dom.S0.V0.E46~*.S0.V0.E46~*.S0.V0.E45~gtm.scrollDepth.S0.V0.E11~*.S0.V0.E508~*.S0.V0.E495~gtm.load.S0.V0.E10~gtm.init_consent.S0.V0.E61~GA646.691
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 13:34:48 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288726649
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1697895288726035
access-control-allow-credentials
true
content-length
0
csp-report
q.stripe.com/ Frame 54D5 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 21 Oct 2023 13:34:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1697895288735837
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1697895288735376
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 54D5 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 21 Oct 2023 13:34:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1697895288736046
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1697895288735414
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
graphql
www.paypal.com/targeting/ Frame 270E 		435 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql?disableSetCookie=true
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CE9) /
Resource Hash
25796062a2cdacf02059dff29244f1499d03a80cd62fb56d64143ff4be82c005
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-z4WkStU7ajB30+tpw4TGT1ImRVK6WdBqER9uAA+w8PMkgtyr' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
disable-set-cookie
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-z4WkStU7ajB30+tpw4TGT1ImRVK6WdBqER9uAA+w8PMkgtyr' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding
gzip
date
Sat, 21 Oct 2023 13:34:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
03b112bb88120
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4CE9)
traceparent
00-000000000000000000003b112bb88120-9af376115752b6ce-01
etag
W/"1b3-eWnBa51M5x9tdSFMUVccPsSATnA"
vary
Accept-Encoding, Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin
*
graphql
www.paypal.com/targeting/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC8) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,disable-set-cookie
Access-Control-Request-Method
POST
Origin
https://www.paypalobjects.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
access-control-allow-credentials
true
access-control-allow-headers
content-type,disable-set-cookie
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Sat, 21 Oct 2023 13:34:48 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
0597613929807
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server
ECAcc (frc/4CC8)
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
traceparent
00-00000000000000000000597613929807-426d0ab74e274e14-01
vary
Accept-Encoding Origin, Access-Control-Request-Headers
inner.html
m.stripe.network/ Frame 25D8 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
252
cache-control
max-age=300, public
content-encoding
br
content-length
540
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 21 Oct 2023 13:34:48 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
184
x-content-type-options
nosniff
x-request-id
d0fde648-0a89-476c-93a9-27555041b5eb
x-served-by
cache-fra-eddf8230040-FRA
x-timer
S1697895289.713582,VS0,VE0
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288749991
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288749846
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame AE67 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-2d019fba8684ddfac3c27f10ec8da923.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:48 GMT
x-stripe-server-envoy-start-time-us
1697895288750632
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1697895288750022
access-control-allow-credentials
true
content-length
0
logger
www.paypal.com/xoplatform/logger/api/ 		1016 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbyrqEp_MW1nDeGIuU7pGYUNi85B7a9Gdcf8tpWgcHrn6mtIMPNruc31B06UJw7DHDdOd10ZCGh2bAth&disable-funding=card,credit,bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort,venmo&currency=EUR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF2) /
Resource Hash
