urlscan.io logo urlscan.io
SecurityTrails logo

secure.irusa.org Open in urlscan Pro
151.101.129.91  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://secure.irusa.org/
Effective URL: https://secure.irusa.org/donate/pre-ramadan-2024
Submission: On February 15 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 51 IPs in 6 countries across 37 domains to perform 177 HTTP transactions. The main IP is 151.101.129.91, located in United States and belongs to FASTLY, US. The main domain is secure.irusa.org.
TLS certificate: Issued by R3 on December 24th 2023. Valid for: 3 months.
This is the only time secure.irusa.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 151.101.65.91 54113 (FASTLY)
1 32 151.101.129.91 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
20 99.86.4.122 16509 (AMAZON-02)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
5 2.19.96.186 20940 (AKAMAI-ASN1)
4 2a03:2880:f08... 32934 (FACEBOOK)
1 143.204.207.250 16509 (AMAZON-02)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2600:9000:264... 16509 (AMAZON-02)
2 2a04:4e42::396 54113 (FASTLY)
1 23.206.23.103 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
2 2620:116:800d... 16509 (AMAZON-02)
5 2600:9000:275... 16509 (AMAZON-02)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 141.193.213.11 209242 (CLOUDFLAR...)
1 13.32.23.29 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 151.101.129.140 54113 (FASTLY)
2 52.203.133.210 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
17 54.187.119.242 16509 (AMAZON-02)
4 151.101.0.84 54113 (FASTLY)
1 3 2a02:2638:3::c 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
3 2a03:2880:f17... 32934 (FACEBOOK)
2 151.101.0.176 54113 (FASTLY)
1 198.202.176.201 16509 (AMAZON-02)
1 3.228.185.246 14618 (AMAZON-AES)
1 212.82.100.181 34010 (YAHOO-IRD)
1 104.77.153.11 20940 (AKAMAI-ASN1)
3 54.202.109.213 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a05:d018:cc3... 16509 (AMAZON-02)
12 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:235... 16509 (AMAZON-02)
1 34.241.54.72 16509 (AMAZON-02)
5 35.190.43.134 15169 (GOOGLE)
177 51
1    151.101.65.91 (United States)

ASN54113 (FASTLY, US)
secure.irusa.org
32    151.101.129.91 (United States)

ASN54113 (FASTLY, US)
secure.irusa.org
4    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6813:d383 (United States)

ASN13335 (CLOUDFLARENET, US)
www.lightboxcdn.com
20    99.86.4.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-122.fra6.r.cloudfront.net
js.stripe.com
1    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
analytics.biggorilla.app
5    2.19.96.186 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-96-186.deploy.static.akamaitechnologies.com
analytics.tiktok.com
4    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net
sc-static.net
2    2a02:26f0:3500:893::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.pinimg.com
1    2600:9000:2644:8800:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
2    2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
1    23.206.23.103 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-23-103.deploy.static.akamaitechnologies.com
s7.addthis.com
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
2    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
5    2600:9000:275d:fa00:9:7301:d4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
talkdeskchatsdk.talkdeskapp.com
2    2a02:26f0:3500:16::215:1496 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
irusa.org
1    13.32.23.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-29.fra56.r.cloudfront.net
d3w3r5c7xzin3t.cloudfront.net
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    151.101.129.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
2    52.203.133.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-133-210.compute-1.amazonaws.com
rms.gospringboard.io
4    2a00:1450:400c:c02::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
pay.google.com
17    54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
q.stripe.com
r.stripe.com
4    151.101.0.84 (United States)

ASN54113 (FASTLY, US)
ct.pinterest.com
3    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
2    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2600:9000:223c:c600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
3    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    151.101.0.176 (United States)

ASN54113 (FASTLY, US)
m.stripe.network
1    198.202.176.201 (United States)

ASN16509 (AMAZON-02, US)
merchant-ui-api.stripe.com
1    3.228.185.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-185-246.compute-1.amazonaws.com
api.talkdeskapp.com
1    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
1    104.77.153.11 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-77-153-11.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com
3    54.202.109.213 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-202-109-213.us-west-2.compute.amazonaws.com
m.stripe.com
4    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a05:d018:cc3:fe04:f5fd:4976:c387:11c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
12    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
1    2600:9000:235a:4400:e:6b13:2100:93a1 (United States)

ASN16509 (AMAZON-02, US)
qa-cdn-talkdesk.talkdeskdev.com
1    34.241.54.72 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: api-34-241-54-72.stripe.com
api.stripe.com
5    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
tr6.snapchat.com
Apex Domain
Subdomains		 Transfer
42 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1356
q.stripe.com — Cisco Umbrella Rank: 8764
merchant-ui-api.stripe.com — Cisco Umbrella Rank: 6214
r.stripe.com — Cisco Umbrella Rank: 4802
m.stripe.com — Cisco Umbrella Rank: 1289
api.stripe.com — Cisco Umbrella Rank: 13717
1013 KB
34 irusa.org
secure.irusa.org
irusa.org — Cisco Umbrella Rank: 421258
8 MB
19 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2400
pay.google.com — Cisco Umbrella Rank: 2908
www.google.com — Cisco Umbrella Rank: 2
play.google.com — Cisco Umbrella Rank: 44
424 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 391
www.linkedin.com — Cisco Umbrella Rank: 643
px4.ads.linkedin.com — Cisco Umbrella Rank: 6482
3 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
128 KB
6 talkdeskapp.com
talkdeskchatsdk.talkdeskapp.com — Cisco Umbrella Rank: 46189
api.talkdeskapp.com — Cisco Umbrella Rank: 30811
632 KB
5 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 901
tr6.snapchat.com — Cisco Umbrella Rank: 1295
823 B
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 708
145 KB
4 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 927
5 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
ssl.google-analytics.com — Cisco Umbrella Rank: 605
38 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 191
76 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 52
335 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
234 B
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 461
mug.criteo.com — Cisco Umbrella Rank: 2577
7 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 5654
669 B
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 409
14 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
stats.g.doubleclick.net — Cisco Umbrella Rank: 113
2 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1444
16 KB
2 gospringboard.io
rms.gospringboard.io — Cisco Umbrella Rank: 297220
603 B
2 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1487
712 B
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1036
16 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1423
pixel.quantserve.com — Cisco Umbrella Rank: 1207
10 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 713
7 KB
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1250
10 KB
2 adroll.com
s.adroll.com — Cisco Umbrella Rank: 3754
d.adroll.com — Cisco Umbrella Rank: 1695
29 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 990
20 KB
2 biggorilla.app
analytics.biggorilla.app — Cisco Umbrella Rank: 979875
22 KB
1 talkdeskdev.com
qa-cdn-talkdesk.talkdeskdev.com — Cisco Umbrella Rank: 97879
999 B
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 2791
960 B
1 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1593
634 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1404
1 KB
1 cloudfront.net
d3w3r5c7xzin3t.cloudfront.net
19 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 48
833 B
1 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 3988
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1126
18 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 689
15 KB
1 lightboxcdn.com
www.lightboxcdn.com — Cisco Umbrella Rank: 5723
425 B
177 37
Domain Requested by
33 secure.irusa.org 2 redirects secure.irusa.org
20 js.stripe.com secure.irusa.org
js.stripe.com
12 play.google.com www.gstatic.com
9 q.stripe.com secure.irusa.org
8 r.stripe.com js.stripe.com
5 talkdeskchatsdk.talkdeskapp.com secure.irusa.org
talkdeskchatsdk.talkdeskapp.com
5 analytics.tiktok.com secure.irusa.org
analytics.tiktok.com
4 tr.snapchat.com sc-static.net
4 www.gstatic.com pay.google.com
www.gstatic.com
4 px.ads.linkedin.com 3 redirects snap.licdn.com
4 ct.pinterest.com s.pinimg.com
4 pay.google.com js.stripe.com
pay.google.com
secure.irusa.org
www.gstatic.com
4 connect.facebook.net secure.irusa.org
connect.facebook.net
4 www.googletagmanager.com secure.irusa.org
www.googletagmanager.com
3 m.stripe.com m.stripe.network
3 www.facebook.com secure.irusa.org
3 www.google.de secure.irusa.org
3 bat.bing.com secure.irusa.org
bat.bing.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 www.google.com secure.irusa.org
2 gum.criteo.com 1 redirects static.criteo.net
2 rms.gospringboard.io secure.irusa.org
2 alb.reddit.com secure.irusa.org
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 snap.licdn.com secure.irusa.org
snap.licdn.com
2 s.yimg.com secure.irusa.org
s.yimg.com
2 ssl.google-analytics.com secure.irusa.org
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.redditstatic.com secure.irusa.org
www.redditstatic.com
2 s.pinimg.com secure.irusa.org
s.pinimg.com
2 analytics.biggorilla.app secure.irusa.org
analytics.biggorilla.app
1 tr6.snapchat.com sc-static.net
1 api.stripe.com js.stripe.com
1 qa-cdn-talkdesk.talkdeskdev.com secure.irusa.org
1 d.adroll.com s.adroll.com
1 pixel.quantserve.com secure.irusa.org
1 analytics.pangle-ads.com analytics.tiktok.com
1 sp.analytics.yahoo.com secure.irusa.org
1 mug.criteo.com secure.irusa.org
1 api.talkdeskapp.com talkdeskchatsdk.talkdeskapp.com
1 merchant-ui-api.stripe.com js.stripe.com
1 px4.ads.linkedin.com secure.irusa.org
1 www.linkedin.com 1 redirects
1 rules.quantcount.com secure.quantserve.com
1 region1.analytics.google.com www.googletagmanager.com
1 d3w3r5c7xzin3t.cloudfront.net secure.irusa.org
1 irusa.org secure.irusa.org
1 secure.quantserve.com secure.irusa.org
1 googleads.g.doubleclick.net www.googletagmanager.com
1 fonts.googleapis.com secure.irusa.org
1 s7.addthis.com secure.irusa.org
1 s.adroll.com secure.irusa.org
1 sc-static.net secure.irusa.org
1 static.criteo.net secure.irusa.org
1 www.lightboxcdn.com secure.irusa.org
177 56

This site contains links to these domains. Also see Links.

Domain
irusa.org
www.charitynavigator.org
greatnonprofits.org
www.guidestar.org
www.give.org
Subject Issuer Validity Valid
secure.irusa.org
R3		 2023-12-24 -
2024-03-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
lightboxcdn.com
Cloudflare Inc ECC CA-3		 2023-10-09 -
2024-10-08		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-07 -
2024-05-09		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
biggorilla.app
GTS CA 1P5		 2024-01-25 -
2024-04-24		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-24 -
2024-02-22		 3 months crt.sh
sc-static.net
Amazon RSA 2048 M03		 2023-12-21 -
2025-01-18		 a year crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-07 -
2024-08-07		 a year crt.sh
s.adroll.com
Amazon RSA 2048 M01		 2023-06-03 -
2024-07-01		 a year crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-08 -
2024-07-06		 6 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-09 -
2024-12-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02		 2024-01-21 -
2024-06-27		 5 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-01-22 -
2024-03-13		 2 months crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
talkdeskapp.com
Amazon RSA 2048 M03		 2024-02-01 -
2025-02-28		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
irusa.org
Cloudflare Inc ECC CA-3		 2023-08-18 -
2024-08-17		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
www.google.de
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-15 -
2024-07-13		 6 months crt.sh
gospringboard.io
R3		 2024-02-05 -
2024-05-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-12-20 -
2024-03-21		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-08 -
2024-05-07		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.platform.talkdeskapp.com
Amazon RSA 2048 M01		 2023-08-13 -
2024-09-10		 a year crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-10-24 -
2024-04-17		 6 months crt.sh
*.pangle-ads.com
RapidSSL TLS ECC CA G1		 2023-08-10 -
2024-09-09		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-22 -
2024-03-21		 3 months crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2023-10-09 -
2024-11-07		 a year crt.sh
talkdeskdev.com
Amazon RSA 2048 M01		 2023-09-25 -
2024-10-22		 a year crt.sh
api.stripe.com
DigiCert SHA2 Extended Validation Server CA		 2024-01-02 -
2024-04-04		 3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-01-30 -
2024-07-30		 6 months crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-13 -
2024-04-12		 a year crt.sh

This page contains 11 frames:

Primary Page: https://secure.irusa.org/donate/pre-ramadan-2024
Frame ID: 5BDC698EA3741ECDE6D4873BA78FA241
Requests: 111 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-c53d1b5ea00bf6892927e2554d474472.html
Frame ID: 743889D86C4F272AB64EA7206CB7CF54
Requests: 13 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-8b837c354e1b49d904ace03df455ed7f.html
Frame ID: 337F76C6EEDBCC21687D5EAF7D27B11B
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-7e70f30d0bd2d7ee770d864ae235ca23.html
Frame ID: E834FB2B8AE474A3505E9F0A66C1FEFB
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: C65A834A0C47758059E7185A0E45A1BF
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=secure.irusa.org&origin=onetag
Frame ID: B5BC1682824AB9A98258C69AA97CF494
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 9605F822FB8B293B43ACDB4E1CCFB57A
Requests: 6 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 7F6D4FCFB527A1D935959FC80CB72BE5
Requests: 13 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-c53d1b5ea00bf6892927e2554d474472.html
Frame ID: 656B04CD021C10BF15C25671E441B28D
Requests: 9 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 2EA20887C278DD71185A0B4AF6295F42
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=3389af84-550b-4207-93a5-8aa6310d8708&u_scsid=510a4e0c-ab84-4be8-a7e5-cfa46255539e&u_sclid=a26f3229-03dc-40c4-bcd6-82f4a8709f8f
Frame ID: BEBB21750CF0ED4F7F0802F16EEC6E36
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

2024 Pre-Ramadan | Islamic Relief USA

Page URL History Show full URLs

  1. http://secure.irusa.org/ HTTP 301
    https://secure.irusa.org/ HTTP 301
    https://secure.irusa.org/donate/pre-ramadan-2024 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • //static\.criteo\.net/js/ld/ld\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

177
Requests

99 %
HTTPS

60 %
IPv6

37
Domains

56
Subdomains

51
IPs

6
Countries

10905 kB
Transfer

19391 kB
Size

48
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://secure.irusa.org/ HTTP 301
    https://secure.irusa.org/ HTTP 301
    https://secure.irusa.org/donate/pre-ramadan-2024 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 102
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1966876&time=1707977400903&url=https%3A%2F%2Fsecure.irusa.org%2Fdonate%2Fpre-ramadan-2024 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1966876&time=1707977400903&url=https%3A%2F%2Fsecure.irusa.org%2Fdonate%2Fpre-ramadan-2024&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1966876%26time%3D1707977400903%26url%3Dhttps%253A%252F%252Fsecure.irusa.org%252Fdonate%252Fpre-ramadan-2024%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1966876&time=1707977400903&url=https%3A%2F%2Fsecure.irusa.org%2Fdonate%2Fpre-ramadan-2024&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1966876&time=1707977400903&url=https%3A%2F%2Fsecure.irusa.org%2Fdonate%2Fpre-ramadan-2024&cookiesTest=true&liSync=true&e_ipv6=AQIF54hjpqsybQAAAY2rYuVlUH9Ps-j5sdP9kGmCq0ldVFNqGuU6gLVpphO6YlN4Br6adh8
Request Chain 114
  • https://gum.criteo.com/sid/json?origin=onetag&domain=irusa.org&sn=ChromeSyncframe&so=0&topUrl=secure.irusa.org&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=RSJOsnxubDhmVlprMklkcU8zZ1BLWFJ0cXFPQVhTTk1oWFRUWjlXRlFHZUsvRVBiZEovWXUyUmdkTDBpRmo1LzVJNElRREtvZ3M5YldMTnBOQSt0TnAzYTEyZENsWVVNWS8rREw0T0o2UytkbCt6TGJPU1ZJc3ZoMW4yUUJpNkh2aWg4OW8vL1ZhOTc1RHhoUk5lQUVyUlRXdXRFcHZ6aVRVWHMyVW5NZzkzTFJCaEo1Yi8vUmZOUjB5Y0ZSbTBlSGxUQUJ0amc2WkpGZGV4REZFTURXUzVFOTJlSWR2SjVoNXExL1BtY0dCM043em16YS9rWlNLMGZpVzJmNHNuZGhkWjdKRmFObmU3bVMreWhKZnZ4b2pwelBVQT09fA&cppv=2

177 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request pre-ramadan-2024
secure.irusa.org/donate/
Redirect Chain
  • http://secure.irusa.org/
  • https://secure.irusa.org/
  • https://secure.irusa.org/donate/pre-ramadan-2024
153 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
4c86a73406f64b212f4b5bfe46a80a064584d8d655afccff3f85c25e933db409
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1485
cache-control
public, max-age=3600
content-encoding
gzip
content-language
en
content-length
24972
content-type
text/html; charset=utf-8
date
Thu, 15 Feb 2024 06:10:00 GMT
etag
"1707975914-1"
expires
Sun, 19 Nov 1978 05:00:00 GMT
last-modified
Thu, 15 Feb 2024 05:45:14 GMT
link
</donate/pre-ramadan-2024>; rel="canonical",</node/2635>; rel="shortlink"
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
vary
Cookie,Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, MISS
x-cache-hits
13, 0
x-content-type-options
nosniff nosniff
x-served-by
cache-iad-kiad7000162-IAD, cache-fra-etou8220036-FRA
x-timer
S1707977400.014136,VS0,VE90

