Submitted URL: https://eml-pusa01.app.blackbaud.net/intv2/j/F3D6B226-623D-4D8B-8B97-081073A17F1B/r/F3D6B226-623D-4D8B-8B97-081073A17F1B_0b3e03b2-8c3...
Effective URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtn...
Submission: On March 02 via api from US — Scanned from DE

Summary

This website contacted 21 IPs in 3 countries across 17 domains to perform 124 HTTP transactions. The main IP is 2606:4700::6812:c55f, located in United States and belongs to CLOUDFLARENET, US. The main domain is give.glwd.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 3rd 2023. Valid for: a year.
This is the only time give.glwd.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.209.152.250 8075 (MICROSOFT...)
16 2606:4700::68... 13335 (CLOUDFLAR...)
14 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:2800:233... 15133 (EDGECAST)
4 2600:9000:225... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 142.250.186.162 15169 (GOOGLE)
1 52.143.247.24 8075 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.33.187.40 16509 (AMAZON-02)
20 99.86.4.9 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42::649 54113 (FASTLY)
6 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:25e... 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
3 44.240.111.178 16509 (AMAZON-02)
7 54.186.23.98 16509 (AMAZON-02)
1 198.202.176.141 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
124 21
Apex Domain
Subdomains
Transfer
31 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1155
m.stripe.com — Cisco Umbrella Rank: 1134
r.stripe.com — Cisco Umbrella Rank: 2301
merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5082
940 KB
30 google.com
pay.google.com — Cisco Umbrella Rank: 2753
play.google.com — Cisco Umbrella Rank: 33
841 KB
16 glwd.org
give.glwd.org
142 KB
15 gstatic.com
fonts.gstatic.com
www.gstatic.com
416 KB
14 classy.org
prod-frs.content.classy.org — Cisco Umbrella Rank: 49665
pay.classy.org — Cisco Umbrella Rank: 54601
assets.classy.org — Cisco Umbrella Rank: 59656
2 MB
4 transcend.io
cdn.transcend.io — Cisco Umbrella Rank: 6078
128 KB
3 doublethedonation.com
files.doublethedonation.com — Cisco Umbrella Rank: 70473
131 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1243
16 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 66
69 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 760
31 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
1 plaid.com
cdn.plaid.com — Cisco Umbrella Rank: 14533
45 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 709
3 KB
1 tokenex.com
htp.tokenex.com — Cisco Umbrella Rank: 32829
5 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 124
18 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 788
7 KB
1 blackbaud.net
eml-pusa01.app.blackbaud.net — Cisco Umbrella Rank: 132519
373 B
124 17
Domain Requested by
24 play.google.com www.gstatic.com
20 js.stripe.com cdn.transcend.io
js.stripe.com
16 give.glwd.org give.glwd.org
cdn.transcend.io
10 prod-frs.content.classy.org give.glwd.org
cdn.transcend.io
prod-frs.content.classy.org
8 www.gstatic.com pay.google.com
www.gstatic.com
7 r.stripe.com js.stripe.com
7 fonts.gstatic.com fonts.googleapis.com
6 pay.google.com js.stripe.com
pay.google.com
www.gstatic.com
4 cdn.transcend.io give.glwd.org
cdn.transcend.io
3 m.stripe.com m.stripe.network
3 files.doublethedonation.com give.glwd.org
files.doublethedonation.com
cdn.transcend.io
2 m.stripe.network js.stripe.com
m.stripe.network
2 assets.classy.org
2 pay.classy.org cdn.transcend.io
2 www.youtube.com cdn.transcend.io
1 merchant-ui-api.stripe.com js.stripe.com
1 code.jquery.com cdn.transcend.io
1 fonts.googleapis.com cdn.transcend.io
1 cdn.plaid.com cdn.transcend.io
1 unpkg.com cdn.transcend.io
1 htp.tokenex.com cdn.transcend.io
1 www.googleadservices.com cdn.transcend.io
1 static.cloudflareinsights.com give.glwd.org
1 eml-pusa01.app.blackbaud.net 1 redirects
124 24
Subject Issuer Validity Valid
give.glwd.org
Cloudflare Inc ECC CA-3
2023-04-03 -
2024-04-02
a year crt.sh
classy.org
Cloudflare Inc ECC CA-3
2023-04-03 -
2024-04-02
a year crt.sh
snie5b5gl.wpc.edgecastcdn.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-04-17 -
2024-05-17
a year crt.sh
transcend.io
Amazon RSA 2048 M02
2023-06-20 -
2024-07-18
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-04-10 -
2024-04-09
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
api.tokenex.com
Go Daddy Secure Certificate Authority - G2
2024-01-08 -
2024-12-14
a year crt.sh
secure.plaid.com
DigiCert EV RSA CA G2
2023-03-09 -
2024-04-08
a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2024-02-07 -
2024-05-09
3 months crt.sh
*.google.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
pay.classy.org
Cloudflare Inc ECC CA-3
2023-04-08 -
2024-04-07
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
*.gstatic.com
GTS CA 1C3
2024-02-05 -
2024-04-29
3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1
2024-02-26 -
2024-05-23
3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2024-02-26 -
2024-05-23
3 months crt.sh