d8fa4752fc6b39ed0d2d8f266b795d12df15e3725d691bf323a9ccfa38781929
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://donate.wfp.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
application/json

Response headers

date
Sat, 21 Oct 2023 13:34:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
paypal-debug-id
02b95a0697bb0
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
609
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server
ECAcc (frc/4CF2)
traceparent
00-000000000000000000002b95a0697bb0-81659cd96af437ce-01
etag
W/"3f8-qhB+PUj7LFfXIiBWGW+AjHpPYlo"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://donate.wfp.org
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin
*
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF2) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://donate.wfp.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://donate.wfp.org
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
0
date
Sat, 21 Oct 2023 13:34:48 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
06710ab15b574
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server
ECAcc (frc/4CF2)
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
traceparent
00-000000000000000000006710ab15b574-88bf44a951d763e4-01
vary
Accept-Encoding
x-content-type-options
nosniff
config
5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io/sdk/apps/5f3157de284bd6000cc5b1eb/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io/sdk/apps/5f3157de284bd6000cc5b1eb/config
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::ac40:9ae3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-smooch-appid,x-smooch-clientid,x-smooch-sdk
Access-Control-Request-Method
GET
Origin
https://donate.wfp.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-smooch-appid,x-smooch-clientid,x-smooch-sdk
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE, OPTIONS
access-control-allow-origin
https://donate.wfp.org
access-control-max-age
2592000
cache-control
private, no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8199e152f87b30ed-FRA
content-length
0
date
Sat, 21 Oct 2023 13:34:48 GMT
expires
-1
pragma
no-cache
server
cloudflare
vary
Origin
x-request-id
8199e152f87b30ed-FRA
x-zendesk-account-subdomain
-
x-zendesk-zorg
yes
config
5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io/sdk/apps/5f3157de284bd6000cc5b1eb/ Frame D535 		1 KB
768 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io/sdk/apps/5f3157de284bd6000cc5b1eb/config
Requested by
Host: cdn.sparkcentral.com
URL: https://cdn.sparkcentral.com/rtm/web/1.25.7/frame.1.25.7.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::ac40:9ae3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dadac14c76c7f89adf7b5047a18e359ad1154ff6bf56de3f4922a2ddd401428c

Request headers

accept-language
de-DE,de;q=0.9
x-smooch-sdk
web/sparkcentral/1.25.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json
Accept
application/json
x-smooch-clientid
9ad04b654e194257ac0e144bbfd7b82d
Referer
https://donate.wfp.org/
x-smooch-appid
5f3157de284bd6000cc5b1eb

Response headers

date
Sat, 21 Oct 2023 13:34:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-request-id
8199e153994b30ed-FRA
x-zendesk-account-subdomain
-
pragma
no-cache
server
cloudflare
etag
W/"411-mCuiqrdXlKiYk4s4Is7rGSbbdRI"
x-zendesk-zorg
yes
vary
Accept-Encoding,Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://donate.wfp.org
access-control-expose-headers
Retry-After
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8199e153994b30ed-FRA
expires
-1
csp-report
q.stripe.com/ Frame 25D8 		0
491 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 21 Oct 2023 13:34:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1697895288845880
x-envoy-upstream-service-time
4
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1697895288844652
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame 25D8 		87 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Sat, 21 Oct 2023 13:34:48 GMT
x-content-type-options
nosniff
content-encoding
br
via
1.1 varnish
age
185
x-cache
HIT
content-length
15509
x-request-id