Redirect headers

accept-ranges
bytes
age
0
cache-control
no-store
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 15 Feb 2024 06:09:59 GMT
expires
Sun, 19 Nov 1978 05:00:00 GMT
location
https://secure.irusa.org/donate/pre-ramadan-2024
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff nosniff
x-redirect-id
3919
x-served-by
cache-iad-kcgs7200081-IAD, cache-fra-etou8220036-FRA
x-timer
S1707977400.760362,VS0,VE215
js
www.googletagmanager.com/gtag/ 		193 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-1975050-1
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
388dd3977b715e2b5c2e1a6fdda405951cba7c21ba0fca3e0cb6be0f17c8e875
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:10:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
71398
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 15 Feb 2024 06:10:00 GMT
js
www.googletagmanager.com/gtag/ 		241 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-998150264
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
12adb5bef0d6fa7ba4632db448c79d33042ae1f2a262d471a30a1ac07677f41d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:10:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84970
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 15 Feb 2024 06:10:00 GMT
lightbox_inline.js
www.lightboxcdn.com/vendor/c570b3f6-a6b2-4b42-84f9-83bef80f1ee3/ 		0
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/c570b3f6-a6b2-4b42-84f9-83bef80f1ee3/lightbox_inline.js
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Feb 2024 06:10:01 GMT
cf-cache-status
REVALIDATED
content-md5
1B2M2Y8AsgTpgAmY7PhCfg==
content-length
0
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 20:58:37 GMT
server
cloudflare
etag
0x8DB781A7173B3AD
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
2f162c82-e01e-006e-25e4-5eb119000000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
855b62a178fb8fda-FRA
css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css
secure.irusa.org/files/irusa/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.irusa.org/files/irusa/css/css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
c44fab5ab25ff9f9dc07aced65f77686ec6a831bb858efaac266ba5deaf7d26e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/donate/pre-ramadan-2024
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 06:10:00 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
HIT, MISS
content-length
2217
x-served-by
cache-iad-kiad7000072-IAD, cache-fra-etou8220036-FRA
last-modified
Wed, 07 Feb 2024 18:33:55 GMT
server
Apache
x-timer
S1707977400.149352,VS0,VE114
etag
"8a9-610ceeff312c0"
vary
Accept-encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
https://secure.irusa.org
accept-ranges
bytes
x-cache-hits
3732, 0
css_d_JQcl3gdIg6V0IIwcqB__9ypY46WVQJ1WqFNdpEr4A.css
secure.irusa.org/files/irusa/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.irusa.org/files/irusa/css/css_d_JQcl3gdIg6V0IIwcqB__9ypY46WVQJ1WqFNdpEr4A.css
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
77f250725de074883a574208c1ca81ffff72a58e3a595409d56a8535da44af80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/donate/pre-ramadan-2024
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 06:10:00 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
HIT, MISS
content-length
1578
x-served-by
cache-iad-kjyo7100139-IAD, cache-fra-etou8220036-FRA
last-modified
Wed, 07 Feb 2024 18:33:54 GMT
server
Apache
x-timer
S1707977400.149357,VS0,VE92
etag
"62a-610ceefedafd8"
vary
Accept-encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
https://secure.irusa.org
accept-ranges
bytes
x-cache-hits
291, 0
css_a3awUjSuDC0Rm1Ok8H_V0qZzvr5vZ9a5iw5AEoVCBk4.css
secure.irusa.org/files/irusa/css/ 		202 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.irusa.org/files/irusa/css/css_a3awUjSuDC0Rm1Ok8H_V0qZzvr5vZ9a5iw5AEoVCBk4.css
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
6b76b05234ae0c2d119b53a4f07fd5d2a673bebe6f67d6b98b0e40128542064e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/donate/pre-ramadan-2024
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 06:10:00 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
HIT, MISS
content-length
32447
x-served-by
cache-iad-kjyo7100088-IAD, cache-fra-etou8220036-FRA
last-modified
Thu, 01 Feb 2024 21:00:51 GMT
server
Apache
x-timer
S1707977400.149207,VS0,VE90
etag
"7ebf-610584a637370"
vary
Accept-encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
https://secure.irusa.org
accept-ranges
bytes
x-cache-hits
3158, 0
js_JDqIMQUwCziAIyAXFlXIbQ-XTrwzmjGSKLnZE2Prk74.js
secure.irusa.org/files/irusa/js/ 		130 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.irusa.org/files/irusa/js/js_JDqIMQUwCziAIyAXFlXIbQ-XTrwzmjGSKLnZE2Prk74.js
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
243a883105300b38802320171655c86d0f974ebc339a319228b9d91363eb93be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/donate/pre-ramadan-2024
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 06:10:00 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
HIT, MISS
content-length
45895
x-served-by
cache-iad-kiad7000079-IAD, cache-fra-etou8220036-FRA
last-modified
Wed, 07 Feb 2024 18:33:55 GMT
server
Apache
x-timer
S1707977400.149218,VS0,VE111
etag
"20983-610ceeff8cb98-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://secure.irusa.org
accept-ranges
bytes
x-cache-hits
7, 0
js_GXeZjsHi0zH-xxx-WqQ2fTl_dFttggSuRQBKeT2hurk.js
secure.irusa.org/files/irusa/js/ 		77 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.irusa.org/files/irusa/js/js_GXeZjsHi0zH-xxx-WqQ2fTl_dFttggSuRQBKeT2hurk.js
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
1977998ec1e2d331fec71c7e5aa4367d397f745b6d8204ae45004a793da1bab9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/donate/pre-ramadan-2024
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 06:10:00 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
HIT, MISS
content-length
25753
x-served-by
cache-iad-kjyo7100089-IAD, cache-fra-etou8220036-FRA
last-modified
Thu, 25 Jan 2024 11:48:23 GMT
server
Apache
x-timer
S1707977400.150475,VS0,VE120
etag
"6499-60fc3c1b5c738"
vary
Accept-encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://secure.irusa.org
accept-ranges
bytes
x-cache-hits
2960, 0
js_zX12wXoioTUl_561tth_TuKLGJfYzifj6T0MWYi6Dz0.js
secure.irusa.org/files/irusa/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.irusa.org/files/irusa/js/js_zX12wXoioTUl_561tth_TuKLGJfYzifj6T0MWYi6Dz0.js
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
cd7d76c17a22a13525ff9eb5b6d87f4ee28b1897d8ce27e3e93d0c5988ba0f3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/donate/pre-ramadan-2024
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 06:10:00 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
HIT, MISS
content-length
955
x-served-by
cache-iad-kcgs7200047-IAD, cache-fra-etou8220036-FRA
last-modified
Thu, 25 Jan 2024 11:38:06 GMT
server
Apache
x-timer
S1707977400.150223,VS0,VE89
etag
"3bb-60fc39cece0a8"
vary
Accept-encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://secure.irusa.org
accept-ranges
bytes
x-cache-hits
373, 0
js_qyNpK6f0gHzXVINWuVdsoz5rWfidlPhWSUJhvcdjggQ.js
secure.irusa.org/files/irusa/js/ 		58 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.irusa.org/files/irusa/js/js_qyNpK6f0gHzXVINWuVdsoz5rWfidlPhWSUJhvcdjggQ.js
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
ab23692ba7f4807cd7548356b9576ca33e6b59f89d94f856494261bdc7638204
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/donate/pre-ramadan-2024
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 06:10:00 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
HIT, MISS
content-length
10968
x-served-by
cache-iad-kcgs7200110-IAD, cache-fra-etou8220036-FRA
last-modified
Thu, 25 Jan 2024 11:48:23 GMT
server
Apache
x-timer
S1707977400.150101,VS0,VE120
etag
"2ad8-60fc3c1b73e38"
vary
Accept-encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://secure.irusa.org
accept-ranges
bytes
x-cache-hits
2959, 0
v3
js.stripe.com/ 		597 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
624b01012b4059b82aacbdf7c51c5a4cd1a8d8fc4c16f0dd5d09d27d3b5e25ed
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:09:13 GMT
content-encoding
br
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
57
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Wed, 14 Feb 2024 22:41:07 GMT
server
Cloudfront
etag
W/"e8229abaa6819637754d5808c06f1da4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
PzE_zoHPwCVS-paXCtM_zJ1ObOI5dVTfZLV21IRvmi1IT5RS7FJrmw==
js_dm02TqXbePx5-ENqtxbhD4eTfDbmFfCZkcniz-zsLj0.js
secure.irusa.org/files/irusa/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.irusa.org/files/irusa/js/js_dm02TqXbePx5-ENqtxbhD4eTfDbmFfCZkcniz-zsLj0.js
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
766d364ea5db78fc79f8436ab716e10f87937c36e615f09991c9e2cfecec2e3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/donate/pre-ramadan-2024
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 06:10:00 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
HIT, MISS
content-length
2208
x-served-by
cache-iad-kjyo7100048-IAD, cache-fra-etou8220036-FRA
last-modified
Wed, 07 Feb 2024 18:34:17 GMT
server
Apache
x-timer
S1707977400.150056,VS0,VE124
etag
"8a0-610cef1448d48"
vary
Accept-encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://secure.irusa.org
accept-ranges
bytes
x-cache-hits
3082, 0
js_Fsjr2dPL2FZ2xb7Wn0AKEa8w5oCefbyBeWzE31vPjks.js
secure.irusa.org/files/irusa/js/ 		172 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.irusa.org/files/irusa/js/js_Fsjr2dPL2FZ2xb7Wn0AKEa8w5oCefbyBeWzE31vPjks.js
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
16c8ebd9d3cbd85676c5bed69f400a11af30e6809e7dbc81796cc4df5bcf8e4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/donate/pre-ramadan-2024
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 06:10:00 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
HIT, MISS
content-length
37726
x-served-by
cache-iad-kcgs7200168-IAD, cache-fra-etou8220036-FRA
last-modified
Thu, 01 Feb 2024 20:52:12 GMT
server
Apache
x-timer
S1707977400.150097,VS0,VE122
etag
"935e-610582b755078"
vary
Accept-encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://secure.irusa.org
accept-ranges
bytes
x-cache-hits
2963, 0
js_bMNcqAqOcpVB4VGYw6F9HDONHfb363vwhq0fr67kcxM.js
secure.irusa.org/files/irusa/js/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.irusa.org/files/irusa/js/js_bMNcqAqOcpVB4VGYw6F9HDONHfb363vwhq0fr67kcxM.js
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
6cc35ca80a8e729541e15198c3a17d1c338d1df6f7eb7bf086ad1fafaee47313
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/donate/pre-ramadan-2024
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 06:10:00 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
HIT, MISS
content-length
7514
x-served-by
cache-iad-kjyo7100172-IAD, cache-fra-etou8220036-FRA
last-modified
Wed, 07 Feb 2024 18:33:55 GMT
server
Apache
x-timer
S1707977400.149998,VS0,VE117
etag
"1d5a-610ceeffa5620"
vary
Accept-encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://secure.irusa.org
accept-ranges
bytes
x-cache-hits
3728, 0
ld.js
static.criteo.net/js/ld/ 		46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
7f546c11e8da9f649a54d3e382533d47f071ea968fac646a5e8a892c172e8319
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:10:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 09 Feb 2024 17:36:37 GMT
server
nginx
etag
W/"65c662a5-b83e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 16 Feb 2024 06:10:00 GMT
matomo.js
analytics.biggorilla.app/ 		65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.biggorilla.app/matomo.js
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
306d2a6602684ed92b52f88e6c9f796e056ed96f3db412cf36f6df1b8e5a7874

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:10:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7020
cf-polished
origSize=66607
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 29 Dec 2023 14:27:55 GMT
server
cloudflare
etag
W/"1042f-60da6d6890471-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=En3tGbIx9%2Fs13%2F4v2Ij4Egql25zhkUWKnpZSc%2BWFmTVfN9lfG7xafftygskoNGH8tLTDIvLZl8bGCpkOo%2F83Xu5HxheL%2FazSco4DAfE%2F7Zaf2T%2Fur6PtLA69%2Bzv%2FRyooHWB2vd7PHIEvFakpz0d7iVfcypyrogY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
855b62a19dc82c5e-FRA
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C96RK9BC77U0CEKBEJ1G&lib=ttq
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.96.186 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-96-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7a33d3f5a4ba68a201eed2239000a1b8c97c5323212c5587e1475aed8b272573

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-akamai-request-id
1724761
date
Thu, 15 Feb 2024 06:10:00 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240215061000E85B781D7C9C77797C6A-3B0A36C9B8654EE2-00
x-cache
TCP_MISS from a2-19-96-182.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
server-timing
inner; dur=2, cdn-cache; desc=MISS, edge; dur=1, origin; dur=91
pragma
no-cache
server
nginx
x-tt-logid
20240215061000E85B781D7C9C77797C6A
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
91,2.19.96.182
x-tt-trace-host
01734eee815fc8d31c5beea22a1f4e47bc920299b3ad2c6414abb938da2df53a93c5eb27105e04579feb0f2bbb33915b740ab5789f84d07c26049bc0ac6baa1b15fe7890e6f3a2919ea043d671ce74aa5216fbcecae6a76adf638bc1199ef14665
expires
Thu, 15 Feb 2024 06:10:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		214 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 15 Feb 2024 06:10:00 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57257
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
A+t8iMSGSgROu8Ce40ys/9CQLnU47Ovd1u070OdGn9N9AM4ReOB3zU+Jm6vDk0aE15CmDur1RrpeiDBLLwFdsA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
scevent.min.js
sc-static.net/ 		41 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-207-250.fra53.r.cloudfront.net
Software
CloudFront /
Resource Hash
48ce5810e9c37aaf2076f84ffe1cd46b0ea4e6458811c3b310cf9bf39342619b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:10:00 GMT
content-encoding
gzip
via
1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
18069
x-amz-cf-id
Ob36wUZa14wsfLzBxByetUFtD2iV66F_sEnFcw5fi3Wk2XoX2zzjrQ==
core.js
s.pinimg.com/ct/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:893::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
102576977cfbca21dfdb2c1169801f04e204ca1ed8c603c71fc9959cd0739eba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

akamai-x-true-ttl
7200
content-encoding
br
x-cdn
akamai
etag
"49f1b09533b1387025b51f42c09b71f3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
1865
roundtrip.js
s.adroll.com/j/MJW5HEC2ZZGLBDGWRMHY2U/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/MJW5HEC2ZZGLBDGWRMHY2U/roundtrip.js
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:8800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
219776f9ee1a6037dfcdc7cabf123f1ae934679f4f63a9b4618d402df69774c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