This page contains 10 frames:

Primary Page: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw
Frame ID: 453A052CA05CCA7A11F36BBA4B56156B
Requests: 54 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: C57F4F15E3AD06D82B8A52A9736CAA47
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-84b3483cf4b9ef779ca0ec217fc9000d.html
Frame ID: 3315909C65CBCDE73190C145E099A6DE
Requests: 13 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-d14a5469a6305356e3c959539c2d4cb6.html
Frame ID: 3CA6654AF16530747D0C0202E644A438
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-58c38f84423fe3c49a9fbdcb18155068.html
Frame ID: BEF0D65F22974736ECB0DBE22038DEE9
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: AF63C84D28C1EDC83978E8ABAA6D1BB9
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-d14a5469a6305356e3c959539c2d4cb6.html
Frame ID: FD0FFC95931357DE908E66C9FB911AF5
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-58c38f84423fe3c49a9fbdcb18155068.html
Frame ID: A4BACB0168940DC310A85F4400D2E70C
Requests: 3 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 46385631F187C264DA1C4E630F02109A
Requests: 12 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: A3349282D6F82F213C24D443E346930B
Requests: 12 HTTP requests in this frame

Screenshot

Page Title

Donate to Help Vulnerable New Yorkers

Page URL History Show full URLs

  1. https://eml-pusa01.app.blackbaud.net/intv2/j/F3D6B226-623D-4D8B-8B97-081073A17F1B/r/F3D6B226-623D-4D8B-8B97-08107... HTTP 302
    https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

124
Requests

100 %
HTTPS

64 %
IPv6

17
Domains

24
Subdomains

21
IPs

3
Countries

4470 kB
Transfer

15398 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://eml-pusa01.app.blackbaud.net/intv2/j/F3D6B226-623D-4D8B-8B97-081073A17F1B/r/F3D6B226-623D-4D8B-8B97-081073A17F1B_0b3e03b2-8c3b-44cc-be1d-71b54bd17719/l/EE593FA3-C83E-47C8-B7E4-4AB8E74C6193/c HTTP 302
    https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

124 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
give.glwd.org/give/244921/
Redirect Chain
  • https://eml-pusa01.app.blackbaud.net/intv2/j/F3D6B226-623D-4D8B-8B97-081073A17F1B/r/F3D6B226-623D-4D8B-8B97-081073A17F1B_0b3e03b2-8c3b-44cc-be1d-71b54bd17719/l/EE593FA3-C83E-47C8-B7E4-4AB8E74C6193/c
  • https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw
853 KB
116 KB
Document
General
Full URL
https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
385d5b7268903d90368edac028aeca3a8a8a1ca3f0b10f13537e77d3a4d1bd53
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
85e44caf6cf81cb5-FRA
content-encoding
br
content-security-policy
frame-ancestors 'self';
content-type
text/html; charset=utf-8
date
Sat, 02 Mar 2024 20:57:31 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