fedabfb5-dd90-4e3e-bd27-de7f0c0e1425
x-served-by
cache-fra-eddf8230040-FRA
server
Fastly
x-timer
S1697895289.761870,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
135
6
m.stripe.com/ Frame 25D8 		156 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.88.74 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-88-74.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
08b9d8988340233303e188d9939ad898bb0c1c70e5a9103c6923083646db9ffc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:49 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1697895289266788
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1697895289266357
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
495cbf48a0b5e9bd3b3efd74d07d1e62.png
cdn.sparkcentral.com/rtm/web/1.25.7/ Frame D535 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sparkcentral.com/rtm/web/1.25.7/495cbf48a0b5e9bd3b3efd74d07d1e62.png
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:7e00:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7d283151277ce9a966db5e94713b12b55345bacc16d09ed871d3ac7fd619251f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 19:29:35 GMT
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Fri, 19 Feb 2021 16:46:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
65184
x-amz-server-side-encryption
AES256
etag
"495cbf48a0b5e9bd3b3efd74d07d1e62"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-meta-lastmodified
2020-03-16 15:17:32 +0000 UTC
accept-ranges
bytes
content-length
3296
x-amz-cf-id
D1MxxtoL9vk3BaTipBdqBqeJ4iOQvQK1Tllc75VQzLDs4hCtMrPISQ==
2fb46965575c0c497c81e110c437f0ce.jpg
media.eu-1.smooch.io/5f3157de284bd6000cc5b1eb/icons/ Frame D535 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.eu-1.smooch.io/5f3157de284bd6000cc5b1eb/icons/2fb46965575c0c497c81e110c437f0ce.jpg
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-33.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f73e9ac0222fded928c39a9dcb5bd7e57c6d8dd70b025eaa88d74433de570da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 00:05:04 GMT
x-amz-version-id
jXX0xo4WZeYgkmw3zDgFQK5_DSvCWDa3
via
1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
22685386
x-amz-cf-pop
FRA56-P7
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
13712
last-modified
Mon, 24 Aug 2020 07:47:47 GMT
server
AmazonS3
etag
"d672f813fc7205fef9cfbd559be83e62"
content-type
image/png
cache-control
max-age=315532800
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
XaNOzywAN0rEFK9l1dJJLorMomSppc7OOyY5RM4gUMPwXVI32VZumg==
7f0078e82d2e653bfab143e8181cdd9e.png
cdn.sparkcentral.com/rtm/web/1.25.7/ Frame D535 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sparkcentral.com/rtm/web/1.25.7/7f0078e82d2e653bfab143e8181cdd9e.png
Requested by
Host: donate.wfp.org
URL: https://donate.wfp.org/1243/donation/regular/?campaign=1517
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:7e00:14:56a0:4680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44c48de85c6def81ed02239d6b54ec624c9d7f91aa11cd3b27766eeb985dfb48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 19:28:26 GMT
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Fri, 19 Feb 2021 16:46:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
65184
x-amz-server-side-encryption
AES256
etag
"7f0078e82d2e653bfab143e8181cdd9e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
x-amz-meta-lastmodified
2020-03-16 15:17:34 +0000 UTC
accept-ranges
bytes
content-length
1203
x-amz-cf-id
VIHBbd0C17W1FftfAvBw2TlCceyiFTAS9wNI73HwHZWsriPYcKjHsw==
6
m.stripe.com/ Frame 25D8 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.88.74 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-88-74.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
08b9d8988340233303e188d9939ad898bb0c1c70e5a9103c6923083646db9ffc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:49 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1697895289450262
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1697895289449983
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
6