X-Amz-Version-Id
ZlxIokH7F_6fkkXymJfzXRS8F0JYIrZR
Content-Encoding
gzip
Via
1.1 75102a66d781b0fa0df5617ce2738546.cloudfront.net (CloudFront)
Date
Thu, 15 Feb 2024 06:10:02 GMT
X-Amz-Cf-Pop
FRA60-P6
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 13 Feb 2024 11:54:49 GMT
Server
AmazonS3
Etag
W/"00edfe3eb8e7dc70a73282efe810aa3b"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
s4J3WmXEQ7-TBk3eUGcy5hPUrTf_EMqjLRrGIBGl4qD-RpAD1blKdQ==
pixel.js
www.redditstatic.com/ads/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
d0721ac91b973b019d6f365bafb54fe794c973f88277924c036e25a077f5feaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:10:00 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 08 Feb 2024 20:24:57 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"0ca83ac178b16bd69bff070b635cd7fa"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
8698
2022_IRUSA-Website_SpringBoard_ThankYou_0.jpg
secure.irusa.org/files/irusa/ 		207 KB
208 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.irusa.org/files/irusa/2022_IRUSA-Website_SpringBoard_ThankYou_0.jpg
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
a40ac083d7ed74f78f3770395061f8f6850745a196ab2fe1643bf46b64ffd78f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/donate/pre-ramadan-2024
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 06:10:00 GMT
age
0
x-cache
HIT, MISS
content-length
212235
x-served-by
cache-iad-kcgs7200077-IAD, cache-fra-etou8220036-FRA
last-modified
Mon, 28 Mar 2022 18:30:00 GMT
server
Apache
x-timer
S1707977400.187072,VS0,VE214
etag
"33d0b-5db4b7ffefa00"
content-type
image/jpeg
access-control-allow-origin
https://secure.irusa.org
accept-ranges
bytes
x-cache-hits
52, 0
2023_Afghanistan_Emergency_Donation_Form.png
secure.irusa.org/files/irusa/ 		937 KB
938 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.irusa.org/files/irusa/2023_Afghanistan_Emergency_Donation_Form.png
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
2d3a441e86304f03a8143177fa6d532e4e7ed227cb76b46e347c131b23a00ae0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/donate/pre-ramadan-2024
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 06:10:00 GMT
age
0
x-cache
HIT, MISS
content-length
959359
x-served-by
cache-iad-kiad7000096-IAD, cache-fra-etou8220036-FRA
last-modified
Fri, 02 Feb 2024 16:50:59 GMT
server
Apache
x-timer
S1707977400.187044,VS0,VE92
etag
"ea37f-61068eaaaf2f8"
content-type
image/png
access-control-allow-origin
https://secure.irusa.org
accept-ranges
bytes
x-cache-hits
54, 0
2023%20Palestine%20Emergency_Oct_DonationForm_4_1.jpg
secure.irusa.org/files/irusa/ 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.irusa.org/files/irusa/2023%20Palestine%20Emergency_Oct_DonationForm_4_1.jpg
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
394538fead495311b38afe0d3da0fd7a1839b96e434ef69db1e8b63106c8c687
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/donate/pre-ramadan-2024
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 06:10:00 GMT
age
0
x-cache
HIT, MISS
content-length
137306
x-served-by
cache-iad-kiad7000062-IAD, cache-fra-etou8220036-FRA
last-modified
Tue, 30 Jan 2024 21:11:52 GMT
server
Apache
x-timer
S1707977400.445631,VS0,VE194
etag
"2185a-61030361c58f0"
content-type
image/jpeg
access-control-allow-origin
https://secure.irusa.org
accept-ranges
bytes
x-cache-hits
48, 0
2021_IRUSA-Website_DonationForm_PakistanOrphan_0.jpg
secure.irusa.org/files/irusa/ 		180 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.irusa.org/files/irusa/2021_IRUSA-Website_DonationForm_PakistanOrphan_0.jpg
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
fbf6e30593cbfad8e4545f60df41817b333e8c179a380741521f10c7b89b64e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/donate/pre-ramadan-2024
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 06:10:00 GMT
age
0
x-cache
HIT, MISS
content-length
183948
x-served-by
cache-iad-kiad7000130-IAD, cache-fra-etou8220036-FRA
last-modified
Tue, 30 Jan 2024 15:29:44 GMT
server
Apache
x-timer
S1707977400.467453,VS0,VE90
etag
"2ce8c-6102b6e84ccb8"
content-type
image/jpeg
access-control-allow-origin
https://secure.irusa.org
accept-ranges
bytes
x-cache-hits
53, 0
Donation%20Form%20-winteraid.jpeg
secure.irusa.org/files/irusa/ 		555 KB
556 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.irusa.org/files/irusa/Donation%20Form%20-winteraid.jpeg
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
31222e613752964afca69727b0b6c940341af5870cd3d52ea5665f6933baa7a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/donate/pre-ramadan-2024
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 06:10:00 GMT
age
0
x-cache
HIT, MISS
content-length
568511
x-served-by
cache-iad-kcgs7200044-IAD, cache-fra-etou8220036-FRA
last-modified
Tue, 30 Jan 2024 15:35:17 GMT
server
Apache
x-timer
S1707977400.467713,VS0,VE96
etag
"8acbf-6102b825f8868"
content-type
image/jpeg
access-control-allow-origin
https://secure.irusa.org
accept-ranges
bytes
x-cache-hits
53, 0
2024_IRUSA_DONATION_FORM_AFRICA_0.png
secure.irusa.org/files/irusa/ 		770 KB
770 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.irusa.org/files/irusa/2024_IRUSA_DONATION_FORM_AFRICA_0.png
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
05455e65628a9de8a6efdc9d1712e3c03a5609ca4a4f9dce455c2b3e1c202887
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/donate/pre-ramadan-2024
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 06:10:00 GMT
age
0
x-cache
HIT, MISS
content-length
788367
x-served-by
cache-iad-kiad7000125-IAD, cache-fra-etou8220036-FRA
last-modified
Tue, 30 Jan 2024 15:21:21 GMT
server
Apache
x-timer
S1707977400.468087,VS0,VE94
etag
"c078f-6102b50952248"
content-type
image/png
access-control-allow-origin
https://secure.irusa.org
accept-ranges
bytes
x-cache-hits
56, 0
2024_IRUSA_DONATION_FORM_ASIA_0.png
secure.irusa.org/files/irusa/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.irusa.org/files/irusa/2024_IRUSA_DONATION_FORM_ASIA_0.png
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
f595ce38ffe0750d53034e0eff5ff88a862adc743d4d6c7e7d5935730f38af64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/donate/pre-ramadan-2024
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 06:10:00 GMT
age
0
x-cache
HIT, MISS
content-length
1083693
x-served-by
cache-iad-kiad7000060-IAD, cache-fra-etou8220036-FRA
last-modified
Tue, 30 Jan 2024 15:21:56 GMT
server
Apache
x-timer
S1707977400.468370,VS0,VE215
etag
"10892d-6102b52abc578"
content-type
image/png
access-control-allow-origin
https://secure.irusa.org
accept-ranges
bytes
x-cache-hits
53, 0
2024_IRUSA_DONATION_FORM_EUROPE_0.png
secure.irusa.org/files/irusa/ 		764 KB
765 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.irusa.org/files/irusa/2024_IRUSA_DONATION_FORM_EUROPE_0.png
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
6e28c9ce31e9d897ec8c3f9bcbf76c99e9649ee116f2eb49955dcbf486e6f405
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/donate/pre-ramadan-2024
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 06:10:00 GMT
age
0
x-cache
HIT, MISS
content-length
782476
x-served-by
cache-iad-kjyo7100020-IAD, cache-fra-etou8220036-FRA
last-modified
Tue, 30 Jan 2024 15:22:29 GMT
server
Apache
x-timer
S1707977400.468099,VS0,VE103
etag
"bf08c-6102b54a0fdf8"
content-type
image/png
access-control-allow-origin
https://secure.irusa.org
accept-ranges
bytes
x-cache-hits
54, 0
2024_IRUSA_DONATION_FORM_ME_1.png
secure.irusa.org/files/irusa/ 		828 KB
829 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.irusa.org/files/irusa/2024_IRUSA_DONATION_FORM_ME_1.png
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
f19e4f9e294ea1480dc0938c0556857414bbb495109cc199ab54841e914990da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/donate/pre-ramadan-2024
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 06:10:00 GMT
age
0
x-cache
HIT, MISS
content-length
848014
x-served-by
cache-iad-kjyo7100025-IAD, cache-fra-etou8220036-FRA
last-modified
Tue, 30 Jan 2024 15:23:54 GMT
server
Apache
x-timer
S1707977400.468055,VS0,VE97
etag
"cf08e-6102b59a92b68"
content-type
image/png
access-control-allow-origin
https://secure.irusa.org
accept-ranges
bytes
x-cache-hits
53, 0
2024_IRUSA_DONATION_FORM_USA_0.png
secure.irusa.org/files/irusa/ 		855 KB
855 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.irusa.org/files/irusa/2024_IRUSA_DONATION_FORM_USA_0.png
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
381b6a278497c783394357bcd9278865399547ae2d86ba2a940aa958f0dbe0f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/donate/pre-ramadan-2024
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 06:10:00 GMT
age
0
x-cache
HIT, MISS
content-length
875108
x-served-by
cache-iad-kjyo7100097-IAD, cache-fra-etou8220036-FRA
last-modified
Tue, 30 Jan 2024 15:24:43 GMT
server
Apache
x-timer
S1707977400.468078,VS0,VE105
etag
"d5a64-6102b5c9e2878"
content-type
image/png
access-control-allow-origin
https://secure.irusa.org
accept-ranges
bytes
x-cache-hits
52, 0
2024_IRUSA_DONATION_FORM_GLOBAL_0.png
secure.irusa.org/files/irusa/ 		886 KB
887 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.irusa.org/files/irusa/2024_IRUSA_DONATION_FORM_GLOBAL_0.png
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
79cde34316ae643e64a9061b92d0f942b60bb70b4bb09be2ab1a960a6521b296
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/donate/pre-ramadan-2024
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 06:10:00 GMT
age
0
x-cache
HIT, MISS
content-length
907352
x-served-by
cache-iad-kiad7000106-IAD, cache-fra-etou8220036-FRA
last-modified
Tue, 30 Jan 2024 15:25:25 GMT
server
Apache
x-timer
S1707977400.468046,VS0,VE95
etag
"dd858-6102b5f1a05b8"
content-type
image/png
access-control-allow-origin
https://secure.irusa.org
accept-ranges
bytes
x-cache-hits
51, 0
padlock.png
secure.irusa.org/sites/all/modules/springboard/fundraiser/modules/fundraiser_webform/images/ 		151 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.irusa.org/sites/all/modules/springboard/fundraiser/modules/fundraiser_webform/images/padlock.png
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
ca17697042f4b65cfbd37638ef574652e0e18aefcad70ae502212d430270efd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/donate/pre-ramadan-2024
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-served-by
cache-iad-kjyo7100142-IAD, cache-fra-etou8220036-FRA
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 06:10:00 GMT
last-modified
Wed, 31 Jan 2024 21:49:38 GMT
server
Apache
age
0
x-timer
S1707977400.468382,VS0,VE104
etag
"97-61044dafb8080"
x-cache
HIT, MISS
content-type
image/png
accept-ranges
bytes
content-length
151
x-cache-hits
3101, 0
Four-Star%20Rating%20Badge%20-%20Full%20Color.png
secure.irusa.org/files/irusa/upload/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.irusa.org/files/irusa/upload/Four-Star%20Rating%20Badge%20-%20Full%20Color.png
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
8bdd0bd9d3b37cd0aca3491755a4cea0f41090ced3ab96bdd055fbde82b795f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/donate/pre-ramadan-2024
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 06:10:00 GMT
age
0
x-cache
HIT, MISS
content-length
104133
x-served-by
cache-iad-kiad7000168-IAD, cache-fra-etou8220036-FRA
last-modified
Wed, 04 Oct 2023 23:59:25 GMT
server
Apache
x-timer
S1707977400.483764,VS0,VE87
etag
"196c5-606eccc03f5a0"
content-type
image/png
access-control-allow-origin
https://secure.irusa.org
accept-ranges
bytes
x-cache-hits
2973, 0
cfc_0.png
secure.irusa.org/files/irusa/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.irusa.org/files/irusa/cfc_0.png
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
e985a8922a7ec41cbdd45d7712c04a4e2e024e2354619d34713077025618d9dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/donate/pre-ramadan-2024
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 06:10:00 GMT
age
0
x-cache
HIT, MISS
content-length
13031
x-served-by
cache-iad-kcgs7200121-IAD, cache-fra-etou8220036-FRA
last-modified
Thu, 25 Feb 2021 18:55:54 GMT
server
Apache
x-timer
S1707977400.483745,VS0,VE93
etag
"32e7-5bc2db376a280"
content-type
image/png
access-control-allow-origin
https://secure.irusa.org
accept-ranges
bytes
x-cache-hits
2846, 0
2023-top-rated-awards-badge-embed.png
secure.irusa.org/files/irusa/upload/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.irusa.org/files/irusa/upload/2023-top-rated-awards-badge-embed.png
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
049b08f66a3dc94df89d6b7ea92a46b6dca67eabe92b67b28c39b3eb420f02f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/donate/pre-ramadan-2024
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 06:10:00 GMT
age
0
x-cache
HIT, MISS
content-length
56972
x-served-by
cache-iad-kjyo7100161-IAD, cache-fra-etou8220036-FRA
last-modified
Wed, 04 Oct 2023 23:59:18 GMT
server
Apache
x-timer
S1707977400.484080,VS0,VE90
etag
"de8c-606eccba464c8"
content-type
image/png
access-control-allow-origin
https://secure.irusa.org
accept-ranges
bytes
x-cache-hits
3066, 0
2021-02-24.png
secure.irusa.org/files/irusa/ 		164 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.irusa.org/files/irusa/2021-02-24.png
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
20b48842f03f5f25fc99e3f34235769e639ce5d1560cc00bf025b6a43fc21569
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/donate/pre-ramadan-2024
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 06:10:00 GMT
age
0
x-cache
HIT, MISS
content-length
168110
x-served-by
cache-iad-kcgs7200128-IAD, cache-fra-etou8220036-FRA
last-modified
Wed, 24 Feb 2021 21:48:13 GMT
server
Apache
x-timer
S1707977400.483724,VS0,VE100
etag
"290ae-5bc1bfddfe140"
content-type
image/png
access-control-allow-origin
https://secure.irusa.org
accept-ranges
bytes
x-cache-hits
51, 0
bbb_0.png
secure.irusa.org/files/irusa/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.irusa.org/files/irusa/bbb_0.png
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
212e1c8634551e91e3e43cf70ff6bbb929a207d81566657af937a5e117fa0071
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/donate/pre-ramadan-2024
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 06:10:00 GMT
age
0
x-cache
HIT, MISS
content-length
28905
x-served-by
cache-iad-kiad7000099-IAD, cache-fra-etou8220036-FRA
last-modified
Thu, 11 Mar 2021 17:49:20 GMT
server
Apache
x-timer
S1707977400.483708,VS0,VE88
etag
"70e9-5bd46672e4800"
content-type
image/png
access-control-allow-origin
https://secure.irusa.org
accept-ranges
bytes
x-cache-hits
3, 0
addthis_widget.js
s7.addthis.com/js/250/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/250/addthis_widget.js
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.23.103 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-23-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers
css
fonts.googleapis.com/ 		1 KB
833 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=News+Cycle:400,700
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/files/irusa/css/css_a3awUjSuDC0Rm1Ok8H_V0qZzvr5vZ9a5iw5AEoVCBk4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2301b3e0ad44c68290921da9cec7116c35ec781ecd01fb2e2d40577d11e55c3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 15 Feb 2024 06:10:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 15 Feb 2024 06:06:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Feb 2024 06:10:00 GMT
js
www.googletagmanager.com/gtag/ 		313 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-359TZ1ZTY2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1975050-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4412b85958a9f87426afe9fd9a378e1e96de47be49b7d97b2a4373c3945ef3df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:10:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
101322
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 15 Feb 2024 06:10:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1975050-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 05:48:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1311
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 15 Feb 2024 07:48:09 GMT
js
www.googletagmanager.com/gtag/ 		241 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-998150264&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1975050-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
00e51b8694aca8cd2cec34792b6956e1df477fe5dc029e254f83fe7d7fad30d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:10:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84926
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 15 Feb 2024 06:10:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/998150264/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/998150264/?random=1707977400403&cv=11&fst=1707977400403&bg=ffffff&guid=ON&async=1&gtm=45be42c0v898037693za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.irusa.org%2Fdonate%2Fpre-ramadan-2024&hn=www.googleadservices.com&frm=0&tiba=2024%20Pre-Ramadan%20%7C%20Islamic%20Relief%20USA&npa=0&pscdl=noapi&auid=1001153212.1707977400&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-998150264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d22ed315cee780823738ca5069b4b7ac4c5a86890e523ea6f0a762cf4614337f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 06:10:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 05:54:57 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
903
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Thu, 15 Feb 2024 07:54:57 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 15 Feb 2024 06:10:00 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0956FE2D9EF24CC4ACF1A31BD29D48CD Ref B: FRA31EDGE0617 Ref C: 2024-02-15T06:10:00Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
ytc.js
s.yimg.com/wi/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