cache-control
no-store, must-revalidate, no-cache
content-length
0
date
Sat, 02 Mar 2024 20:57:30 GMT
location
https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
request-context
appId=cid-v1:d9704f59-4177-4f42-bad9-b1a9a5e5e02c
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
main.css
prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/frs/
1 MB
147 KB
Stylesheet
General
Full URL
https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/frs/main.css
Requested by
Host: give.glwd.org
URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13c9eba319b411d9711a1c997322107310af7f7938aac1ec8f9cdc7c662bb9e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.glwd.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:57:31 GMT
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
content-encoding
br
x-amz-version-id
E6FKWDx6ckzg_hHt5xQv543iTPKpIdtc
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains
age
73510
x-amz-cf-pop
FRA60-P1
cf-polished
origSize=1157383
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cf-bgj
minify
last-modified
Mon, 26 Feb 2024 22:01:37 GMT
server
cloudflare
etag
W/"11b98414c1291ac908504e9bb0606e37"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
cf-ray
85e44cb64f6e037c-FRA
x-amz-cf-id
ofNIiroCz0er8lcBkGoFONV98w1RueDPnWuV3ERjVm_e5KHNRbraNQ==
ddplugin.css
files.doublethedonation.com/app/
141 KB
17 KB
Stylesheet
General
Full URL
https://files.doublethedonation.com/app/ddplugin.css
Requested by
Host: give.glwd.org
URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD5) /
Resource Hash
60891a54df49aac87f56b67ebcd37582eae4b01e7b20b35b5b141a5ddd7e66c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.glwd.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 02 Mar 2024 20:57:31 GMT
content-encoding
gzip
content-md5
ZRi6wreqb8lyrsIdYQAn/Q==
age
1532
x-cache
HIT
content-length
16794
x-ms-lease-status
unlocked
last-modified
Fri, 01 Mar 2024 21:24:51 GMT
server
ECAcc (frc/4CD5)
etag
0x8DC3A3607B96985
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
x-ms-request-id
9b40be8e-e01e-005d-75e0-6c4f83000000
cache-control
public, max-age=3600;
x-ms-version
2009-09-19
expires
Sat, 02 Mar 2024 21:57:31 GMT
airgap.js
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/
131 KB
45 KB
Script
General
Full URL
https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Requested by
Host: give.glwd.org
URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:aa00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
aa23f68b3d5c7eed8f0ebfa79457437800fa6d915b50755195217fc6d3d0916d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.glwd.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:57:31 GMT
content-encoding
br
via
1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
referrer-policy
strict-origin-when-cross-origin
server
CloudFront
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P2
x-content-type-options
nosniff
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
max-age=60,s-maxage=86400
x-amz-cf-id
sfkUt4wZRvfZ8eIvX9UVrbWZXJZwBYT5MHD19nixBQVGmbpRoV3F-g==
x-xss-protection
1; mode=block
fontello.css
files.doublethedonation.com/fontello/css/
0
0
Stylesheet
General
Full URL
https://files.doublethedonation.com/fontello/css/fontello.css
Requested by
Host: files.doublethedonation.com
URL: https://files.doublethedonation.com/app/ddplugin.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Blob Service Version 1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://files.doublethedonation.com/app/ddplugin.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires
Sat, 02 Mar 2024 21:57:32 GMT
x-ms-request-id
9f0c0748-a01e-005c-0de4-6c105f000000
date
Sat, 02 Mar 2024 20:57:32 GMT
cache-control
max-age=3600
server
Blob Service Version 1.0 Microsoft-HTTPAPI/2.0
content-length
223
content-type
application/xml
rocket-loader.min.js
give.glwd.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://give.glwd.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: give.glwd.org
URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:57:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Tue, 27 Feb 2024 15:42:08 GMT
server
cloudflare
content-encoding
gzip
etag
W/"65de02d0-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
85e44cb79bdc1cb5-FRA
expires
Mon, 04 Mar 2024 20:57:32 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/
20 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: give.glwd.org
URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://give.glwd.org/
Origin
https://give.glwd.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:57:32 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
85e44cb86ddd694f-FRA
ui.js
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/
267 KB
77 KB
Script
General
Full URL
https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/ui.js
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:aa00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a77f5e7aa207c37450c588a74a423e46b0bf14e0f1c4b49ae6c567368d46f46f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://give.glwd.org/
Origin
https://give.glwd.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id
pGLiXkBTZEwR1GE0xA6XjctsUE08zxMZ
content-encoding
gzip
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
date
Sat, 02 Mar 2024 04:50:15 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P2
age
59624
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
inline
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 20 Sep 2023 22:16:07 GMT
server
AmazonS3
etag
W/"fc84468acd1aa46963b34967f73979cb-1"