m.stripe.com/ Frame 25D8 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.88.74 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-88-74.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
08b9d8988340233303e188d9939ad898bb0c1c70e5a9103c6923083646db9ffc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 21 Oct 2023 13:34:49 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1697895289500342
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1697895289499979
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-TL7TXTVCYL&gtm=45je3ai0&_p=149080572&cid=786123756.1697895285&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1697895285&sct=1&seg=0&dl=https%3A%2F%2Fdonate.wfp.org%2F1243%2Fdonation%2Fregular%2F%3Fcampaign%3D1517&dt=UN%20World%20Food%20Programme%20(WFP)&en=scroll&epn.percent_scrolled=90&_et=43
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TL7TXTVCYL&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://donate.wfp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 13:34:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://donate.wfp.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

148 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 number| _gtm_init number| doNotTrack object| _gtm_ids function| _gtm_inject object| dataLayer object| __WFP__ object| google_tag_manager object| google_tag_data object| google_optimize object| webpackJsonp function| installComponents function| setImmediate function| clearImmediate function| _ object| onWfpReadyCbs function| onWfpReady string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| GlobalAdalyserNamespace function| adalyserTracker object| gaplugins object| gaGlobal object| gaData object| $nuxt object| $wfp function| UET function| UET_init function| UET_push function| gtag object| GooglebQhCsO object| webpackChunkStripeJSouter function| noop function| Stripe function| onYouTubeIframeAPIReady object| ueto_02b5c45ea7 object| uetq function| adalyserModules function| trackerCore function| rng object| _rnds8 undefined| _rnds function| parse function| unparse function| v1 function| v4 object| _byteToHex object| _hexToByte object| _seedBytes object| _nodeId number| _clockseq number| _lastMSecs number| _lastNSecs function| uuid string| queueName function| queue object| mutState object| AdalyserTracker object| outQueueManager object| commonContexts function| recaptchaSuccessCallback function| recaptchaExpiredCallback function| recaptchaErrorCallback function| _log function| replacer function| getCookie undefined| iframe undefined| isOrganic string| referrerHostName object| review string| cookieName object| domains object| referred object| social number| maxTrackedItems object| cookie string| cookieDomain undefined| decoded object| tracking string| url object| regex object| params object| match object| item string| cookieValue number| expirationTime string| date number| dateTimeNow string| referrer string| campaign string| medium undefined| cid undefined| ecid undefined| ad undefined| adset object| stashFieldValue string| fieldValue string| fieldCookie object| bodyElement function| hj object| _hjSettings function| gsc string| loaderUrl object| Sparkcentral object| clear function| clearChat string| appId function| initialiseSparkcentral object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| __onWebMessengerFrameReady__ object| __post_robot_11_0_0___uid_lqkxtqkaifrjfgwisaugebjuiombjk object| paypal object| __zoid_10_3_1___uid_lqkxtqkaifrjfgwisaugebjuiombjk object| GoCardlessDropin object| recaptcha object| closure_lm_433271 object| paypalDDL string| PaypalOffersObject function| ppq object| __post_robot_10_0_44__ object| PAYPAL

55 Cookies

Domain/Path Name / Value
.wfp.org/ Name: _gcl_au
Value: 1.1.1114864716.1697895285
.wfp.org/ Name: _gid
Value: GA1.2.1479837288.1697895285
.wfp.org/ Name: _gat_UA-127155074-1
Value: 1
.wfp.org/ Name: _dc_gtm_UA-2556524-1
Value: 1
.wfp.org/ Name: _gat_UA-2556524-57
Value: 1
.wfp.org/ Name: _uetsid
Value: 99096480701611ee86791fe09f3ccdd8
.wfp.org/ Name: _uetvid
Value: 99098cf0701611eeb446c167dde138cb
.wfp.org/ Name: _ga_TL7TXTVCYL