ats-carp-promotion
1, 1
date
Thu, 15 Feb 2024 06:08:53 GMT
x-amz-version-id
xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
BPBQ98Q48V4T76CE
age
68
x-amz-server-side-encryption
AES256
content-length
6262
x-amz-id-2
twMEdpbgwj5fThDfJMW9DAlaDXXVxWoTn06xq9O8lWJyImrlprZTtODQrH60zdqQFbNL1uMBgks=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Mon, 26 Jun 2023 09:26:35 GMT
server
ATS
etag
"5c6ed25dce803fd84288922b8928409e-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:10:00 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 22 Feb 2024 06:10:00 GMT
talkdeskchatsdk.js
talkdeskchatsdk.talkdeskapp.com/ 		1 MB
387 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://talkdeskchatsdk.talkdeskapp.com/talkdeskchatsdk.js?t=1707977400446
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:fa00:9:7301:d4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
61d7c0602546fdcbfe48d926e1a1401c86baa64ed6476aafba36dc8dab3361c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
crgoqPu1GfrZx8VgSO8npR_t.Lh9gY_K
content-encoding
gzip
via
1.1 6571e9f709b2287f8a30275c17d07140.cloudfront.net (CloudFront)
date
Thu, 15 Feb 2024 06:07:20 GMT
last-modified
Tue, 30 Jan 2024 08:33:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
161
x-amz-server-side-encryption
AES256
etag
W/"299e3de81b22c721e9aae67d624bf748"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
public, max-age=3600, stale-while-revalidate=3600
x-amz-cf-id
Q5gRkPysQx-LmZKu3gi7sAdO3gkU-ct5IX3x_k-GTB1RVclTHMb1KA==
insight.min.js
snap.licdn.com/li.lms-analytics/ 		1 KB
885 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1496 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
41b98c57dbe2a6c7a9e86497f1ffcf4ca102e86480be8cef7272a55855324355
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
623
date
Thu, 15 Feb 2024 06:10:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Feb 2024 10:51:32 GMT
x-cdn
AKAM
x-edgeconnect-midmile-rtt
0
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=17231
accept-ranges
bytes
content-length
624
2022-IRUSA-Logo_Blue_IRUSA-stacked.png
irusa.org/wp-content/uploads/2022/03/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://irusa.org/wp-content/uploads/2022/03/2022-IRUSA-Logo_Blue_IRUSA-stacked.png
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/files/irusa/css/css_a3awUjSuDC0Rm1Ok8H_V0qZzvr5vZ9a5iw5AEoVCBk4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a03892780efd79816665244298206a2a67a1cf999c2ba47154f9387e33453d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:10:01 GMT
cf-cache-status
HIT
age
156073
cf-polished
origFmt=png, origSize=132671
content-disposition
inline; filename="2022-IRUSA-Logo_Blue_IRUSA-stacked.webp"
alt-svc
h3=":443"; ma=86400
content-length
113412
cf-bgj
imgq:100,h2pri
last-modified
Mon, 07 Mar 2022 21:46:52 GMT
server
cloudflare
etag
"62267d4c-2063f"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
855b62a6e8786a77-TXL
add-to-cart.png
secure.irusa.org/files/irusa/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.irusa.org/files/irusa/add-to-cart.png
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/files/irusa/css/css_a3awUjSuDC0Rm1Ok8H_V0qZzvr5vZ9a5iw5AEoVCBk4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
b76e4b3ea1e3bcb46dea8a41d640f8466f7cb123feb8c0bf87a4bf13ea66d6da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/files/irusa/css/css_a3awUjSuDC0Rm1Ok8H_V0qZzvr5vZ9a5iw5AEoVCBk4.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 06:10:00 GMT
age
0
x-cache
HIT, MISS
content-length
47104
x-served-by
cache-iad-kcgs7200034-IAD, cache-fra-etou8220036-FRA
last-modified
Thu, 15 Oct 2020 15:28:49 GMT
server
Apache
x-timer
S1707977400.483707,VS0,VE96
etag
"b800-5b1b74dfb4e40"
content-type
image/png
access-control-allow-origin
https://secure.irusa.org
accept-ranges
bytes
x-cache-hits
2754, 0
arrow-icon.png
d3w3r5c7xzin3t.cloudfront.net/files/irusa/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3w3r5c7xzin3t.cloudfront.net/files/irusa/arrow-icon.png
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/files/irusa/css/css_a3awUjSuDC0Rm1Ok8H_V0qZzvr5vZ9a5iw5AEoVCBk4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-29.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
036ebf88be8dcc56c7528d111851c036e6a9efb24e61d1d92208f7e405f8f42e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
x-content-type-options
nosniff
date
Wed, 14 Feb 2024 08:10:54 GMT
x-amz-cf-pop
FRA56-C2
age
79146
x-cache
Hit from cloudfront
content-length
18697
x-served-by
cache-iad-kiad7000158-IAD, cache-fra-etou8220100-FRA
last-modified
Wed, 28 Mar 2018 11:06:39 GMT
server
Apache
x-timer
S1707288376.575859,VS0,VE85
etag
"4909-56877004d0dc0"
content-type
image/png
access-control-allow-origin
https://secure.irusa.org
accept-ranges
bytes
x-amz-cf-id
cAcFmu873NDJmtUqmXool7WSSypOpcDradSh0hGAd3ZfnvC-WvDI_A==
x-cache-hits
0, 1
CSR64z1Qlv-GDxkbKVQ_fOAKTQ.woff2
fonts.gstatic.com/s/newscycle/v23/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/newscycle/v23/CSR64z1Qlv-GDxkbKVQ_fOAKTQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=News+Cycle:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1c4853f87ee676fa7610760cb0d33da5d53e1c011be7a34d9de03ec4b7b4f3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secure.irusa.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 09:13:46 GMT
x-content-type-options
nosniff
age
161774
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13360
x-xss-protection
0
last-modified
Tue, 02 May 2023 16:44:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 09:13:46 GMT
CSR54z1Qlv-GDxkbKVQ_dFsvWNReuQ.woff2
fonts.gstatic.com/s/newscycle/v23/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/newscycle/v23/CSR54z1Qlv-GDxkbKVQ_dFsvWNReuQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=News+Cycle:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b519c652777c636add992fcfc14ff1360572af19ba11151ea78c17d3c44d153b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://secure.irusa.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 02:47:09 GMT
x-content-type-options
nosniff
age
12171
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13436
x-xss-protection
0
last-modified
Tue, 02 May 2023 16:45:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Feb 2025 02:47:09 GMT
collect
region1.analytics.google.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-359TZ1ZTY2&gtm=45je42c0v9100135593za200&_p=1707977400137&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=991100817.1707977401&ecid=582232950&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&ec_mode=a&_eu=EAAI&_s=1&sid=1707977400&sct=1&seg=0&dl=https%3A%2F%2Fsecure.irusa.org%2Fdonate%2Fpre-ramadan-2024&dt=2024%20Pre-Ramadan%20%7C%20Islamic%20Relief%20USA&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1517
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-359TZ1ZTY2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 06:10:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.irusa.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-359TZ1ZTY2&cid=991100817.1707977401&gtm=45je42c0v9100135593za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-359TZ1ZTY2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 06:10:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.irusa.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-359TZ1ZTY2&cid=991100817.1707977401&gtm=45je42c0v9100135593za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=692932705
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 06:10:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.23bc7c79.js
s.pinimg.com/ct/lib/ 		64 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.23bc7c79.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:893::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
15206059b1193773426292f9308891fa641157df77b08524ff746eb44c3165b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

akamai-x-true-ttl
1209600
content-encoding
br
x-cdn
akamai
etag
"cbabad732da8f3d054a3ab25fec80718"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
accept-ranges
bytes
content-length
18522
matomo.php
analytics.biggorilla.app/ 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.biggorilla.app/matomo.php?action_name=2024%20Pre-Ramadan%20%7C%20Islamic%20Relief%20USA&idsite=34&rec=1&r=794738&h=7&m=10&s=0&url=https%3A%2F%2Fsecure.irusa.org%2Fdonate%2Fpre-ramadan-2024&_id=b066870eb4063122&_idn=1&send_image=0&_refts=0&pv_id=dSRU8E&pf_net=0&pf_srv=127&pf_tfr=11&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by
Host: analytics.biggorilla.app
URL: https://analytics.biggorilla.app/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.17
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.irusa.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Thu, 15 Feb 2024 06:10:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.1.17
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxJHQgr2X8O1ZcET8JJ5ryhJbri%2BH21NBH5pF5G8rkUeNK8QdfeqOnAwDAvjKpRWvgN1v%2BnTkwGCKjdZ%2FLw5%2B1kZqiC%2Fr45F9mlKqiUb%2BbbH2AY7LAnws8BttaKldWVnTpiwabEqQP9gbbsHzef4kc0tRXhaPFc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://secure.irusa.org
access-control-allow-credentials
true
cf-ray
855b62a21e272c5e-FRA
alt-svc
h3=":443"; ma=86400
t2_vj02fcia_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_vj02fcia_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:10:00 GMT
content-encoding
gzip
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server
snooserv
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
98
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1707977400640&id=t2_vj02fcia&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=df9ebc78-e144-4cba-88c8-cd010e39f7e6&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_5ad1a28b&dpm=&dpcc=&dprc=
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:10:00 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
rp.gif
alb.reddit.com/ 		42 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1707977400642&id=t2_vj02fcia&event=Purchase&m.itemCount=1&m.value=&m.valueDecimal=0&m.currency=USD&m.transactionId=5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9&m.customEventName=&m.products=&m.conversionId=&uuid=df9ebc78-e144-4cba-88c8-cd010e39f7e6&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_5ad1a28b&dpm=&dpcc=&dprc=
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:10:00 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
get
rms.gospringboard.io/BC6A9DpR4PJsSzqR4NUqvmZSADTxMefE/ 		2 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rms.gospringboard.io/BC6A9DpR4PJsSzqR4NUqvmZSADTxMefE/get?cookie_prefix=gift_string&host=secure.irusa.org
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/files/irusa/js/js_JDqIMQUwCziAIyAXFlXIbQ-XTrwzmjGSKLnZE2Prk74.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.133.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-133-210.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.irusa.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:10:01 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
GET
p3p
CP="IDC DSP COR ADM Devi Taii PSA PSD Ivaí IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://secure.irusa.org
content-type
application/json
cache-control
no-cache, private
access-control-allow-credentials
true
get
rms.gospringboard.io/BC6A9DpR4PJsSzqR4NUqvmZSADTxMefE/ 		2 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rms.gospringboard.io/BC6A9DpR4PJsSzqR4NUqvmZSADTxMefE/get?&host=secure.irusa.org
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/files/irusa/js/js_JDqIMQUwCziAIyAXFlXIbQ-XTrwzmjGSKLnZE2Prk74.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.133.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-133-210.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.irusa.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:10:01 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
GET
p3p
CP="IDC DSP COR ADM Devi Taii PSA PSD Ivaí IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://secure.irusa.org
content-type
application/json
cache-control
no-cache, private
access-control-allow-credentials
true
new_cookie
secure.irusa.org/js/springboard_cookie/ 		185 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.irusa.org/js/springboard_cookie/new_cookie
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/files/irusa/js/js_JDqIMQUwCziAIyAXFlXIbQ-XTrwzmjGSKLnZE2Prk74.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
1f4ae55c06f0f665ad1e676c964652a48ea1e417d123d94db4583ee65517ccc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://secure.irusa.org/donate/pre-ramadan-2024
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-served-by
cache-fra-etou8220036-FRA
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 06:10:01 GMT
via
1.1 varnish
server
Apache
x-timer
S1707977401.693466,VS0,VE413
vary
Accept-Encoding
x-cache
MISS
content-type
application/json; charset=utf-8
accept-ranges
bytes
content-length
180
x-cache-hits
0
controller-c53d1b5ea00bf6892927e2554d474472.html
js.stripe.com/v3/ Frame 7438 		325 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-c53d1b5ea00bf6892927e2554d474472.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
8bfaa36a529df63a44fae6b8f1d0f26ae527a5ea3dd372122523fa9a0c069699
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.irusa.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
8
cache-control
max-age=60, stale-while-revalidate=900
content-length
325
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 15 Feb 2024 06:09:55 GMT
etag
"c53d1b5ea00bf6892927e2554d474472"
last-modified
Wed, 14 Feb 2024 22:10:41 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-id
gCXjGW__ZhzveMjuE_rEKM6n6nW7kqdeQQIHCe1Ndsrc2LvXPK-YtA==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
payment-request-inner-google-pay-8b837c354e1b49d904ace03df455ed7f.html
js.stripe.com/v3/ Frame 337F 		408 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-google-pay-8b837c354e1b49d904ace03df455ed7f.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
af1387f108d8334ad84efd94efc9d1a632fbd0c7fa372f236f6223b22cd00850
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.irusa.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2317
cache-control
max-age=31536000
content-length
408
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 15 Feb 2024 05:31:24 GMT
etag
"8b837c354e1b49d904ace03df455ed7f"
last-modified
Wed, 14 Feb 2024 22:10:57 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-id
VP2P_Ccxdasn13Zx-OyG_86olRXBDihZ6NOVpSumKYpWW90H0Zu5lQ==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
payment-request-inner-browser-7e70f30d0bd2d7ee770d864ae235ca23.html
js.stripe.com/v3/ Frame E834 		344 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-browser-7e70f30d0bd2d7ee770d864ae235ca23.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
97a5d212cb8686717ef079a2f1a50104b0b3f3a6f97ce05736e53e7748ca07a0
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.irusa.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
39
cache-control
max-age=60, stale-while-revalidate=900
content-length
344
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 15 Feb 2024 06:09:37 GMT
etag
"7e70f30d0bd2d7ee770d864ae235ca23"
last-modified
Wed, 14 Feb 2024 22:10:57 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-id
3xi-_V8hKxYsMQlo9kOv-SHnp2lux1xA5k62rk13JC5axsCwHyFtqw==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
get_token
secure.irusa.org/js/springboard_fraud/ 		135 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.irusa.org/js/springboard_fraud/get_token
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/files/irusa/js/js_JDqIMQUwCziAIyAXFlXIbQ-XTrwzmjGSKLnZE2Prk74.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
ce132024752c83a983a1aed4d32da396467fb32c178aef75ac527c9e05a1a906
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.irusa.org/donate/pre-ramadan-2024
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-served-by
cache-fra-etou8220036-FRA
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 06:10:01 GMT
via
1.1 varnish
server
Apache
x-timer
S1707977401.713574,VS0,VE404
vary
Accept-Encoding
x-cache
MISS
content-type
application/json; charset=utf-8
accept-ranges
bytes
content-length
138
x-cache-hits
0
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame C65A 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.irusa.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1562
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 15 Feb 2024 05:44:00 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Tue, 06 Feb 2024 23:12:25 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-id
ynnsfEFsZfTxO-GImipTE5LHXwSUjE00NpgpbDW2qPoFPWQhwzfiNA==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
739508946444026
connect.facebook.net/signals/config/ 		53 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/739508946444026?v=2.9.147&r=stable&domain=secure.irusa.org&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ab399e6207df86a86de63f50efea132751655861094cfc293b81ead6433229d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 15 Feb 2024 06:10:00 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
X3WNo2N+Vqy6uPGamsn863MUTayl01eXWgdjTYBxgB40X6g8f0y2DwLGkO3Eqix5eioDyM+yw7a3tu9UsKBykg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
shared-1004ee1296e33ce213fb8f91025bfa0e.js
js.stripe.com/v3/fingerprinted/js/ Frame 7438 		535 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-1004ee1296e33ce213fb8f91025bfa0e.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-c53d1b5ea00bf6892927e2554d474472.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6dfe587ef3cb404c41f9a57b0310aa894d99ec2cdf82407bca52478bf49f90d9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-c53d1b5ea00bf6892927e2554d474472.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 05:11:58 GMT
content-encoding
br
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3483
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Wed, 14 Feb 2024 22:10:55 GMT
server
Cloudfront
etag
W/"84c378aaec731cb78c74152b757d5892"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
cJV4UpqKMI_AiNJSX2XCQudGscOoZ14UytqDeSf60mozGMTqXS2V3w==
controller-f37744781e795f890213d647336a6ab2.js
js.stripe.com/v3/fingerprinted/js/ Frame 7438 		693 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-f37744781e795f890213d647336a6ab2.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-c53d1b5ea00bf6892927e2554d474472.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
946664fe3dffeee8690b2a56a7bf0378433e2457d2b14c5ccf98904d4d559d9c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-c53d1b5ea00bf6892927e2554d474472.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 05:11:58 GMT
content-encoding
br
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3483
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Wed, 14 Feb 2024 22:10:53 GMT
server
Cloudfront
etag
W/"75ed2b4a50002979ae2e441fc706ddb5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
CQBqc_7IRGz9Kt5mJyxKXqqGc7LYmbLDyHIyV5rHBAJKWSOcwoE78Q==
pay.js
pay.google.com/gp/p/js/ Frame 337F 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-8b837c354e1b49d904ace03df455ed7f.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a8915aea1dbb6b2ef9752558fd5d49345859c75806cb19bdae6bbdca814e667
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IkbZwXVvhuFiPB9QtclBWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:10:01 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-IkbZwXVvhuFiPB9QtclBWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjamHU4pJi8NKQYlheKsVQUSvFsGSmFINnzU2mzj03mdZ1PWJa2P6USZPrGVN91DOmmbzPmeJOPGcSfPOc6d2_F0zvvrxk4vn6kkkCiDWAeIePB4uYz3TWN-HTWbkiprPG1U1nzQNivnXTWVWAWHf9dNZQIHZKn8EaBMQ-9TNYY4BYiJtj59Vt69gEfjxexAgAdUY6EA"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Thu, 15 Feb 2024 06:10:01 GMT
shared-1004ee1296e33ce213fb8f91025bfa0e.js
js.stripe.com/v3/fingerprinted/js/ Frame 337F 		535 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-1004ee1296e33ce213fb8f91025bfa0e.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-8b837c354e1b49d904ace03df455ed7f.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6dfe587ef3cb404c41f9a57b0310aa894d99ec2cdf82407bca52478bf49f90d9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-8b837c354e1b49d904ace03df455ed7f.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 05:11:58 GMT
content-encoding
br
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3483
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Wed, 14 Feb 2024 22:10:55 GMT
server
Cloudfront
etag
W/"84c378aaec731cb78c74152b757d5892"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
aZAsPs9OF7ZYqpsMwdICwLZRxaNRIY4iIZkcBpwP84OhMvSxLwmZ5w==
payment-request-inner-google-pay-55926d87f8538450887ab383061d3425.js
js.stripe.com/v3/fingerprinted/js/ Frame 337F 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-55926d87f8538450887ab383061d3425.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-8b837c354e1b49d904ace03df455ed7f.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f8e37527996d0530694a2a8ddf6afdcf28cc8a05e50ce3ce9d3f2f743b04659f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-8b837c354e1b49d904ace03df455ed7f.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:04:26 GMT
content-encoding
gzip
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1882
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 09 Feb 2024 18:11:55 GMT
server
Cloudfront
etag
W/"c9c83657cf777673149a15b5cf68258f"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
3P_STalAaZs6lgqj-ISfE51r5JjYrH2Mk90VlLfL4hBKnxp2k2c7Mw==
shared-1004ee1296e33ce213fb8f91025bfa0e.js
js.stripe.com/v3/fingerprinted/js/ Frame E834 		535 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-1004ee1296e33ce213fb8f91025bfa0e.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-7e70f30d0bd2d7ee770d864ae235ca23.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6dfe587ef3cb404c41f9a57b0310aa894d99ec2cdf82407bca52478bf49f90d9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-7e70f30d0bd2d7ee770d864ae235ca23.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 05:11:58 GMT
content-encoding
br
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3483
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Wed, 14 Feb 2024 22:10:55 GMT
server
Cloudfront
etag
W/"84c378aaec731cb78c74152b757d5892"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
eYNCkDNvQZVX_Rd26voTRXv1_nvkEeWWDpqJeempkBWwn5rQ5zqEKQ==
payment-request-inner-browser-792795e2c4e2210721d96228540c4e06.js
js.stripe.com/v3/fingerprinted/js/ Frame E834 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-792795e2c4e2210721d96228540c4e06.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-7e70f30d0bd2d7ee770d864ae235ca23.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
fedfc64728beee4dcdf576abb2dd3c44b462afc3b5db8c53704629a1ee6dd14c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-7e70f30d0bd2d7ee770d864ae235ca23.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 05:14:34 GMT
content-encoding
gzip
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3348
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 09 Feb 2024 18:11:55 GMT
server
Cloudfront
etag
W/"32dba56f50e599b5cc53a055305f8c45"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
gjgzNjnADzGTdFu_EyHrwzFkg_9lC3LuBqeRzq3qrEMiTzkpr17PKA==
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame C65A 		526 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 05:47:01 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
1756
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
content-length
526
last-modified
Tue, 06 Feb 2024 23:12:23 GMT
server
Cloudfront
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
xFdgKEtYihZpDlm_Cby9vVdmXWYvf3oTu399xUFJoFNlnyLwlh-NCQ==
collect
www.google-analytics.com/j/ 		2 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=514465347&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.irusa.org%2Fdonate%2Fpre-ramadan-2024&ul=en-us&de=UTF-8&dt=2024%20Pre-Ramadan%20%7C%20Islamic%20Relief%20USA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1443754531&gjid=538696913&cid=991100817.1707977401&tid=UA-1975050-1&_gid=1455753509.1707977401&_r=1&gtm=457e42c0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&jsscut=1&z=743641915
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.irusa.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 06:10:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.irusa.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
csp-report
q.stripe.com/ Frame 7438 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 15 Feb 2024 06:10:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1707977401616291
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1707977401615350
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 337F 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 15 Feb 2024 06:10:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1707977401615697
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1707977401615183
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 337F 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 15 Feb 2024 06:10:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1707977401614035
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1707977401613274
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame E834 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 15 Feb 2024 06:10:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1707977401613817
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1707977401613330
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame E834 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 15 Feb 2024 06:10:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1707977401614191
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1707977401613382
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame C65A 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 15 Feb 2024 06:10:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1707977401616691
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1707977401615856
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame C65A 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 15 Feb 2024 06:10:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1707977401616014
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1707977401615530
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
/
ct.pinterest.com/user/ 		303 B
615 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2615226270221&cb=1707977400846&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.23bc7c79.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4e7140f58b2b89a1c8ffba6df69a1e845f6e8fee48987276a7523b8244191c3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:10:00 GMT
content-encoding
gzip
x-cdn
fastly
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=600
x-pinterest-rid
1103512997143212
content-length
172
pin-unauth
dWlkPVpqZ3haV1F4WldRdFpUUTVNeTAwWmpJeUxUa3lOV0l0TURsaU9EbGhaalEwTjJaaw
pragma
no-cache
referrer-policy
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure.irusa.org
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
875f2e02e50c112557997c9ed58d87a8d887f4ed
expires
Sat, 01 Jan 2000 00:00:00 GMT
syncframe
gum.criteo.com/ Frame B5BC 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=secure.irusa.org&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://secure.irusa.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Feb 2024 06:10:00 GMT
server
Kestrel
server-processing-duration-in-ticks
397583
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
/
www.google.com/pagead/1p-user-list/998150264/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/998150264/?random=1707977400403&cv=11&fst=1707976800000&bg=ffffff&guid=ON&async=1&gtm=45be42c0v898037693za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.irusa.org%2Fdonate%2Fpre-ramadan-2024&frm=0&tiba=2024%20Pre-Ramadan%20%7C%20Islamic%20Relief%20USA&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_kl667blaOriVno0lG21Dek3VD98Z_Q&random=2230283870&rmt_tld=0&ipr=y
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 06:10:01 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/998150264/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/998150264/?random=1707977400403&cv=11&fst=1707976800000&bg=ffffff&guid=ON&async=1&gtm=45be42c0v898037693za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.irusa.org%2Fdonate%2Fpre-ramadan-2024&frm=0&tiba=2024%20Pre-Ramadan%20%7C%20Islamic%20Relief%20USA&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_kl667blaOriVno0lG21Dek3VD98Z_Q&random=2230283870&rmt_tld=1&ipr=y
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 06:10:00 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
__utm.gif
ssl.google-analytics.com/r/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=512869021&utmhn=secure.irusa.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=2024%20Pre-Ramadan%20%7C%20Islamic%20Relief%20USA&utmhid=514465347&utmr=-&utmp=%2Fdonate%2Fpre-ramadan-2024&utmht=1707977400852&utmac=UA-0000000-0&utmcc=__utma%3D229009566.991100817.1707977401.1707977401.1707977401.1%3B%2B__utmz%3D229009566.1707977401.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=494599235&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 06:10:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/v3/?tid=2615226270221&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fsecure.irusa.org%2Fdonate%2Fpre-ramadan-2024%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2223bc7c79%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1707977400853
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.23bc7c79.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 06:10:00 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
https://secure.irusa.org
pinterest-version
875f2e02e50c112557997c9ed58d87a8d887f4ed
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=600
x-pinterest-rid
9489763334123475
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
10018624.json
s.yimg.com/wi/config/ 		2 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10018624.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:10:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
B0NYADVA48CDSHF1
age
3
content-length
22
x-amz-id-2
pInfFon7R3FNIPWoe0V7CTkoZa7epPUL4zy4opUimUzOWYGpgckoClMeL3i1Kb5FsACi6FB7EWU=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=3600
main.MTU3YmJkODI0MQ.js
analytics.tiktok.com/i18n/pixel/static/ 		399 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C96RK9BC77U0CEKBEJ1G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.96.186 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-96-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4d3337c243fd2997450eada372bc50705c72d3bb2fe80bcb3c074be6e39b1ffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-akamai-request-id
1724851
date
Thu, 15 Feb 2024 06:10:00 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202401252008485DD782F92D1F4F70D638
x-tt-trace-id
00-2401252008485DD782F92D1F4F70D638-697A7F1112213D14-00
vary
Accept-Encoding
x-cache
TCP_HIT from a2-19-96-182.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0122ad357bf8aaa52e38e80e04a21aa8324abddc59452fb92ae44954bf5e79301d1f419203ad60d5760f10a5a627db539ded2d9bd46351a349a017e20f98a2ed9749fc6b727b5c40770e840724c7688e6b726f9d83f9372a20f09567cc432311ed
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=5
content-length
106012
rules-p-9S1FAuTMaACaz.js
rules.quantcount.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-9S1FAuTMaACaz.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:c600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f01f54bc328fcfa39cfcd4ef66179b970b8f7c2dea8a681c30f866d94f4c956b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:10:01 GMT
content-encoding
gzip
via
1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2846
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 15:36:00 GMT
server
AmazonS3
etag
W/"b2ba917bd46967c8d38f5d4758d9af3b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
a5mQyxp8B_Yc3jQ8SgmaZbP7V5zPCHzhvVTzBblg_SFBbP2OzsqIzw==
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		43 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1496 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
622
date
Thu, 15 Feb 2024 06:10:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Feb 2024 10:51:31 GMT
x-cdn
AKAM
x-edgeconnect-midmile-rtt
0
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=17301
accept-ranges
bytes
content-length
15732
5510682.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5510682.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Thu, 15 Feb 2024 06:10:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FD64A5AEB4E940A5AA66035C8B9BF8AA Ref B: FRA31EDGE0617 Ref C: 2024-02-15T06:10:00Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5510682&Ver=2&mid=188a8882-4203-4fce-bb4a-8c775a3593a8&sid=da25a2f0cbc811eea01137f4b72b3c20&vid=da25e920cbc811eeaefec980db50117b&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=2024%20Pre-Ramadan%20%7C%20Islamic%20Relief%20USA&p=https%3A%2F%2Fsecure.irusa.org%2Fdonate%2Fpre-ramadan-2024&r=&lt=1643&evt=pageLoad&sv=1&rn=526615
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 15 Feb 2024 06:10:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CF0571780B794BB7B9475CDA179A0CE4 Ref B: FRA31EDGE0617 Ref C: 2024-02-15T06:10:00Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1975050-1&cid=991100817.1707977401&jid=1443754531&gjid=538696913&_gid=1455753509.1707977401&_u=YADAAUAAAAAAACAAI~&z=1134328171
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.irusa.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 15 Feb 2024 06:10:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.irusa.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1966876&time=1707977400903&url=https%3A%2F%2Fsecure.irusa.org%2Fdonate%2Fpre-ramadan-2024
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1966876&time=1707977400903&url=https%3A%2F%2Fsecure.irusa.org%2Fdonate%2Fpre-ramadan-2024&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1966876%26time%3D1707977400903%26url%3Dhttps%253A%252F%252Fsecure.irusa.org%252Fd...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1966876&time=1707977400903&url=https%3A%2F%2Fsecure.irusa.org%2Fdonate%2Fpre-ramadan-2024&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1966876&time=1707977400903&url=https%3A%2F%2Fsecure.irusa.org%2Fdonate%2Fpre-ramadan-2024&cookiesTest=true&liSync=true&e_ipv6=AQIF54hjpqsybQAAAY2...
0
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1966876&time=1707977400903&url=https%3A%2F%2Fsecure.irusa.org%2Fdonate%2Fpre-ramadan-2024&cookiesTest=true&liSync=true&e_ipv6=AQIF54hjpqsybQAAAY2rYuVlUH9Ps-j5sdP9kGmCq0ldVFNqGuU6gLVpphO6YlN4Br6adh8
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:10:01 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 5AFE723A0CF84C448DF1C1D42FB73D55 Ref B: DUS30EDGE0322 Ref C: 2024-02-15T06:10:01Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYRZXpU4nTDTP7lAdauTg==