x-frame-options
SAMEORIGIN
access-control-max-age
3600
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=60,s-maxage=86400
vary
Accept-Encoding
x-amz-cf-id
42niAC2QZRgCXc1DNZ6C9_oepyNbtTHTxnmRE-_SBTovXZplfnIhNQ==
conversion_async.js
www.googleadservices.com/pagead/
48 KB
18 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
b223709f74c496ba99f4f5076954de3490d7101b1191976fa97b624e49bb3104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.glwd.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:57:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17842
x-xss-protection
0
server
cafe
etag
7848019278419967314
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 02 Mar 2024 20:57:32 GMT
iframe-v3.min.js
htp.tokenex.com/iframe/
19 KB
5 KB
Script
General
Full URL
https://htp.tokenex.com/iframe/iframe-v3.min.js
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.143.247.24 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
27230c5af91b76c15e054c4d88048027c9045d2f1411fdbf082d074173ffcadb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.glwd.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 02 Mar 2024 20:57:32 GMT
last-modified
Tue, 23 Jan 2024 18:10:29 GMT
etag
"80585972274eda1:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
4905
x-xss-protection
1; mode=block
paypal-js.legacy.min.js
unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/
7 KB
3 KB
Script
General
Full URL
https://unpkg.com/@paypal/paypal-js@4.0.8/dist/iife/paypal-js.legacy.min.js
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.glwd.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:57:32 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
8183937
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HGCJGBMWB5Z0JMFNTKRX8F8X-fra
server
cloudflare
etag
W/"1b81-IpiDV5HCNI7yT2mRdGuH3F1n0RQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
85e44cb8bcf52c4f-FRA
module.min.js
prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/frs/donation/
184 KB
38 KB
Script
General
Full URL
https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/frs/donation/module.min.js
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b76d55ce69f335df0f011ca7ad04fa9cc9f34d3e0ffc6ee347d1019140b43e88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.glwd.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:57:32 GMT
x-amz-version-id
Y.XEaIyspRD.m.USeOqAMDWriqxOEzQO
via
1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P1
age
73367
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 26 Feb 2024 22:01:37 GMT
server
cloudflare
etag
W/"3d2baa7d6c5e50df0435a559f0b0c380"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
85e44cb8391b037c-FRA
x-amz-cf-id
k8bKDKxmpm2fg7T0NlhnNvx4oYj4XRAQ5HPPyqIL5KWMjzgSRbdDQA==
module.min.js
prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/
2 MB
392 KB
Script
General
Full URL
https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/module.min.js
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87d48af85ba0878ccd67abaaf1caf5067d42f34bbc72a711aa1c550c25a3d122
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.glwd.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:57:32 GMT
x-amz-version-id
hceFC_Q1R1Z9e8_yQ5iWTpVl3ZDCH5zx
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P1
age
73621
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 26 Feb 2024 22:01:38 GMT
server
cloudflare
etag
W/"9a358576b39eaffd421fcaa961ab4a2e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
85e44cb8391d037c-FRA
x-amz-cf-id
7jImw1qAEscKIaQVYfDL4_vDDKUSsHH9yPKUaG4m_GKxXTDvdF_bww==
libs.min.js
prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/
1 MB
429 KB
Script
General
Full URL
https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/libs.min.js
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ac2455757fbb14a9fa21a8afce49055f48f28e20e4e41a8f5eee9c5a2dc3f3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.glwd.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:57:32 GMT
x-amz-version-id
BFymUfF8wIpfaElebO0fQT8R66GzYb.Q
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P1
age
73621
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 26 Feb 2024 22:01:38 GMT
server
cloudflare
etag
W/"89ff3b468454fac32729fc74e3c9be17"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
85e44cb8391f037c-FRA
x-amz-cf-id
Q0OJnL1A4RyOvfyBM2bMw5zF6wQY1zFo6g6qk33TAEniPdRsfQsrbA==
link-initialize.js
cdn.plaid.com/link/v2/stable/
147 KB
45 KB
Script
General
Full URL
https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-40.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
81c53e0d83f194d8763382eeee30295001e37a6dff8942e40a1593887d972e78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.glwd.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id
xFRIPCuDTzbKNkIht7wpW3TPxm6v1ir9
content-encoding
gzip
via
1.1 de048058a16d8205bfbc06a8f2eefb34.cloudfront.net (CloudFront)
date
Sat, 02 Mar 2024 16:55:21 GMT
x-amz-request-id
5XKE18G2BYRFQHXW
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
age
14583
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-id-2
Xm/9aeB5xuE9kng8XW9VHFi8rkTCfRJy/uETc94ZQFHrm/UYg/ajNlPJFmBgRZ+CFiK8zC0qAQ4=
last-modified
Fri, 01 Mar 2024 16:40:39 GMT
server
AmazonS3
etag
W/"689d2ed97f3fecdfd1a0675cda0a19b2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,must-revalidate,max-age=0
x-amz-cf-id
CcNrZOlcrEVw6_D9VdzfSx0bsUD72OtfhcgK3_CQO7cJIsE84NErOQ==
/
js.stripe.com/v3/
602 KB
148 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b46819f3527d5c0b193a616ef38bb89cc69ca583c1d2b5e97556d6293a783738