Value: GS1.1.1697895285.1.0.1697895285.60.0.0
.bing.com/ Name: MUID
Value: 24DB3C423E0C678E2BD32FF33F0C6617
.wfp.org/ Name: _fbp
Value: fb.1.1697895285468.1667099615
.wfp.org/ Name: __adal_ses
Value: *
.wfp.org/ Name: __adal_lp
Value: https%3A//donate.wfp.org/1243/donation/regular/%3Fcampaign%3D1517
.wfp.org/ Name: __adal_id
Value: eec6a2fb-df05-4d9e-ade4-c389de3ee930.1697895285.1.1697895285.1697895285.1b396db1-e205-4ce7-aa49-c99ee70a8ecf
.wfp.org/ Name: __adal_ca
Value: so%3Ddirect%26me%3Dnone%26ca%3Ddirect%26co%3D%28not%2520set%29%26ke%3D%28not%2520set%29%26cg%3DDirect
.wfp.org/ Name: __adal_cw
Value: 1697895285476
.wfp.org/ Name: _ga_7B8MHJ3Q6W
Value: GS1.2.1697895285.1.0.1697895285.0.0.0
.wfp.org/ Name: SourceTracking
Value: W3sicmVmZXJyZXIiOiJkb25hdGUud2ZwLm9yZyIsImNhbXBhaWduIjoib3RoZXIiLCJtZWRpdW0iOiJub25lIiwiY2lkIjpudWxsLCJlY2lkIjpudWxsLCJhZHNldCI6bnVsbCwiYWQiOm51bGwsInRpbWVzdGFtcCI6MTY5Nzg5NTI4NTc0MX1d
.wfp.org/ Name: GDFieldVal
Value: eyJyZXNlcnZlZF9jYW1wYWlnbl9zb3VyY2VfZmlyc3QiOiJkb25hdGUud2ZwLm9yZyIsInJlc2VydmVkX2NhbXBhaWduX2lkX2ZpcnN0Ijoib3RoZXIiLCJyZXNlcnZlZF9jYW1wYWlnbl9tZWRpdW1fZmlyc3QiOiJub25lIiwicmVzZXJ2ZWRfY2FtcGFpZ25fY2lkX2ZpcnN0IjpudWxsLCJyZXNlcnZlZF9jYW1wYWlnbl9lY2lkX2ZpcnN0IjpudWxsLCJyZXNlcnZlZF9hZF9maXJzdCI6bnVsbCwicmVzZXJ2ZWRfYWRzZXRfZmlyc3QiOm51bGwsInJlc2VydmVkX2NhbXBhaWduX3NvdXJjZV9sYXN0IjoiZG9uYXRlLndmcC5vcmciLCJyZXNlcnZlZF9jYW1wYWlnbl9pZF9sYXN0Ijoib3RoZXIiLCJyZXNlcnZlZF9jYW1wYWlnbl9jaWRfbGFzdCI6bnVsbCwicmVzZXJ2ZWRfY2FtcGFpZ25fZWNpZF9sYXN0IjpudWxsLCJyZXNlcnZlZF9jYW1wYWlnbl9tZWRpdW1fbGFzdCI6Im5vbmUiLCJyZXNlcnZlZF9hZF9sYXN0IjpudWxsLCJyZXNlcnZlZF9hZHNldF9sYXN0IjpudWxsLCJyZXNlcnZlZF9jYW1wYWlnbl9zb3VyY2VfY2FsY3VsYXRlZCI6ImRvbmF0ZS53ZnAub3JnIiwicmVzZXJ2ZWRfY2FtcGFpZ25faWRfY2FsY3VsYXRlZCI6Im90aGVyIiwicmVzZXJ2ZWRfY2FtcGFpZ25fbWVkaXVtX2NhbGN1bGF0ZWQiOiJub25lIiwicmVzZXJ2ZWRfY2FtcGFpZ25fY2lkX2NhbGN1bGF0ZWQiOm51bGwsInJlc2VydmVkX2NhbXBhaWduX2VjaWRfY2FsY3VsYXRlZCI6bnVsbCwicmVzZXJ2ZWRfYWRfY2FsY3VsYXRlZCI6bnVsbCwicmVzZXJ2ZWRfYWRzZXRfY2FsY3VsYXRlZCI6bnVsbH0=
.wfp.org/ Name: _ga
Value: GA1.2.786123756.1697895285
.wfp.org/ Name: _gat_UA-2556524-1
Value: 1
.wfp.org/ Name: _ga_C9S5DE8LYK
Value: GS1.2.1697895286.1.0.1697895286.0.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUlIf3UP3lnzCvfJU-Gou3Nuyi3xqpjYS1dCl8wngENotA2I-sL55TMYHp_5gx8
.google.com/ Name: NID
Value: 511=Id0iGucQX9bUYa0aWLlGKccqvLmGafAQqNxH8klxL35IFCThSk2QMxi1Ob5PBi8RVFItql4sh2b_DQD4WZgn3UwSgvHaThs_DZIjTyiak8ebw9M80HW0FiYNMLApHCP6_N7hhCEQRzWY61hf16jr6eLOc4Xhfqwzkkt12JqjkN8
.wfp.org/ Name: _hjSessionUser_2048364
Value: eyJpZCI6IjBmMGQ0NDg4LTVlMmUtNWI5My04YTU4LTI5MGJiMzY5MTUwYiIsImNyZWF0ZWQiOjE2OTc4OTUyODczODIsImV4aXN0aW5nIjpmYWxzZX0=
.wfp.org/ Name: _hjFirstSeen
Value: 1
.wfp.org/ Name: _hjIncludedInSessionSample_2048364
Value: 0
.wfp.org/ Name: _hjSession_2048364
Value: eyJpZCI6IjM3ZDIxY2FjLWM0NzEtNDI5Zi1hZjAzLTYyZTFlMGNkMmI4YSIsImNyZWF0ZWQiOjE2OTc4OTUyODczODQsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6dHJ1ZX0=
.wfp.org/ Name: _hjAbsoluteSessionInProgress
Value: 1
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzNjCysDSxMDU1MRLiM9RNDEmrCi6zTDLwdfcEAN6Y6fglAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzNjCysDSxMDU1MRLiM9RNDEmrCi6zTDLwdfcEAN6Y6fglAAAA
.paypal.com/ Name: tsrce
Value: smartcomponentnodeweb
.paypal.com/ Name: l7_az
Value: dcg13.slc
.paypal.com/ Name: ts
Value: vreXpYrS%3D1792589687%26vteXpYrS%3D1697897087%26vr%3D52720a3a18b0a798308ce67aff2c2613%26vt%3D52720a3a18b0a798308ce67aff2c2612%26vtyp%3Dnew
.paypal.com/ Name: ts_c
Value: vr%3D52720a3a18b0a798308ce67aff2c2613%26vt%3D52720a3a18b0a798308ce67aff2c2612
.casalemedia.com/ Name: CMID
Value: ZTPTeDsdpWuEQVuH0mgqmAAA
.casalemedia.com/ Name: CMPS
Value: 3397
.casalemedia.com/ Name: CMPRO
Value: 3397
.adnxs.com/ Name: uuid2
Value: 2274067532330087225
.media.net/ Name: visitor-id
Value: 3408968881492079000V10
.media.net/ Name: data-rk
Value: 5109685630289485542~~3
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5109685630289485542
.pubmatic.com/ Name: PugT
Value: 1697895288
.adnxs.com/ Name: anj