Redirect headers

date
Thu, 15 Feb 2024 06:10:01 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 77E886983FEA43B6A5902B221A937B89 Ref B: DUS30EDGE0317 Ref C: 2024-02-15T06:10:01Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1966876&time=1707977400903&url=https%3A%2F%2Fsecure.irusa.org%2Fdonate%2Fpre-ramadan-2024&cookiesTest=true&liSync=true&e_ipv6=AQIF54hjpqsybQAAAY2rYuVlUH9Ps-j5sdP9kGmCq0ldVFNqGuU6gLVpphO6YlN4Br6adh8
x-li-proto
http/2
content-length
0
x-li-uuid
AAYRZXpP2h/1QF3cM3hAzg==
698953021920572
connect.facebook.net/signals/config/ 		20 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/698953021920572?v=2.9.147&r=stable&domain=secure.irusa.org&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100%2C175%2C174%2C176%2C181%2C182%2C183%2C179%2C171%2C116%2C170%2C172%2C107%2C137%2C129%2C132%2C113%2C166%2C206%2C101%2C207%2C144%2C105%2C127%2C120%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
47ba446daba925d46e99af07a1f67b1fe0f6b61b7dab89bffa23eb5d2819e4a9
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 15 Feb 2024 06:10:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
uFCbr7/9a7aVk5vjAOKQyJolusORlzAeP+OpFCppcOT3bT2nvm9LdrfzqPDW2hjEv+qpGOHtnWlBsY8e23/XOw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=739508946444026&ev=PageView&dl=https%3A%2F%2Fsecure.irusa.org%2Fdonate%2Fpre-ramadan-2024&rl=&if=false&ts=1707977400924&sw=1600&sh=1200&v=2.9.147&r=stable&ec=0&o=4126&fbp=fb.1.1707977400924.426250950&ler=empty&cdl=API_unavailable&it=1707977400816&coo=false&exp=e1&rqm=GET
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 15 Feb 2024 06:10:01 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
.deploy_status_henson.json
js.stripe.com/v3/ Frame 7438 		474 B
917 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1004ee1296e33ce213fb8f91025bfa0e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
0701ce3bad3360b726b4f6930babef1b5ce8e6ce1c231e71627287bb7db34ade
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-c53d1b5ea00bf6892927e2554d474472.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 15 Feb 2024 06:09:50 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
12
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
content-length
474
last-modified
Wed, 14 Feb 2024 22:43:00 GMT
server
Cloudfront
etag
"6c2e5890b20ba5baba09b894c5541c0e"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
x-amz-cf-id
9WiU7F3_mZqS9LCHiGF4Xg0ZfT5NUf4qV534FOZSi7kR4ipdV7Ur1w==
.deploy_status_henson.json
js.stripe.com/v3/ Frame 7438 		474 B
915 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1004ee1296e33ce213fb8f91025bfa0e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
0701ce3bad3360b726b4f6930babef1b5ce8e6ce1c231e71627287bb7db34ade
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-c53d1b5ea00bf6892927e2554d474472.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 15 Feb 2024 06:09:50 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
12
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
content-length
474
last-modified
Wed, 14 Feb 2024 22:43:00 GMT
server
Cloudfront
etag
"6c2e5890b20ba5baba09b894c5541c0e"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
x-amz-cf-id
Li2k4P6gpzcb4f-1XYa8o3gJwoJpOrvsX4yWTy22zjSJhpjPtBBNHA==
inner.html
m.stripe.network/ Frame 9605 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
165
cache-control
max-age=300, public
content-encoding
br
content-length
540
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 15 Feb 2024 06:10:01 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
100
x-content-type-options
nosniff
x-request-id
c1ad8c36-f9bb-4500-8f8f-84f4a03dc567
x-served-by
cache-fra-etou8220083-FRA
x-timer
S1707977401.126408,VS0,VE0
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1975050-1&cid=991100817.1707977401&jid=1443754531&_u=YADAAUAAAAAAACAAI~&z=1594063224
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 06:10:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1975050-1&cid=991100817.1707977401&jid=1443754531&_u=YADAAUAAAAAAACAAI~&z=1594063224
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 06:10:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wallet-config
merchant-ui-api.stripe.com/elements/ Frame 7438 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://merchant-ui-api.stripe.com/elements/wallet-config
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1004ee1296e33ce213fb8f91025bfa0e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.202.176.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
fcb063ccfd5f29f026933265aec9ef4d3f6855a1a6fdea1a950c7418a7b4e569
Security Headers
Name Value
Content-Security-Policy report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 15 Feb 2024 06:10:01 GMT
content-security-policy
report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security
max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy
same-site
content-length
2588
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
access-control-max-age
300
access-control-allow-methods
GET, POST
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://js.stripe.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
access-control-allow-headers
x-stripe-csrf-token
cross-origin-opener-policy-report-only
same-origin; report-to=https://q.stripe.com/coop-report
expires
0
732.talkdeskchatsdk.js
talkdeskchatsdk.talkdeskapp.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://talkdeskchatsdk.talkdeskapp.com/732.talkdeskchatsdk.js
Requested by
Host: talkdeskchatsdk.talkdeskapp.com
URL: https://talkdeskchatsdk.talkdeskapp.com/talkdeskchatsdk.js?t=1707977400446
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:fa00:9:7301:d4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faa6ea9df751b404b3e6fcbc07d107b55abdb5333c3114f1a343a90163bbb56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
XPJOdfOjBrGM14FvaoFE.LkBqfV00o7U
content-encoding
gzip
via
1.1 6571e9f709b2287f8a30275c17d07140.cloudfront.net (CloudFront)
date
Thu, 15 Feb 2024 06:08:53 GMT
last-modified
Tue, 30 Jan 2024 08:33:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
72
x-amz-server-side-encryption
AES256
etag
W/"f85eb3017c81e6b6c9b129b994d1884a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
public, max-age=3600, stale-while-revalidate=3600
x-amz-cf-id
voM0fVyJ4yALNISDlm-665MDhR7SDXLoVVbiWxLwsWun8npZ4G6EPg==
341.talkdeskchatsdk.js
talkdeskchatsdk.talkdeskapp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://talkdeskchatsdk.talkdeskapp.com/341.talkdeskchatsdk.js
Requested by
Host: talkdeskchatsdk.talkdeskapp.com
URL: https://talkdeskchatsdk.talkdeskapp.com/talkdeskchatsdk.js?t=1707977400446
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:fa00:9:7301:d4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
855877471b1561e620841c595d2e6d5c9e9ad1ae3a8a6bbc44457a90332d2ecf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
aWtAuCZx05bTWr6pbal30cpQwZyQI5d0
content-encoding
gzip
via
1.1 6571e9f709b2287f8a30275c17d07140.cloudfront.net (CloudFront)
date
Thu, 15 Feb 2024 06:10:01 GMT
last-modified
Tue, 30 Jan 2024 08:33:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
33
x-amz-server-side-encryption
AES256
etag
W/"628669fd31053de9e87a907edc31d79b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
public, max-age=3600, stale-while-revalidate=3600
x-amz-cf-id
x0ZogCiSduRelB3keaGSlpPpiXTIop83A4uAKcxtUwQHfC7aNX0p-Q==
livechats
api.talkdeskapp.com/2019-11/pas/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.talkdeskapp.com/2019-11/pas/livechats?touchpoint_value=586c52f8ea804c4e9f677e671fed17f2
Requested by
Host: talkdeskchatsdk.talkdeskapp.com
URL: https://talkdeskchatsdk.talkdeskapp.com/talkdeskchatsdk.js?t=1707977400446
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.185.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-185-246.compute-1.amazonaws.com
Software
/
Resource Hash
e73d9f15dd9389d211722577a1bbc11a9a07adf8071344f6a688e9af7f024009
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; font-src 'self' https: data:; img-src 'self' https: data:; object-src 'none'; script-src https:; style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1 ; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://secure.irusa.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:10:01 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
content-security-policy
default-src 'self' https:; font-src 'self' https: data:; img-src 'self' https: data:; object-src 'none'; script-src https:; style-src 'self' https: 'unsafe-inline'
x-permitted-cross-domain-policies
none
content-length
2645
x-xss-protection
1 ; mode=block
x-ratelimit-requested-tokens
1
referrer-policy
no-referrer
x-download-options
noopen
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-ratelimit-remaining
29
content-type
application/json
access-control-allow-origin
*
x-frame-options
DENY
x-ratelimit-burst-capacity
30
x-td-provider-region
us-east-1
x-ratelimit-replenish-rate
25
sid
mug.criteo.com/ Frame B5BC
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=irusa.org&sn=ChromeSyncframe&so=0&topUrl=secure.irusa.org&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=RSJOsnxubDhmVlprMklkcU8zZ1BLWFJ0cXFPQVhTTk1oWFRUWjlXRlFHZUsvRVBiZEovWXUyUmdkTDBpRmo1LzVJNElRREtvZ3M5YldMTnBOQSt0TnAzYTEyZENsWVVNWS8rREw0T0o2UytkbCt6TGJPU1ZJc3ZoMW4yUU...
433 B
657 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=RSJOsnxubDhmVlprMklkcU8zZ1BLWFJ0cXFPQVhTTk1oWFRUWjlXRlFHZUsvRVBiZEovWXUyUmdkTDBpRmo1LzVJNElRREtvZ3M5YldMTnBOQSt0TnAzYTEyZENsWVVNWS8rREw0T0o2UytkbCt6TGJPU1ZJc3ZoMW4yUUJpNkh2aWg4OW8vL1ZhOTc1RHhoUk5lQUVyUlRXdXRFcHZ6aVRVWHMyVW5NZzkzTFJCaEo1Yi8vUmZOUjB5Y0ZSbTBlSGxUQUJ0amc2WkpGZGV4REZFTURXUzVFOTJlSWR2SjVoNXExL1BtY0dCM043em16YS9rWlNLMGZpVzJmNHNuZGhkWjdKRmFObmU3bVMreWhKZnZ4b2pwelBVQT09fA&cppv=2
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7ce23da17da91f56d98299a0e923f3faf00e20bc1b1334aa23aaed56283fdaeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 06:10:00 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1239497
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Feb 2024 06:10:00 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=RSJOsnxubDhmVlprMklkcU8zZ1BLWFJ0cXFPQVhTTk1oWFRUWjlXRlFHZUsvRVBiZEovWXUyUmdkTDBpRmo1LzVJNElRREtvZ3M5YldMTnBOQSt0TnAzYTEyZENsWVVNWS8rREw0T0o2UytkbCt6TGJPU1ZJc3ZoMW4yUUJpNkh2aWg4OW8vL1ZhOTc1RHhoUk5lQUVyUlRXdXRFcHZ6aVRVWHMyVW5NZzkzTFJCaEo1Yi8vUmZOUjB5Y0ZSbTBlSGxUQUJ0amc2WkpGZGV4REZFTURXUzVFOTJlSWR2SjVoNXExL1BtY0dCM043em16YS9rWlNLMGZpVzJmNHNuZGhkWjdKRmFObmU3bVMreWhKZnZ4b2pwelBVQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
357605
content-length
0
expires
0
sp.pl
sp.analytics.yahoo.com/ 		43 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2015%20Feb%202024%2006%3A10%3A01%20GMT&n=-1&b=2024%20Pre-Ramadan%20%7C%20Islamic%20Relief%20USA&.yp=10018624&f=https%3A%2F%2Fsecure.irusa.org%2Fdonate%2Fpre-ramadan-2024&enc=UTF-8&yv=1.15.1&isIframe=1&tagmgr=gtm
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 06:10:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Thu, 15 Feb 2024 06:10:01 GMT
identify_0a875.js
analytics.tiktok.com/i18n/pixel/static/ 		137 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_0a875.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.96.186 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-96-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-akamai-request-id
172494c
date
Thu, 15 Feb 2024 06:10:01 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240123151538CB105E941C491498224C
x-tt-trace-id
00-240123151538CB105E941C491498224C-1FABFF5BB1D8E736-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a2-19-96-182.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01e83572f3e52186dc1c593befa1fab62db99c1f7153c437ec06474e07ee27c8d6bb4252a83cc74e0784f7094d3a20b41c80a3c99c7448c7993d6435b3d9e32c7b9f5e52308612f81020fc1a7b2241bf4aaea20881c32eda1b3eaaf4bd6e886b94
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=10
content-length
37008
pangle_pixel
analytics.pangle-ads.com/api/v2/ 		0
960 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.77.153.11 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-77-153-11.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.irusa.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
44b4598.2cd0596e
date
Thu, 15 Feb 2024 06:10:01 GMT
x-bytefaas-request-id
202402150610013C024029A7E12C6A9A13
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2402150610013C024029A7E12C6A9A13-6E9507D53D7610A8-00
x-cache
TCP_MISS from a104-77-153-7.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53915762) (-)
x-parent-response-time
17,104.77.153.7
server-timing
cdn-cache; desc=MISS, edge; dur=8, origin; dur=9, inner; dur=6
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202402150610013C024029A7E12C6A9A13
x-cache-remote
TCP_MISS from a23-202-158-24.deploy.akamaitechnologies.com (AkamaiGHost/11.4.2.1-54232288) (-)
access-control-max-age
86400
access-control-allow-methods
*
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
x-bytefaas-execution-duration
4.13
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
01c67c59c51e22f2e3f175b97e1af2f2e0813b3f8f31ba0fd756f53c766fe8c5d328597b90225bef43799b82c802520aa2f6c97afc5e0845d73c327277d1c2a08b8cd7ac2a3c0f34a769b157c283277578f884ce4c0f6af6de640ea0b89d53826bbd6679aa79ac763a2c7cd4978c5fd024
x-origin-response-time
9,23.202.158.24
access-control-allow-headers
*
expires
Thu, 15 Feb 2024 06:10:01 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
837 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.96.186 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-96-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.irusa.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
e9cfff1b.1724962
date
Thu, 15 Feb 2024 06:10:01 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240215061001B78A499BF3D55E55FD47-154545695B6B4E99-00
x-cache
TCP_MISS from a2-19-96-182.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
x-parent-response-time
130,2.19.96.182
server-timing
cdn-cache; desc=MISS, edge; dur=88, origin; dur=47, inner; dur=44
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240215061001B78A499BF3D55E55FD47
x-cache-remote
TCP_MISS from a23-220-107-25.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
48,23.220.107.25
x-tt-trace-host
01734eee815fc8d31c5beea22a1f4e47bc891ab1cf23a7fde4ccb8f289d86a1aa138f318f78ffd3a5a5910480907a242c4a13a5be083cfbae1c26f8eaefb4fe0dd2624e05ee5ff942a565419e1f40cea37f44264260d85a06e591297a977511411e015d2acd1b7653f39f7c74389ef1ae1
access-control-allow-headers
Authorization,*
expires
Thu, 15 Feb 2024 06:10:01 GMT
508365043281704
connect.facebook.net/signals/config/ 		29 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/508365043281704?v=2.9.147&r=stable&domain=secure.irusa.org&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100%2C175%2C174%2C176%2C181%2C182%2C183%2C179%2C171%2C116%2C170%2C172%2C107%2C137%2C129%2C132%2C113%2C166%2C206%2C101%2C207%2C144%2C105%2C127%2C120%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
78c72f9598d5933bc9866677ff02318e99bbd7752efc2cf892955cc0765a5ecf
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 15 Feb 2024 06:10:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
XOE8TigOLIxtz8//vYyXNtaLFN6IUI7JLH4s45gd//P0NhG0rHpfxjbgTMWD2sjWQxodCgQW4LEkxcB176in+w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=698953021920572&ev=PageView&dl=https%3A%2F%2Fsecure.irusa.org%2Fdonate%2Fpre-ramadan-2024&rl=&if=false&ts=1707977401158&sw=1600&sh=1200&v=2.9.147&r=stable&ec=0&o=4126&fbp=fb.1.1707977400924.426250950&ler=empty&cdl=API_unavailable&it=1707977400816&coo=false&exp=e1&rqm=GET
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 15 Feb 2024 06:10:01 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
pixel;r=1803168712;labels=_fp.event.Conversion%2C_fp.customer.INSERT%2BCUSTOMER%2BTYPE%2C_fp.pcat.INSERT%2BPRODUCT%2BCATEGORY;orderid=INSERT%2BORDER%2BID;revenue=INSERT%2BREVENUE;event=refresh;rf=0...
pixel.quantserve.com/ 		35 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1803168712;labels=_fp.event.Conversion%2C_fp.customer.INSERT%2BCUSTOMER%2BTYPE%2C_fp.pcat.INSERT%2BPRODUCT%2BCATEGORY;orderid=INSERT%2BORDER%2BID;revenue=INSERT%2BREVENUE;event=refresh;rf=0;a=p-9S1FAuTMaACaz;url=https%3A%2F%2Fsecure.irusa.org%2Fdonate%2Fpre-ramadan-2024;uht=2;fpan=1;fpa=P0-1312435431-1707977400856;pbc=;ns=1;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=irusa.org;dst=1;et=1707977401159;tzo=-60;ogl=title.2024%20Pre-Ramadan%2Cdescription.We%20Are%20One%252E%2Cimage.https%3A%2F%2Fsecure%252Eirusa%252Eorg%2Ffiles%2Firusa%2Fsocial_images%2F2016_ThankYou_SocialShare%252Ejpg;ses=1a6d23ac-6c5d-4faa-ab8f-d7eef528a3cb;mdl=
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 06:10:01 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[{"label":["_fp.event.Conversion"],"pcode":["p-9S1FAuTMaACaz"]},{"label":["_fp.customer.INSERT+CUSTOMER+TYPE"],"pcode":["p-9S1FAuTMaACaz"]},{"label":["_fp.pcat.INSERT+PRODUCT+CATEGORY"],"pcode":["p-9S1FAuTMaACaz"]}],"trigger_data":"1"}]}
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
b
r.stripe.com/ Frame 7438 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1004ee1296e33ce213fb8f91025bfa0e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Thu, 15 Feb 2024 06:10:01 GMT
x-stripe-server-envoy-start-time-us
1707977401617397
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
7
x-stripe-client-envoy-start-time-us
1707977401616226
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 7438 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1004ee1296e33ce213fb8f91025bfa0e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Thu, 15 Feb 2024 06:10:01 GMT
x-stripe-server-envoy-start-time-us
1707977401616341
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
6
x-stripe-client-envoy-start-time-us
1707977401615699
access-control-allow-credentials
true
content-length
0
csp-report
q.stripe.com/ Frame 9605 		0
490 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 15 Feb 2024 06:10:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1707977401615584
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
1
x-stripe-client-envoy-start-time-us
1707977401615181
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame 9605 		87 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Thu, 15 Feb 2024 06:10:01 GMT
x-content-type-options
nosniff
content-encoding
br
via
1.1 varnish
age
39
x-cache
HIT
content-length
15509
x-request-id
c4be131b-869a-4a8d-a9cb-5dfbb10d0cdf
x-served-by
cache-fra-etou8220083-FRA
server
Fastly
x-timer
S1707977401.186273,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
36
payframe
pay.google.com/gp/p/ui/ Frame 7F6D 		19 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9546faf955d4b538c32eaafa58cdc1867a1e2033b555222711adec7553904ae5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-51OerOeqIAMk3_VJOUoKiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-51OerOeqIAMk3_VJOUoKiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Thu, 15 Feb 2024 06:10:01 GMT
expires
Thu, 15 Feb 2024 06:10:01 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjamHU4pJi8NKQYlheKsVQUSvFsGSmFINnzU2mzj03mdZ1PWJa2P6USZPrGVN91DOmmbzPmeJOPGcSfPOc6d2_F0zvvrxk4vn6kkkCiDWAeIePB4uYz3TWN-HTWbkiprPG1U1nzQNivnXTWVWAWHf9dNZQIHZKn8EaBMQ-9TNYY4BYiJtj59Vt69gEdlx_kQ8AdRw6eA"
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
6