Value: dTM7k!M4/YErk#WF']wIg2In2r*GQ*!]tbPl1MNu::wpAk`W=eiekW]gm3dTdYCFBjG?I0n8e1u2*q3g!_6-zQEVk`!+A7C>bPMv
.eyeota.net/ Name: SERVERID
Value: 18656~DM
.demdex.net/ Name: demdex
Value: 26239079500103189472821937069872717121
.rezync.com/ Name: zync-uuid
Value: a96848b3-8bd2-4afc-9002-fa14dcb416b0:1697895288.22508
live.rezync.com/ Name: sd-session-id
Value: .eJwNyksOgyAQANC7zFoaGGfowGUMPxPSShvRTY13L8uXvAuWb9m30Eo7wB_7WSZI7zrUwV_Q628rL_DARjsrbGeN4kiYCeGeoJfe66ctNY8TxiCJs5KYUVFYk3Jao1qDoZwiGRu1N9Y9xTGKPBBZC9x_bqUlcQ.ZTPTeA.cVWn1KpsdE1_OEhlNAq2xq_XytQ
.dpm.demdex.net/ Name: dpm
Value: 26239079500103189472821937069872717121
.krxd.net/ Name: _kuid_
Value: P3kkEza5
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZTPTeAAZa5Gv6QAN
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA129bEwTAwuMjRLysg3TXR0yS_J9il1yV7FKBAVEhCS6ugYlWjqXmYW6OjXxGKaaGlmYWKRZKxrkZRipGuSmJasa2lgYKSblmhokpKcZAI0xcDK0MzS3MLS1MjCQs_IyNTAAgCqph3maQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA129bEwTAwuMjRLysg3TXR0yS_J9il1yQ7iNTSzNLewNDWysDAyt5jFiOCbm5labELj70Ljn0Ljv0Lj_0LjT2JC5S9C469C429C4-9CV8-Cyr-FxLcwNDFdxCoQFRIQkuroGJVo6l5mFujot4oVSYmJpcEmVjQruNGcLGyaaGlmYWKRZKxrkZRipGuSmJasa2lgYKSblmhokpKcZAIMVAMrhKF6RkamBhazhJHsMTMwX4TKt3gkjGoPAH63tpqoAQAA
m.stripe.com/ Name: m
Value: 73984b64-7d2c-429f-adce-088186284f82879c00
.donate.wfp.org/ Name: __stripe_mid
Value: 90bdb254-09f1-4df0-87aa-212bc769083c9d830d
.donate.wfp.org/ Name: __stripe_sid
Value: 57989bbd-b132-4700-82df-307dd4479fbd1baaca

12 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5109685630289485542
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=a96848b3-8bd2-4afc-9002-fa14dcb416b0%3A1697895288.22508&_=1697895288.2274673
Message:
Failed to load resource: the server responded with a status of 451 ()
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=a96848b3-8bd2-4afc-9002-fa14dcb416b0%3A1697895288.22508&_=1697895288.5219412
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10390555.fls.doubleclick.net
20777079p.rfihub.com
5499309.fls.doubleclick.net
5f3157de284bd6000cc5b1eb.config.eu-1.smooch.io
a.rfihub.com
aa.agkn.com
adservice.google.com
adservice.google.de
bat.bing.com
beacon.krxd.net
bpi.rtactivate.com
c1.rfihub.net
c5.adalyser.com
cdn.sparkcentral.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
donate.wfp.org
dpm.demdex.net
dsum-sec.casalemedia.com
events.getsitectrl.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
js.stripe.com
l.getsitecontrol.com
live.rezync.com
m.stripe.com
m.stripe.network
media.eu-1.smooch.io
merchant-ui-api.stripe.com
p.rfihub.com
partners.tremorhub.com
pay.gocardless.com
pay.google.com
play.google.com
ps.eyeota.net
q.stripe.com
r.stripe.com
region1.analytics.google.com
region1.google-analytics.com
s2.getsitecontrol.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
sync-tm.everesttech.net
t.paypal.com
us-u.openx.net
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.recaptcha.net
x.bidswitch.net
x.dlx.addthis.com
104.18.26.193
108.138.26.33
13.32.27.21
13.32.27.83
142.250.184.226
151.101.192.176
151.101.193.35
151.101.194.49
172.217.16.194
172.217.18.6
18.203.183.215
18.66.112.110
18.66.97.53
184.30.20.22
185.64.191.210
185.89.210.101
192.229.221.25
193.0.160.130
198.137.150.201
2001:4860:4802:32::36
2001:4860:4802:34::178
2400:52e0:1e00::1081:1
2400:52e0:1e00::722:1
2600:1f18:612b:4216:6e55:f763:f02d:d10e
2600:9000:20eb:7e00:14:56a0:4680:93a1
2600:9000:214f:c800:1:76cf:fe80:93a1
2606:4700:10::6814:8b22
2606:4700:4400::ac40:9ae3
2620:1ec:c11::200
2a00:1450:4001:809::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2008
2a00:1450:4001:81c::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c03::9a
2a00:1450:4013:c08::5c
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.125.70.222
3.228.255.215
34.117.85.67
34.255.132.0
35.156.105.211
35.156.251.84
35.244.159.8
35.244.174.68
44.212.163.2
44.241.88.74
54.186.23.98
54.77.39.146
69.192.160.219
99.86.4.99
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
08b9d8988340233303e188d9939ad898bb0c1c70e5a9103c6923083646db9ffc
0c4378d0b4afcf625d0a943573246292d3ec8de99f0f3f6f6b41f82c92a383b6
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
0f9aa279fa08f83278e9ae8de1c27ba480c6cb8a6c41e017b7b71e86305f13fc
100082a5a528e4e7117b02aa04631420999caaa3823cad14addb139ba07622bf
10b758f7ab9aab423f4a227d3e8f5c0b7a2656ab04e9c3cd6e2e39c1b85ba1dc
15c5c05e1c7787a5caacde914ea0316bfaa79d8e0d027d4e1f555252b4658654
187972db754c49fe0909034f454f59921d71908160b4d65fff4e4f2a1b3bcfc8
1b0db1031add0f67d1fa0b6745267500cebca7ea9a489777fd3210ae36427796
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c289a27517057586dd938d3ad89efd1d15966ba381ac9d70e4c740ee5286ba5
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
2279acbe0b909f296878149708331941cdb1f78fdd049ae04689eb17c44f7962
244accee46e846a287c7a92b93b917a12a5cdd7fb1c8082d0a83430c00f9e4aa
249dafc979c2938b867e13582132dc7edfa7f2b38f6cb9b344a8b21b14a5223e
255f4d4f93f28e66a913e6b6ccd458f17367ff79b032e220115e61810fa93c34
25796062a2cdacf02059dff29244f1499d03a80cd62fb56d64143ff4be82c005
25d6a90087c11bb3e87d40c12de81441ec389d39b587a77c1e0d771d9eadfa20
266f5618550c5497dccc49cd0aea9f2faada467f60f13ea748e9b7c8af9b0d14
2a6ab45df9e4d7ba1661e98f9e57c9ae68ed0475f05f23117746c78d2e4fc43b
2c1d768baa2d4673f73026fd73da4bf80955e5adaa46c07d60a59dfa79a97e8c
2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03
2f73e9ac0222fded928c39a9dcb5bd7e57c6d8dd70b025eaa88d74433de570da
30975b0b631b9f6f88072ddf89478e63d755bff1d6cc5d6d799790067438c578
3143b2972c789ed40eb3dffb5383868305798cf3dd7b5582ce543262137e7ea5
346edf3fabc718995f044c7f5ec0b78010a8180a01a31600ac3d1371e3ea5c42
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
37c5cc6fa83a5392f51d53cba3892630c02c0e02219d88a043db6d530aa64664
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
3a726662d35cda6fc724a47636793e28aeca63ad7fd7586edd53db4815def981
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f39956e5e5efe0dc248d9574a7a7071f5ac512ae3d553d3f949653cb8147962
3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2
3fc75d058624330c6f1611633822e4023b960fad6a3f35876046f3adaa6349c9
428941d3e89cc8f1333768f46d03ad981f32dd43ac0dfb0cbdb9cfdf7b8175a9
44c48de85c6def81ed02239d6b54ec624c9d7f91aa11cd3b27766eeb985dfb48
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c35771cad9dde5289558c52bd9f64f795170b265066370898c2f6d01b47ff5d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5033e337e474e5d2818fee21b093eaef81d5f545fd49b5f635b3e1160fa83abe
507acb76a964ac9d3ddccee523e2b85b59321da56c71ff5e22ddba8e70a89e46
51342149cbfd0de87ba6c217478574cc606296b40cfed3459c2c10a819bc7414
523ccc05bf563e4086b1e1ffbf44fa63b0777f85d40b0119e8739a3aaeec900b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
554566effefe1b13338bbbc4504ffe98e5ce03e7a71c68a8d9ee41f429e32ec0
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ac8183d99a10a81499f263bb33a19492d64b9dcacee82b36a3bdc9bebf65bd8
5ceecae67bb87600953d623c946505da371a5d191985b37b910c7e28c582b5fd
5d5819aa088c4e4c50335bedcded537098e23e7946b9feaca6a323e70e9bc69a
607f124f180d0722361dbf030fb56190ab6bc2a8695661eb101a0fee1efa55c6
6a4ea63b8016b4d94651cee8f321ca01552c2fb59c2692dfc5fbe80c7ac6bed6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7058720b8528ebd82d31bf2273510e6d72aa8332b1315c8c7367c203730bc54f
70ecbaa77b004bafd74ba7d122642a239f19e95e8a5ffefa1989689712dfde47
7199ab7751b130d28584e764ceddd5836bb92166b17e9ae493510bf93749e70d
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
72514e9f2f3de452cc34255e7a688e532b2b738cb8db80e0430c81823574f61f
73f7889bf92cf273187c2cd8353f4c92005ae3164e6d6c8ec997df4c93401038
74b64f7ee3705f747741c063fd757db7a0c1423fc87ea65731e1b6b7d8c4a13c
7812e58ffc6dc530c08cd2d99e1ce7229cd84da228f5ce13fc27bfe47d61c8e9
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7d283151277ce9a966db5e94713b12b55345bacc16d09ed871d3ac7fd619251f
7dd394c401138f8120a30565d9b89bc3c87d104dc3a7b87bdc87472675356aa5
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7ff5912494fb7b3cdfd5de7ce1773cfc10b96385a3d1e19194ff7263a4aefbfb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85e0445d24cfa83afcc9f008f279842a3f908626f8526de2dfff8830a82d7968
8680b322dcb49757ed608ae0b8669262f15af4961f6bc4a9dcc2b30feb9ce0c5