m.stripe.com/ Frame 9605 		156 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.202.109.213 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-202-109-213.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
0c5280ab7fb401510308be5e130bb0b9e7146ce40dbadf4ee0112532658ff471
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 15 Feb 2024 06:10:01 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1707977401801009
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1707977401800226
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=508365043281704&ev=PageView&dl=https%3A%2F%2Fsecure.irusa.org%2Fdonate%2Fpre-ramadan-2024&rl=&if=false&ts=1707977401263&sw=1600&sh=1200&v=2.9.147&r=stable&ec=0&o=4126&fbp=fb.1.1707977400924.426250950&ler=empty&cdl=API_unavailable&cs_est=true&it=1707977400816&coo=false&exp=e1&rqm=GET
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 15 Feb 2024 06:10:01 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 7F6D 		157 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriLSSKKVP2pgH40Mxb3i0V3BPZmfg/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ba25e3b25d77e28903b431c589f20ea5a41cf83251a40862247a7b01b4680a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:37:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45164
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56840
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 08:05:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Feb 2025 17:37:17 GMT
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 7F6D 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 15 Feb 2024 06:10:01 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1608
content-type
text/html; charset=UTF-8
MJW5HEC2ZZGLBDGWRMHY2U
d.adroll.com/consent/check/ 		557 B
650 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/MJW5HEC2ZZGLBDGWRMHY2U?pv=52878313732.57286&arrfrr=https%3A%2F%2Fsecure.irusa.org%2Fdonate%2Fpre-ramadan-2024&_s=13e4270a42d9176515fa328e520aca15&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/MJW5HEC2ZZGLBDGWRMHY2U/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:f5fd:4976:c387:11c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
f92bf7961e006c1fdbb3f807799286b22b4596f0c2c9e59d6b4586c8a29c009e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:10:01 GMT
server
nginx/1.22.1
content-length
557
content-type
application/javascript
phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js
js.stripe.com/v3/fingerprinted/js/ 		148 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:05:47 GMT
content-encoding
gzip
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
256
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Tue, 06 Feb 2024 23:12:23 GMT
server
Cloudfront
etag
W/"f7a3e754fa2fa9117506f69f618b5778"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
jwY8AhXBEFrJUnzgOz-6A06nLdrkfjDr4RCYn5PpFlqmEjNxZBvqhQ==
b
r.stripe.com/ Frame 7438 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1004ee1296e33ce213fb8f91025bfa0e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Thu, 15 Feb 2024 06:10:01 GMT
x-stripe-server-envoy-start-time-us
1707977401617224
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
8
x-stripe-client-envoy-start-time-us
1707977401616308
access-control-allow-credentials
true
content-length
0
act
analytics.tiktok.com/api/v2/pixel/ 		0
696 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTU3YmJkODI0MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.96.186 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-96-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.irusa.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
1724a7e
date
Thu, 15 Feb 2024 06:10:01 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240215061001C512E923CA998F52121B-5B01905D54EA4F1A-00
x-cache
TCP_MISS from a2-19-96-182.deploy.akamaitechnologies.com (AkamaiGHost/11.4.1-53905076) (-)
server-timing
inner; dur=22, cdn-cache; desc=MISS, edge; dur=34, origin; dur=142
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240215061001C512E923CA998F52121B
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
143,2.19.96.182
x-tt-trace-host
01734eee815fc8d31c5beea22a1f4e47bc920299b3ad2c6414abb938da2df53a93c02ba482239bc22ef344310ed3e5d2fc7c0da5461600d55c56c4f5ccbfd6804b0878f5cb50bccd50d3d2500a48ff609cf81a17d972a8981850a9868a4bdaae1f
access-control-allow-headers
Authorization,*
expires
Thu, 15 Feb 2024 06:10:01 GMT
m=Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy... Frame 7F6D 		75 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy3tTJ4.L.B1.O/am=wCAN/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhP0P9S7TeMd2UJcqW0S4QyfEMT3A/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriLSSKKVP2pgH40Mxb3i0V3BPZmfg/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d85b4e93245e49003b3ec3076c49380f50ff20cbf81d6ee948ba3ef81ce4002
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:37:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45164
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27796
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 14:10:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Feb 2025 17:37:17 GMT
pay
pay.google.com/gp/p/ui/ Frame 7F6D 		1 MB
376 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriLSSKKVP2pgH40Mxb3i0V3BPZmfg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
078a0613c3e3539c847145a866f528c30236910971af67364d8412077a94d79c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZKT6hRL3VOqA3Enod8D_IA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:10:01 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ZKT6hRL3VOqA3Enod8D_IA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjamHU4pJi8NKQYlheKsVQUSvFsGSmFINnzU2mzj03mdZ1PWJa2P6USZPrGVN91DOmmbzPmeJOPGcSfPOc6d2_F0zvvrxk4vn6kkkCiDWAeIePB4uYz3TWN-HTWbkiprPG1U1nzQNivnXTWVWAWHf9dNZQIHZKn8EaBMQ-9TNYY4BYiIdj59Vt69gEZrzbuIgJAK8gOm4"
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Thu, 15 Feb 2024 06:10:01 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy... Frame 7F6D 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy3tTJ4.L.B1.O/am=wCAN/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhP0P9S7TeMd2UJcqW0S4QyfEMT3A/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriLSSKKVP2pgH40Mxb3i0V3BPZmfg/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1aaf60a81d664d1aeeeffcc14a9a5f3d058cccd37a689c66d2c5a480cba6a243
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:37:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45164
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4134
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 14:10:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Feb 2025 17:37:17 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy... Frame 7F6D 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy3tTJ4.L.B1.O/am=wCAN/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhP0P9S7TeMd2UJcqW0S4QyfEMT3A/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriLSSKKVP2pgH40Mxb3i0V3BPZmfg/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
428573ea8d471499c805dc4fc7642dbfe3a40db95c425099583fe10ee39b1bbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 17:37:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45164
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14367
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 14:10:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Feb 2025 17:37:17 GMT
log
play.google.com/ Frame 7F6D 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriLSSKKVP2pgH40Mxb3i0V3BPZmfg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 15 Feb 2024 06:10:01 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 15 Feb 2024 06:10:01 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Feb 2024 06:10:01 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 7F6D 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriLSSKKVP2pgH40Mxb3i0V3BPZmfg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 15 Feb 2024 06:10:01 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 15 Feb 2024 06:10:01 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Feb 2024 06:10:01 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 7F6D 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriLSSKKVP2pgH40Mxb3i0V3BPZmfg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 15 Feb 2024 06:10:01 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 15 Feb 2024 06:10:01 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Feb 2024 06:10:01 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 7F6D 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriLSSKKVP2pgH40Mxb3i0V3BPZmfg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 15 Feb 2024 06:10:01 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 15 Feb 2024 06:10:01 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Feb 2024 06:10:01 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Feb 2024 06:10:01 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 7F6D 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriLSSKKVP2pgH40Mxb3i0V3BPZmfg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 15 Feb 2024 06:10:01 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 15 Feb 2024 06:10:01 GMT
log
play.google.com/ Frame 7F6D 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.p7aZ1b-ki3E.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfriLSSKKVP2pgH40Mxb3i0V3BPZmfg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 15 Feb 2024 06:10:01 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 15 Feb 2024 06:10:01 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 15 Feb 2024 06:10:01 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
b
r.stripe.com/ Frame 7438 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1004ee1296e33ce213fb8f91025bfa0e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Thu, 15 Feb 2024 06:10:01 GMT
x-stripe-server-envoy-start-time-us
1707977401827913
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
7
x-stripe-client-envoy-start-time-us
1707977401827261
access-control-allow-credentials
true
content-length
0
843.talkdeskchatsdk.js
talkdeskchatsdk.talkdeskapp.com/ 		773 KB
224 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://talkdeskchatsdk.talkdeskapp.com/843.talkdeskchatsdk.js
Requested by
Host: talkdeskchatsdk.talkdeskapp.com
URL: https://talkdeskchatsdk.talkdeskapp.com/talkdeskchatsdk.js?t=1707977400446
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:fa00:9:7301:d4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af4978e7b7362605de6f6a31881e37963bdbd24b5f0f91c1d3fe8242431615ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
IVgys_u5R0QNcW.748hq5GMzJYydlTHx
content-encoding
gzip
via
1.1 6571e9f709b2287f8a30275c17d07140.cloudfront.net (CloudFront)
date
Thu, 15 Feb 2024 06:07:43 GMT
last-modified
Tue, 30 Jan 2024 08:33:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
138
x-amz-server-side-encryption
AES256
etag
W/"959f9038ae302c396e7ee5787a32c294"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
public, max-age=3600, stale-while-revalidate=3600
x-amz-cf-id
MJet3W2zQGsjNa-xnm6LBshVbWZCtdrhS95crYGAy0IKU74VRYKMZA==
25.talkdeskchatsdk.js
talkdeskchatsdk.talkdeskapp.com/ 		38 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://talkdeskchatsdk.talkdeskapp.com/25.talkdeskchatsdk.js
Requested by
Host: talkdeskchatsdk.talkdeskapp.com
URL: https://talkdeskchatsdk.talkdeskapp.com/talkdeskchatsdk.js?t=1707977400446
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:fa00:9:7301:d4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
567fc4b363c4f841702ad5e0692898ff28b40494b30455f69d8449008d0892d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
DvgzW7OqNNm3qvioGYxvJEcx9iiPPA2o
content-encoding
gzip
via
1.1 6571e9f709b2287f8a30275c17d07140.cloudfront.net (CloudFront)
date
Thu, 15 Feb 2024 06:10:01 GMT
last-modified
Tue, 30 Jan 2024 08:33:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
25
x-amz-server-side-encryption
AES256
etag
W/"2b7b311d12990ced9ed63976d0affa24"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
public, max-age=3600, stale-while-revalidate=3600
x-amz-cf-id
YdjBYu8FKvnfthYDc4wf_QQTYPUa_HVlT4aucOQ5KSMNl9-yZBxYXQ==
sms.svg
qa-cdn-talkdesk.talkdeskdev.com/cdn-assets/latest/talkdesk/product/app-icons/ 		583 B
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qa-cdn-talkdesk.talkdeskdev.com/cdn-assets/latest/talkdesk/product/app-icons/sms.svg
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:4400:e:6b13:2100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e1ec1c8c6a0bd614d2c5cda283630e1dc34b4231d04aa2b304a8aee90d7db5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
XNgSNyD.Dp_Ha8G7SVyz8MMWp7Ow2QNc
date
Thu, 15 Feb 2024 06:07:45 GMT
via
1.1 d6dae4153314f4d7a17919a7dd5a237c.cloudfront.net (CloudFront)
last-modified
Wed, 03 Jan 2024 15:17:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
142
x-amz-server-side-encryption
AES256
etag
"3a2568cf1161f07bfc06982f0cb65e1e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
583
x-amz-cf-id
2GvZdjwbU9iERhzGDgAVh7Gi6gQctQL-GLEtjDoqpgrlDK6B5xQxEg==
controller-c53d1b5ea00bf6892927e2554d474472.html
js.stripe.com/v3/ Frame 656B 		325 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-c53d1b5ea00bf6892927e2554d474472.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
8bfaa36a529df63a44fae6b8f1d0f26ae527a5ea3dd372122523fa9a0c069699
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.irusa.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
9
cache-control
max-age=60, stale-while-revalidate=900
content-length
325
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 15 Feb 2024 06:09:55 GMT
etag
"c53d1b5ea00bf6892927e2554d474472"
last-modified
Wed, 14 Feb 2024 22:10:41 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-id
w1pNapKp3pSJKbWl24DChJhdOgDhdq3TGvopReJi7skpBOzBzxZoLA==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
6
m.stripe.com/ Frame 9605 		156 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.202.109.213 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-202-109-213.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
0c5280ab7fb401510308be5e130bb0b9e7146ce40dbadf4ee0112532658ff471
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 15 Feb 2024 06:10:02 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1707977402023898
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1707977402023684
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
6
m.stripe.com/ Frame 9605 		156 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.202.109.213 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-202-109-213.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
0c5280ab7fb401510308be5e130bb0b9e7146ce40dbadf4ee0112532658ff471
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Thu, 15 Feb 2024 06:10:02 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1707977402073230
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1707977402072886
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
shared-1004ee1296e33ce213fb8f91025bfa0e.js
js.stripe.com/v3/fingerprinted/js/ Frame 656B 		535 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-1004ee1296e33ce213fb8f91025bfa0e.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-c53d1b5ea00bf6892927e2554d474472.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6dfe587ef3cb404c41f9a57b0310aa894d99ec2cdf82407bca52478bf49f90d9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-c53d1b5ea00bf6892927e2554d474472.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 05:11:58 GMT
content-encoding
br
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3484
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Wed, 14 Feb 2024 22:10:55 GMT
server
Cloudfront
etag
W/"84c378aaec731cb78c74152b757d5892"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
duAkT8DNwnYAJMheI3lD4v-vKH5l0HtTWTHdYmrsoNtU6ggB-uZHZQ==
controller-f37744781e795f890213d647336a6ab2.js
js.stripe.com/v3/fingerprinted/js/ Frame 656B 		693 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-f37744781e795f890213d647336a6ab2.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-c53d1b5ea00bf6892927e2554d474472.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
946664fe3dffeee8690b2a56a7bf0378433e2457d2b14c5ccf98904d4d559d9c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-c53d1b5ea00bf6892927e2554d474472.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 05:11:58 GMT
content-encoding
br
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3484
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Wed, 14 Feb 2024 22:10:53 GMT
server
Cloudfront
etag
W/"75ed2b4a50002979ae2e441fc706ddb5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
PA8y1iOSBBmnbWmutzosTbETc1GX9P-dZlg7-7fuQg6-QCLYcKPgig==
csp-report
q.stripe.com/ Frame 656B 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: secure.irusa.org
URL: https://secure.irusa.org/donate/pre-ramadan-2024
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 15 Feb 2024 06:10:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1707977402068854
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1707977402068581
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
.deploy_status_henson.json
js.stripe.com/v3/ Frame 656B 		474 B
914 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1004ee1296e33ce213fb8f91025bfa0e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
0701ce3bad3360b726b4f6930babef1b5ce8e6ce1c231e71627287bb7db34ade
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-c53d1b5ea00bf6892927e2554d474472.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 15 Feb 2024 06:09:50 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
13
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
content-length
474
last-modified
Wed, 14 Feb 2024 22:43:00 GMT
server
Cloudfront
etag
"6c2e5890b20ba5baba09b894c5541c0e"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
x-amz-cf-id
0_kUsVpQpJquS2r6bwJb_2VnZtQ8iki4DmUjb5SUd4uwvEpmoTL51g==
.deploy_status_henson.json
js.stripe.com/v3/ Frame 656B 		474 B
915 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1004ee1296e33ce213fb8f91025bfa0e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-122.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
0701ce3bad3360b726b4f6930babef1b5ce8e6ce1c231e71627287bb7db34ade
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-c53d1b5ea00bf6892927e2554d474472.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 15 Feb 2024 06:09:50 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
13
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
content-length
474
last-modified
Wed, 14 Feb 2024 22:43:00 GMT
server
Cloudfront
etag
"6c2e5890b20ba5baba09b894c5541c0e"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
x-amz-cf-id
TxY4Q9NE4DnA9GSim2TQu3SoHt0zDIan0FBzuP4ws6ZG1c5BC9WXmQ==
session
api.stripe.com/v1/radar/ Frame 656B 		42 B
855 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.stripe.com/v1/radar/session
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1004ee1296e33ce213fb8f91025bfa0e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.241.54.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
api-34-241-54-72.stripe.com
Software
nginx /
Resource Hash
12e5bfd7fe5afa298a0a6cb6d88ac4b80aa383a5ad05b0164d7b7495632f3015
Security Headers
Name Value
Content-Security-Policy report-uri https://q.stripe.com/csp-report?p=v1%2Fradar%2Fsession; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