89d23c80cd405eb7c2eac1f1ff719f3db7261870c6bd7532eced55c04d75f3c8
8a8d4136dabd1cf4aa79d26dfc7ff9a04b8c381eca79f2898529dff1fad43c1c
8c43189051cdcb76245449544f1b97d8fe3b0b5feeead6003fde45929b4cf7ff
8dc5232f0ce9d4a84d95b6d83cf77c20b788accdaee706e57c5030a36faa19e8
905b7eb5f65817f2c129dbfa4241f754e6325ac3ee4380abfa44818c38bc86c4
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9480d029b9dad90083d817d4ce03bce8a9a0f61a8f937573aeaf950dc32ed4af
9812cb6d54877fc4bf9e7129b85d16475af9b00b367ad8e812a7365c48867a8f
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9909925d4ab51d22ae9bab97f369a550542efa7ed88b3282980b8ce816d16677
9b23e60c2a7a892c8691773099e107153ee147b45043b2b11a7c7181373ac0e4
9cd5f4acf93db7922b385fd867d622cc0e042f01a6adf5515f7a72e196487887
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9ee1bc4923dc7344b0c712352a782fcadcd1bbeda8b3a7059f60944a7e1305b0
9f001bc269b29201683598a04376232f9c508190b92ae26238cb74901c065087
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a280749b0a97af2f92ce85800ff9934875548288614c29c76ece6e6b3a62431a
a3167d4e8a04a27e517b1d8fd7c828bfade5cff80fc8ed8fad40f62c7c42fa65
a410147668c39d7b918d804b2a4274865b6733cbb31cda7bd580a884dc1d63b3
a441d49f7cc06b76e031d42703fcbe43273ae2c9646c968f7d7a40d435294eec
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a7006c9765b3997f8d2ff41cc0560fe325677b74d57c26084c958431d2325574
a7272080390992209addb7af7193b8f2d4008b64babd80b4a13c3aeb043d6a71
a9ceb489f9c5b4f9e257f1f1e72dcdce6fa853362423ee9c737c70081e2b89e5
ab59da15a91d1da7c902b7c2a4f27f4093abbfeb9a56a9ceeecf295d836a759f
ac8aa96e1da838f3af3d354dce527e833927ec4f40dfaed294b22b72eb41821b
afa4656a236e1cf63ade8e676571ed73cb7f809e14502b0620f242f30f431ed9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b547118b91a70f93ef1bd5e2351f90bdf49ac9ea77911f50c64a2e878a92de28
b7e82e6f7c70e3a25f97065417a5bb4dd5690931fdb16f71a49dab26f9d480ca
bd3305cbe248a3e41e6515b13252574e43ca28e21b1a768cae80e883199763c0
bf190f53b34ca5a0445da2fbd9ff9a7155487c067c907fa7540d855e603fb807
c2375af6e2ed9a9a1a1e69febf958f27c98717951bfd0248d59a209441a56ab1
c32248313d690bb410071a8cea4bc85437f6e18793810ea83cb6486ef46c5ff0
c6034e158d46463cf39b67667d1f14fc3767042d02244d98335189291184e3a6
d241c2db656d673e741ed285d0e89dcf435a5297f76c3367492cd306887157d2
d4e3e3ab2d1430539181a8d2124c78c8cf21a4d8a1cab51cc7cdb44ffc54c33a
d5679ed0231e83382e858b0255f1d75987fc23964085ca68f7269dbe6004aff2
d5cd509c4886598bcade37c60dd24e92416c92bb6c55f53ddfed1a67a917aa35
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d8fa4752fc6b39ed0d2d8f266b795d12df15e3725d691bf323a9ccfa38781929
d8fe338d744866f58351bb6e6fca2853915d75202688aa6145815c4d95862360
d9ed57f5bb876cc494711b60a8e00b98b3841815496b6fe5ae151e5dfef852fe
dadac14c76c7f89adf7b5047a18e359ad1154ff6bf56de3f4922a2ddd401428c
ddbe1388107d343ad1c2dfcb6fbb0db7078708a2be94e960c110b3b7b5379bc6
ddeead0bf45de6827976be6b4cc01037068e8e45c1f35cad1b2f491a44454efe
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51fc1d194ae40ce2db4ba6abce427ad95cc98d505a4e7346c0c6f6eae33b1c9
e612830c72c5254782cf85d0a3a9a776dd3b8ded34b0aa4a09ed5393729b103a
e62edfdb0575acbdce5c582447530e931df30ba86e9036e93c58cc7944ed56c6
e7870df28f89fe0cd077694ca845431146a9f7f94cb980fd75008b71474407e7
e87c029f38797686278a2571b3a945e56f9787058536c2be9a6064dc6df43f98
eb5eba66e0727f3ff99dea0d7b2f33805d4342c2441377525fb8305354e37a13
ed417060406c092b5c7bd0feaba39d54414da92854b708382b4dae643afa2162
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f05a075dfa9cee7ab76b28bf5ebb367646493c4c3712ad1fb6bff0378f49a573
f3cb3c087377fcd1ff6696de65730b49d301d4f18c962818b4e353f4f304295b
f955bfcf0219c60473f78817c7fd141e332870c452feb095d766dad369ffa3f6
fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da
fb8a5407a4d6d3f2f75b3accb0e27248a053efeb437dcffce147fe941d2a3071
fc9e37fabc51947d3aaa8597bdc3df4aafd79759730b995d6e70686fca30ac8d
fd0262a4252df13a4ddc1284ffcc7ae10da3e268bbe29a8be68e80b8515054cd
fe461e8460c7da77499624431951d65439abfd06447b53781b641d77c2aa343e
ff117bf9b280b5947d3d05d4d5b19c456059053daa0e458b9be22ab07b032f31