original-request
req_9N4QBdxCqQxy0W
date
Thu, 15 Feb 2024 06:10:02 GMT
content-security-policy
report-uri https://q.stripe.com/csp-report?p=v1%2Fradar%2Fsession; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
stripe-should-retry
false
stripe-version
2020-03-02
strict-transport-security
max-age=63072000; includeSubDomains; preload
request-id
req_9N4QBdxCqQxy0W
content-length
42
server
nginx
x-stripe-routing-context-priority-tier
livemode
access-control-max-age
300
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
access-control-allow-origin
https://js.stripe.com
idempotency-key
1a05a4a0-e454-4cab-bc06-ed6971e5db92
access-control-expose-headers
Request-Id, Stripe-Manage-Version, Stripe-Should-Retry, X-Stripe-External-Auth-Required, X-Stripe-Privileged-Session-Required
cache-control
no-cache, no-store
access-control-allow-credentials
true
vary
Origin
timing-allow-origin
https://js.stripe.com
/
px.ads.linkedin.com/wa/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://secure.irusa.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 15 Feb 2024 06:10:02 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 9AEF1DFD62ED4E929B3BDE35313A1F5C Ref B: DUS30EDGE0317 Ref C: 2024-02-15T06:10:02Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
access-control-allow-origin
https://secure.irusa.org
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYRZXpXxcSq2KvA4h5LSg==
token_create.js
ct.pinterest.com/static/ct/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/static/ct/token_create.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.23bc7c79.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ddfb624caa4045659ee317be45d5f857ce64ef36525fa0e090b75eede8d53ed7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.irusa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:10:02 GMT
x-cdn
fastly
age
1354
etag
"35f071892db479f4d4f078ebd384d4fc"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200
timing-allow-origin
https://ct.pinterest.com
alt-svc
h3=":443";ma=600
content-length
4043
ct.html
ct.pinterest.com/ Frame 2EA2 		565 B
402 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.23bc7c79.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer
https://secure.irusa.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443";ma=600
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Thu, 15 Feb 2024 06:10:02 GMT
pinterest-version
875f2e02e50c112557997c9ed58d87a8d887f4ed
referrer-policy
origin
x-cdn
fastly
x-envoy-upstream-service-time
1
x-pinterest-rid
6535036926878610
3389af84-550b-4207-93a5-8aa6310d8708.js
tr.snapchat.com/config/org/ 		175 B
444 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/org/3389af84-550b-4207-93a5-8aa6310d8708.js?v=3.10.0-2402092239
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
db20aa54e064d5cb11043374521ef71c5ebec243416b9e504ceca7af65e2d316
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.irusa.org/
Origin
https://secure.irusa.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 15 Feb 2024 06:10:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
application/javascript
access-control-allow-origin
https://secure.irusa.org
x-envoy-upstream-service-time
96
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
175
i
tr.snapchat.com/cm/ Frame BEBB 		0
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=3389af84-550b-4207-93a5-8aa6310d8708&u_scsid=510a4e0c-ab84-4be8-a7e5-cfa46255539e&u_sclid=a26f3229-03dc-40c4-bcd6-82f4a8709f8f
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.irusa.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 15 Feb 2024 06:10:02 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
b
r.stripe.com/ Frame 7438 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1004ee1296e33ce213fb8f91025bfa0e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Thu, 15 Feb 2024 06:10:02 GMT
x-stripe-server-envoy-start-time-us
1707977402281345
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
5
x-stripe-client-envoy-start-time-us
1707977402280578
access-control-allow-credentials
true
content-length
0
p
tr.snapchat.com/ 		0
92 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.irusa.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 15 Feb 2024 06:10:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
access-control-allow-origin
https://secure.irusa.org
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p
tr6.snapchat.com/ 		0
42 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr6.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.irusa.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 15 Feb 2024 06:10:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
0
via
1.1 google
server
API Gateway
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
b
r.stripe.com/ Frame 656B 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1004ee1296e33ce213fb8f91025bfa0e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Thu, 15 Feb 2024 06:10:02 GMT
x-stripe-server-envoy-start-time-us
1707977402540568
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
7
x-stripe-client-envoy-start-time-us
1707977402539814
access-control-allow-credentials
true
content-length
0
p
tr.snapchat.com/ 		0
44 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.irusa.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 15 Feb 2024 06:10:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
access-control-allow-origin
https://secure.irusa.org
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
b
r.stripe.com/ Frame 656B 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1004ee1296e33ce213fb8f91025bfa0e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Thu, 15 Feb 2024 06:10:03 GMT
x-stripe-server-envoy-start-time-us
1707977403179830
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
5
x-stripe-client-envoy-start-time-us
1707977403179032
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 7438 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-1004ee1296e33ce213fb8f91025bfa0e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
green
date
Thu, 15 Feb 2024 06:10:03 GMT
x-stripe-server-envoy-start-time-us
1707977403237606
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1707977403236930
access-control-allow-credentials
true
content-length
0

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 boolean| isIE11 function| gtag object| dataLayer object| _paq string| TiktokAnalyticsObject object| ttq function| fbq function| _fbq function| snaptr function| pintrk string| adroll_adv_id string| adroll_pix_id string| adroll_version boolean| __adroll_loaded object| adroll function| rdt object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| GooglebQhCsO object| Drupal undefined| $ function| jQuery object| jQuery171024705991731136256 object| addthis_config object| addthis_share object| SpringboardSaf object| webpackChunkStripeJSouter function| noop function| Stripe object| _gaq object| FundraiserTotal object| FundraiserFee object| SpringboardStripe object| Cft object| FundraiserDiscount object| DonationValidation function| unload object| uetq object| dotq object| _qevents object| webchat string| _linkedin_partner_id object| _linkedin_data_partner_ids function| onYouTubeIframeAPIReady object| gaGlobal object| _scPxHelper object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels object| items string| goal_ids string| apiKey string| $key object| criteo_q object| gaplugins object| gaData object| _gat object| YAHOO function| quantserve function| __qc object| ezt object| _qoptions function| UET function| UET_init function| UET_push object| ueto_b2a76a8c30 function| lintrk boolean| _already_called_lintrk object| regeneratorRuntime object| NREUM object| newrelic object| platform function| TalkdeskChatSDK object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly function| __adroll__ string| adroll_sid object| __adroll boolean| adroll_sendrolling_cross_device object| adroll_form_fields object| adroll_third_party_forms object| adroll_third_party_detected object| adroll_snippet_errors function| adroll_tpc_callback object| __adroll_consent_data object| adroll_exp_list string| __adroll_url_category boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country object| ORIBILI

48 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: a7f2a00ede0641c48ce147a5fb3e8fd1
.irusa.org/ Name: _gcl_au
Value: 1.1.1001153212.1707977400
.irusa.org/ Name: _ga_359TZ1ZTY2
Value: GS1.1.1707977400.1.0.1707977400.60.0.582232950
.irusa.org/ Name: _scid
Value: ff2aaea5-6d38-4510-9b97-e754734e6c84
.irusa.org/ Name: _scid_r
Value: ff2aaea5-6d38-4510-9b97-e754734e6c84
secure.irusa.org/ Name: _pk_id.34.92a1
Value: b066870eb4063122.1707977401.
secure.irusa.org/ Name: _pk_ses.34.92a1
Value: 1
.irusa.org/ Name: _rdt_uuid
Value: 1707977400639.df9ebc78-e144-4cba-88c8-cd010e39f7e6
secure.irusa.org/ Name: cookies_enabled
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.tiktok.com/ Name: _ttp
Value: 2cOKtb2hSw0cKgYQxu3fK0N0mkI
.irusa.org/ Name: _ga
Value: GA1.2.991100817.1707977401
.irusa.org/ Name: _gid
Value: GA1.2.1455753509.1707977401
.irusa.org/ Name: _gat_gtag_UA_1975050_1
Value: 1
.secure.irusa.org/ Name: __utma
Value: 229009566.991100817.1707977401.1707977401.1707977401.1
.secure.irusa.org/ Name: __utmc
Value: 229009566
.secure.irusa.org/ Name: __utmz
Value: 229009566.1707977401.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.secure.irusa.org/ Name: __utmt
Value: 1
.secure.irusa.org/ Name: __utmb
Value: 229009566.1.10.1707977401
.irusa.org/ Name: _uetsid
Value: da25a2f0cbc811eea01137f4b72b3c20
.irusa.org/ Name: _uetvid
Value: da25e920cbc811eeaefec980db50117b
.irusa.org/ Name: _fbp
Value: fb.1.1707977400924.426250950
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 43c1dedf-8e2f-49c3-8f0b-b4c9c3e6d768
.pinterest.com/ Name: ar_debug
Value: 1
.secure.irusa.org/ Name: _pin_unauth
Value: dWlkPVpqZ3haV1F4WldRdFpUUTVNeTAwWmpJeUxUa3lOV0l0TURsaU9EbGhaalEwTjJaaw
.bing.com/ Name: MUID
Value: 0676D451CEC2684D144CC077CF4969B4
.irusa.org/ Name: market_source__initial_referrer
Value: (none)
secure.irusa.org/ Name: Springboard
Value: AftQW11LCYMlib4FxZXDuhbH1Hv7Ln44T83SX6rRUmu%2FJcv65xEeGYWUs4RxFdaz
.irusa.org/ Name: _tt_enable_cookie
Value: 1
.irusa.org/ Name: _ttp
Value: DOzDPm-SpMf_bdvwdTf_1_gLOJA
.linkedin.com/ Name: li_sugr
Value: fb906118-952d-482e-a563-3f89e9e4a641
.linkedin.com/ Name: bcookie
Value: "v=2&63937f63-1162-4889-8c3e-454beabf4895"
.linkedin.com/ Name: lidc
Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2700:u=1:x=1:i=1707977401:t=1708063801:v=2:sig=AQH3fzTXkgLZDws8eCetTY33IXBC_EdO"
.lightboxcdn.com/ Name: _cfuvid
Value: kUzZ0EpOPvxNHY0VSPAQH1C8WBjzpoaSxkQ.S2Fewls-1707977401207-0.0-604800000
.quantserve.com/ Name: mc
Value: 65cdaab9-334de-9b79a-197c6
.irusa.org/ Name: cto_bundle
Value: Y5UpWF9EV3h4RDZqZ1R4UkdEcXBMY1k1bkVvb2tYT1FMdk9pV3AxcTVXazlnWnRIenB6Nmw1SExva1NmJTJCbzZBT25ROEFpdyUyRjdraVVHVVBTZkpCcXFUJTJGT0xNbFV1SHJNTnEzQXVxZzRreW1RMXppRmhuWXRQJTJCOU1QQXpTJTJGd1JGRGV4RXlyVkl2UkU4ZWVUWWRoQyUyQmElMkZmbndwZyUzRCUzRA
.irusa.org/ Name: __qca
Value: P0-1312435431-1707977400856
.yahoo.com/ Name: A3
Value: d=AQABBLmqzWUCELRHDbjzUIovor73oyWylvIFEgEBAQH8zmXXZeAOyiMA_eMAAA&S=AQAAAiwCPssQKw6PH8VyR_-KUBI
.linkedin.com/ Name: UserMatchHistory
Value: AQKGLTtNw4TFKAAAAY2rYuPLdd68KxQKUlrYMuccuFLARedJJeVZUZg3RFosRNlGF9B7-eMFxPBJAQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLWiQWG2GNoNwAAAY2rYuPLb75vpkcUuiL1CBCoVGx1oM9u2JGULRpoAA8_X024PCUZkKSutoFEZMzinleDYQ
.irusa.org/ Name: __cf_bm
Value: ZWcDBqWkJGCHg8hFe8SCtsGfUmkU7EJ2O6Js6rjHUus-1707977401-1.0-AQJA+6FsKfPEHmiJn9m0CIz4rcxtl0CVRfGKPpwyAdU4B6jzDSB/BwZWlpWp2f3IzpcYyKcsmo4MxPb/vVrPOxo=
.www.linkedin.com/ Name: bscookie
Value: "v=1&20240215061001e8b8867e-15c5-47c1-8350-d4dfad5617cfAQEAPYRQtzeCm3UkOilb_Se6099t9s6f"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDc5Nzc0MDE7MjswMjE+jSF5PGsW6VEbSKWKGaHqE06Vwi1fXvFjbuPCWLbrPg==
.google.com/ Name: NID
Value: 511=m2tWTScYwJDG_jodmmSnMPWSvj998qCkiPA5QENTE2qBw7A5rH8vUHPed2nNR67hXI9fU95J8nyecvcKfdWM8PQ0cJornNI7X8qmcZ9wEptuTTjrCyNixb7OsG7QySJQDYsLIDfIBGfDWoJEFIuBwboZ587CYAcmDo1XKd4XxUg
m.stripe.com/ Name: m
Value: b3ec7b7d-57de-42f8-b078-daf763432d4c47ea04
.secure.irusa.org/ Name: __stripe_mid
Value: 28cb713e-5120-424f-80c2-d465c8b75cf34f877b
.secure.irusa.org/ Name: __stripe_sid
Value: 132fcf4d-f2d8-4a52-9bb5-55cbd89c0d841e9cfa

82 Console Messages

Source Level URL
Text
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
other warning URL: https://connect.facebook.net/signals/config/739508946444026?v=2.9.147&r=stable&domain=secure.irusa.org&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://secure.irusa.org/donate/pre-ramadan-2024
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
analytics.biggorilla.app
analytics.pangle-ads.com
analytics.tiktok.com
api.stripe.com
api.talkdeskapp.com
bat.bing.com
connect.facebook.net
ct.pinterest.com
d.adroll.com
d3w3r5c7xzin3t.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
irusa.org
js.stripe.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
mug.criteo.com
pay.google.com
pixel.quantserve.com
play.google.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.stripe.com
qa-cdn-talkdesk.talkdeskdev.com
r.stripe.com
region1.analytics.google.com
rms.gospringboard.io
rules.quantcount.com
s.adroll.com
s.pinimg.com
s.yimg.com
s7.addthis.com
sc-static.net
secure.irusa.org
secure.quantserve.com
snap.licdn.com
sp.analytics.yahoo.com
ssl.google-analytics.com
static.criteo.net
stats.g.doubleclick.net
talkdeskchatsdk.talkdeskapp.com
tr.snapchat.com
tr6.snapchat.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.lightboxcdn.com
www.linkedin.com
www.redditstatic.com
104.77.153.11
13.107.42.14
13.32.23.29
141.193.213.11
143.204.207.250
151.101.0.176
151.101.0.84
151.101.129.140
151.101.129.91
151.101.65.91
198.202.176.201
2.19.96.186
2001:4860:4802:32::36
212.82.100.181
23.206.23.103
2600:9000:223c:c600:6:44e3:f8c0:93a1
2600:9000:235a:4400:e:6b13:2100:93a1
2600:9000:2644:8800:6:9280:1080:93a1
2600:9000:275d:fa00:9:7301:d4c0:93a1
2606:4700::6813:d383
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:80b::200e
2a00:1450:4001:812::2003
2a00:1450:4001:812::2008
2a00:1450:4001:812::200e
2a00:1450:4001:813::2008
2a00:1450:4001:81c::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9d
2a00:1450:400c:c02::5c
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:3500:16::215:1496
2a02:26f0:3500:893::1931
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42::396
2a05:d018:cc3:fe04:f5fd:4976:c387:11c
2a06:98c1:3120::3
3.228.185.246
34.241.54.72
35.190.43.134
52.203.133.210
54.187.119.242
54.202.109.213
99.86.4.122
00e51b8694aca8cd2cec34792b6956e1df477fe5dc029e254f83fe7d7fad30d3
036ebf88be8dcc56c7528d111851c036e6a9efb24e61d1d92208f7e405f8f42e
049b08f66a3dc94df89d6b7ea92a46b6dca67eabe92b67b28c39b3eb420f02f8
05455e65628a9de8a6efdc9d1712e3c03a5609ca4a4f9dce455c2b3e1c202887
0701ce3bad3360b726b4f6930babef1b5ce8e6ce1c231e71627287bb7db34ade
078a0613c3e3539c847145a866f528c30236910971af67364d8412077a94d79c
0a03892780efd79816665244298206a2a67a1cf999c2ba47154f9387e33453d1
0c5280ab7fb401510308be5e130bb0b9e7146ce40dbadf4ee0112532658ff471
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
0e1ec1c8c6a0bd614d2c5cda283630e1dc34b4231d04aa2b304a8aee90d7db5d
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
102576977cfbca21dfdb2c1169801f04e204ca1ed8c603c71fc9959cd0739eba
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12adb5bef0d6fa7ba4632db448c79d33042ae1f2a262d471a30a1ac07677f41d
12e5bfd7fe5afa298a0a6cb6d88ac4b80aa383a5ad05b0164d7b7495632f3015
15206059b1193773426292f9308891fa641157df77b08524ff746eb44c3165b1
16c8ebd9d3cbd85676c5bed69f400a11af30e6809e7dbc81796cc4df5bcf8e4b
1977998ec1e2d331fec71c7e5aa4367d397f745b6d8204ae45004a793da1bab9
1aaf60a81d664d1aeeeffcc14a9a5f3d058cccd37a689c66d2c5a480cba6a243
1f4ae55c06f0f665ad1e676c964652a48ea1e417d123d94db4583ee65517ccc9
20b48842f03f5f25fc99e3f34235769e639ce5d1560cc00bf025b6a43fc21569
212e1c8634551e91e3e43cf70ff6bbb929a207d81566657af937a5e117fa0071
219776f9ee1a6037dfcdc7cabf123f1ae934679f4f63a9b4618d402df69774c5
2301b3e0ad44c68290921da9cec7116c35ec781ecd01fb2e2d40577d11e55c3d
243a883105300b38802320171655c86d0f974ebc339a319228b9d91363eb93be
2d3a441e86304f03a8143177fa6d532e4e7ed227cb76b46e347c131b23a00ae0
306d2a6602684ed92b52f88e6c9f796e056ed96f3db412cf36f6df1b8e5a7874
31222e613752964afca69727b0b6c940341af5870cd3d52ea5665f6933baa7a0
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
381b6a278497c783394357bcd9278865399547ae2d86ba2a940aa958f0dbe0f8
388dd3977b715e2b5c2e1a6fdda405951cba7c21ba0fca3e0cb6be0f17c8e875
394538fead495311b38afe0d3da0fd7a1839b96e434ef69db1e8b63106c8c687
3ba25e3b25d77e28903b431c589f20ea5a41cf83251a40862247a7b01b4680a1
41b98c57dbe2a6c7a9e86497f1ffcf4ca102e86480be8cef7272a55855324355
428573ea8d471499c805dc4fc7642dbfe3a40db95c425099583fe10ee39b1bbb
4412b85958a9f87426afe9fd9a378e1e96de47be49b7d97b2a4373c3945ef3df
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
47ba446daba925d46e99af07a1f67b1fe0f6b61b7dab89bffa23eb5d2819e4a9
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
48ce5810e9c37aaf2076f84ffe1cd46b0ea4e6458811c3b310cf9bf39342619b
4c86a73406f64b212f4b5bfe46a80a064584d8d655afccff3f85c25e933db409
4d3337c243fd2997450eada372bc50705c72d3bb2fe80bcb3c074be6e39b1ffe
4e7140f58b2b89a1c8ffba6df69a1e845f6e8fee48987276a7523b8244191c3e
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
567fc4b363c4f841702ad5e0692898ff28b40494b30455f69d8449008d0892d8
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
61d7c0602546fdcbfe48d926e1a1401c86baa64ed6476aafba36dc8dab3361c9
621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9
624b01012b4059b82aacbdf7c51c5a4cd1a8d8fc4c16f0dd5d09d27d3b5e25ed
6b76b05234ae0c2d119b53a4f07fd5d2a673bebe6f67d6b98b0e40128542064e
6cc35ca80a8e729541e15198c3a17d1c338d1df6f7eb7bf086ad1fafaee47313
6d85b4e93245e49003b3ec3076c49380f50ff20cbf81d6ee948ba3ef81ce4002
6dfe587ef3cb404c41f9a57b0310aa894d99ec2cdf82407bca52478bf49f90d9
6e28c9ce31e9d897ec8c3f9bcbf76c99e9649ee116f2eb49955dcbf486e6f405
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5
766d364ea5db78fc79f8436ab716e10f87937c36e615f09991c9e2cfecec2e3d
77f250725de074883a574208c1ca81ffff72a58e3a595409d56a8535da44af80
78c72f9598d5933bc9866677ff02318e99bbd7752efc2cf892955cc0765a5ecf
79cde34316ae643e64a9061b92d0f942b60bb70b4bb09be2ab1a960a6521b296
7a33d3f5a4ba68a201eed2239000a1b8c97c5323212c5587e1475aed8b272573
7ce23da17da91f56d98299a0e923f3faf00e20bc1b1334aa23aaed56283fdaeb
7f546c11e8da9f649a54d3e382533d47f071ea968fac646a5e8a892c172e8319
7faa6ea9df751b404b3e6fcbc07d107b55abdb5333c3114f1a343a90163bbb56
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855877471b1561e620841c595d2e6d5c9e9ad1ae3a8a6bbc44457a90332d2ecf
8bdd0bd9d3b37cd0aca3491755a4cea0f41090ced3ab96bdd055fbde82b795f4
8bfaa36a529df63a44fae6b8f1d0f26ae527a5ea3dd372122523fa9a0c069699
946664fe3dffeee8690b2a56a7bf0378433e2457d2b14c5ccf98904d4d559d9c
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9546faf955d4b538c32eaafa58cdc1867a1e2033b555222711adec7553904ae5
97a5d212cb8686717ef079a2f1a50104b0b3f3a6f97ce05736e53e7748ca07a0
9a8915aea1dbb6b2ef9752558fd5d49345859c75806cb19bdae6bbdca814e667
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a40ac083d7ed74f78f3770395061f8f6850745a196ab2fe1643bf46b64ffd78f
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df
ab23692ba7f4807cd7548356b9576ca33e6b59f89d94f856494261bdc7638204
ab399e6207df86a86de63f50efea132751655861094cfc293b81ead6433229d4
af1387f108d8334ad84efd94efc9d1a632fbd0c7fa372f236f6223b22cd00850
af4978e7b7362605de6f6a31881e37963bdbd24b5f0f91c1d3fe8242431615ad
b1c4853f87ee676fa7610760cb0d33da5d53e1c011be7a34d9de03ec4b7b4f3c
b519c652777c636add992fcfc14ff1360572af19ba11151ea78c17d3c44d153b
b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0
b76e4b3ea1e3bcb46dea8a41d640f8466f7cb123feb8c0bf87a4bf13ea66d6da
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
c44fab5ab25ff9f9dc07aced65f77686ec6a831bb858efaac266ba5deaf7d26e
ca17697042f4b65cfbd37638ef574652e0e18aefcad70ae502212d430270efd1
cd7d76c17a22a13525ff9eb5b6d87f4ee28b1897d8ce27e3e93d0c5988ba0f3d
ce132024752c83a983a1aed4d32da396467fb32c178aef75ac527c9e05a1a906
d0721ac91b973b019d6f365bafb54fe794c973f88277924c036e25a077f5feaa
d22ed315cee780823738ca5069b4b7ac4c5a86890e523ea6f0a762cf4614337f
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
db20aa54e064d5cb11043374521ef71c5ebec243416b9e504ceca7af65e2d316
ddfb624caa4045659ee317be45d5f857ce64ef36525fa0e090b75eede8d53ed7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73d9f15dd9389d211722577a1bbc11a9a07adf8071344f6a688e9af7f024009
e985a8922a7ec41cbdd45d7712c04a4e2e024e2354619d34713077025618d9dd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01f54bc328fcfa39cfcd4ef66179b970b8f7c2dea8a681c30f866d94f4c956b
f19e4f9e294ea1480dc0938c0556857414bbb495109cc199ab54841e914990da
f595ce38ffe0750d53034e0eff5ff88a862adc743d4d6c7e7d5935730f38af64
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f8e37527996d0530694a2a8ddf6afdcf28cc8a05e50ce3ce9d3f2f743b04659f
f92bf7961e006c1fdbb3f807799286b22b4596f0c2c9e59d6b4586c8a29c009e
fbf6e30593cbfad8e4545f60df41817b333e8c179a380741521f10c7b89b64e2
fcb063ccfd5f29f026933265aec9ef4d3f6855a1a6fdea1a950c7418a7b4e569
fedfc64728beee4dcdf576abb2dd3c44b462afc3b5db8c53704629a1ee6dd14c
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876