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.glwd.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:56:43 GMT
content-encoding
br
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
54
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 01 Mar 2024 23:20:32 GMT
server
Cloudfront
etag
W/"bc70d4f82ce42990bafe0b44cd268008"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
P6k4D_p_criVZRCCnraeBp2RIrVBDqbQtvUn5_zGwYBG8Q_7ze-9xw==
ddplugin.js
files.doublethedonation.com/app/
443 KB
114 KB
Script
General
Full URL
https://files.doublethedonation.com/app/ddplugin.js
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C94) /
Resource Hash
2370765c85bb23eb91c9c64564a7e269922565444edd704ea1d25df0de51c73a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.glwd.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 02 Mar 2024 20:57:32 GMT
content-encoding
gzip
content-md5
qL/kX4zuCxNHPXftIZAkjw==
age
1096
x-cache
HIT
content-length
116375
x-ms-lease-status
unlocked
last-modified
Fri, 01 Mar 2024 21:24:51 GMT
server
ECAcc (frc/4C94)
etag
0x8DC3A3607C50096
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-ms-request-id
35087f0c-701e-002d-28e1-6cf674000000
cache-control
public, max-age=3600;
x-ms-version
2009-09-19
expires
Sat, 02 Mar 2024 21:57:32 GMT
cm.css
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/
15 KB
4 KB
Stylesheet
General
Full URL
https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/cm.css
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:aa00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1da2ece3369af4c663f11daa62f4e591806f0c1ce17e17f0a4162d0d09455c5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.glwd.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id
JWSMp_NTaRFeSeqpmxFPkel0LiL4cMwY
content-encoding
gzip
via
1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
date
Sat, 02 Mar 2024 07:41:24 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P2
age
66678
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
inline
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 20 Sep 2023 22:16:07 GMT
server
AmazonS3
etag
W/"fb3f2afd9f46893bb196329ab90276a6-1"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=60,s-maxage=86400
x-amz-cf-id
nMESsqswkXFchcGaQf_BlCkbwoako6JSewsWmzRntHyX90dR5SEkmw==
en.json
cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/
8 KB
2 KB
Fetch
General
Full URL
https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/translations/en.json
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:aa00:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
29cfebbdf0a9801764f1c5bec42a56fd773d4290821ecb6b5553f511c200815c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.glwd.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id
Pw3hE5sAYQ0kvHESktDQjUKbfeKteOb6
content-encoding
gzip
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
date
Sat, 02 Mar 2024 06:45:58 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA60-P2
age
63757
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
inline
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 20 Sep 2023 22:16:07 GMT
server
AmazonS3
etag
W/"ecabc5423541bd640b7f7a45cb696671-1"
x-frame-options
SAMEORIGIN
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=60,s-maxage=86400
vary
Accept-Encoding
x-amz-cf-id
lPJO6qXyi5XvoeC21AJKeTnGCUU9iuFuiHa_Yk-Lx0vM2o2X0g_Jng==
sdk.js
give.glwd.org/sso/
27 KB
7 KB
Script
General
Full URL
https://give.glwd.org/sso/sdk.js
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfd7b9d1a802acafdc8f9334d69406b7db612b94559c16fa684f5dab315a5aa9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:57:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sat, 02 Mar 2024 13:00:05 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=1200
cf-ray
85e44cba5ddf1cb5-FRA
expires
Sat, 02 Mar 2024 21:17:32 GMT
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame C57F
200 B
1 KB
Document
General
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.glwd.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1126
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 02 Mar 2024 20:38:46 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Tue, 27 Feb 2024 21:03:50 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-id
QbaKFd3ozM64zvhFJz-vAlWxAStETM6jS7o9WsZINp9m00c5XGIvsw==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
iframe_api
www.youtube.com/
993 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ccc34b72f1ee40d357ad859c24f527a447f1c8c5ee27e90b0953dd8c63ab4ab2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.glwd.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:57:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Sat, 02 Mar 2024 20:57:33 GMT
channel-events
give.glwd.org/frs-api/organizations/63573/
781 B
797 B
XHR
General
Full URL
https://give.glwd.org/frs-api/organizations/63573/channel-events
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1492535e00f0a481724043224ef41b4d615298374029d88b7fa4e363cc240264
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN
AGauW5og-wTJgN9CZRWXZdkeFwdlwhqzd0GQ
tracestate
423787@nr=0-1-423787-363751183-b630f59694abe5e0----1709413052957
traceparent
00-721494c61095266e3fe47f895a4716a1-b630f59694abe5e0-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJiNjMwZjU5Njk0YWJlNWUwIiwidHIiOiI3MjE0OTRjNjEwOTUyNjZlM2ZlNDdmODk1YTQ3MTZhMSIsInRpIjoxNzA5NDEzMDUyOTU3fX0=
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
csrf-token
AGauW5og-wTJgN9CZRWXZdkeFwdlwhqzd0GQ
Referer
https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw

Response headers

date
Sat, 02 Mar 2024 20:57:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
etag
W/"30d-1Poj0Gc8maT8RT9i77hlyMXkjkE"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
85e44cbd183e1cb5-FRA
market-data
give.glwd.org/frs-api/crypto-giving/BTC/USD/
37 B
147 B
XHR
General
Full URL
https://give.glwd.org/frs-api/crypto-giving/BTC/USD/market-data
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c989ca93fbe23e0f7624b9b1b08443f8bb16943dad3cc38fc642cab464665fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN
AGauW5og-wTJgN9CZRWXZdkeFwdlwhqzd0GQ
tracestate
423787@nr=0-1-423787-363751183-9842497b1222051b----1709413053043
traceparent
00-e632a1356e403a2564d72fc6b7ba838e-9842497b1222051b-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI5ODQyNDk3YjEyMjIwNTFiIiwidHIiOiJlNjMyYTEzNTZlNDAzYTI1NjRkNzJmYzZiN2JhODM4ZSIsInRpIjoxNzA5NDEzMDUzMDQzfX0=
Accept
application/json, text/plain, */*
csrf-token
AGauW5og-wTJgN9CZRWXZdkeFwdlwhqzd0GQ
Referer
https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw

Response headers

date
Sat, 02 Mar 2024 20:57:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"25-gSLRaq2tLQND2E3l1VIQwa54N4o"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cf-ray
85e44cbda89a1cb5-FRA
content-length
37
tax-entities
give.glwd.org/frs-api/organizations/63573/
629 B
390 B
XHR
General
Full URL
https://give.glwd.org/frs-api/organizations/63573/tax-entities
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4c03938152d5b9f54cbac9cf722a838f18ad7561df549497ace7d02c4aa489d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN
AGauW5og-wTJgN9CZRWXZdkeFwdlwhqzd0GQ
tracestate
423787@nr=0-1-423787-363751183-0e329f062aca0127----1709413053044
traceparent
00-df6b6408dd63cd6ac4ca5642d991fdfa-0e329f062aca0127-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiIwZTMyOWYwNjJhY2EwMTI3IiwidHIiOiJkZjZiNjQwOGRkNjNjZDZhYzRjYTU2NDJkOTkxZmRmYSIsInRpIjoxNzA5NDEzMDUzMDQ0fX0=
Accept
application/json, text/plain, */*
csrf-token
AGauW5og-wTJgN9CZRWXZdkeFwdlwhqzd0GQ
Referer
https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw

Response headers

date
Sat, 02 Mar 2024 20:57:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
etag
W/"275-Cvt2A95UOPsZJU1n6adumAuEPOM"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
85e44cbda89e1cb5-FRA
channels
give.glwd.org/frs-api/campaigns/244921/
1 KB
553 B
XHR
General
Full URL
https://give.glwd.org/frs-api/campaigns/244921/channels?filter=channel_name%3DDoubletheDonation
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
107b5f1de78a45a6ccd756d2465912ebfaf78329d705403ed95c5a2cfe7b3c78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN
AGauW5og-wTJgN9CZRWXZdkeFwdlwhqzd0GQ
tracestate
423787@nr=0-1-423787-363751183-e228f355c9a34e78----1709413053044
traceparent
00-9969caf89cd1303339f16e60ac821f2e-e228f355c9a34e78-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJlMjI4ZjM1NWM5YTM0ZTc4IiwidHIiOiI5OTY5Y2FmODljZDEzMDMzMzlmMTZlNjBhYzgyMWYyZSIsInRpIjoxNzA5NDEzMDUzMDQ0fX0=
Accept
application/json, text/plain, */*
csrf-token
AGauW5og-wTJgN9CZRWXZdkeFwdlwhqzd0GQ
Referer
https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw

Response headers

date
Sat, 02 Mar 2024 20:57:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
etag
W/"40d-I1iZB6/j7hitEzhD1hTXmDcosIY"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
85e44cbda8a01cb5-FRA
plaid
pay.classy.org/token/
88 B
699 B
XHR
General
Full URL
https://pay.classy.org/token/plaid?applicationId=11881&currency=USD
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://give.glwd.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:57:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-classypay-version
1
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-classypay-requestid
e140f66d-dccb-4333-be42-fc7978bf9bbe
cf-ray
85e44cbe5e455d49-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
bed33708-c361-11e9-bf62-0e2014f4a922.jpg
assets.classy.org/9740805/
544 KB
546 KB
Image
General
Full URL
https://assets.classy.org/9740805/bed33708-c361-11e9-bf62-0e2014f4a922.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3b13befbdfc19c4758737cc750f2ff149dc096eb37f3db770324bc8f5c62e8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.glwd.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:57:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 daf01c71790f42e645ae4024c607941e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-version-id
aprtsSkgmG.E.JFW6baenGSN74tcqhcE
age
9933
x-amz-cf-pop
FRA56-P12
cf-polished
qual=85, origFmt=jpeg, origSize=609491
x-amz-server-side-encryption
AES256
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=JS9XyhkQg6Wv0nqwEfss6OdHqmLQ.m0FYv5lr.aExFE-1709413053-1.0.1.1-GG1N5rSrlbg74Bxh8RMZTDGNjlRynUNEhhnUlIfb77ddoVrcVOYWH6ad8i9soN3UiTIt1H91BS2v6kqpQqPRsn873SeYDqAXwasF2mV2PIvUOdUZ2G8ZnhgkCeIXCULXCaIn8w2T8rrrngCX2v.G.aYprjA3zeyw_rfYWu9ORaE; report-to cf-csp-endpoint
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
content-disposition
inline; filename="bed33708-c361-11e9-bf62-0e2014f4a922.webp"
content-length
557414
last-modified
Tue, 20 Aug 2019 15:47:00 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"229ac321f79dca8b35b0fd59cb92c7a9"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=JS9XyhkQg6Wv0nqwEfss6OdHqmLQ.m0FYv5lr.aExFE-1709413053-1.0.1.1-GG1N5rSrlbg74Bxh8RMZTDGNjlRynUNEhhnUlIfb77ddoVrcVOYWH6ad8i9soN3UiTIt1H91BS2v6kqpQqPRsn873SeYDqAXwasF2mV2PIvUOdUZ2G8ZnhgkCeIXCULXCaIn8w2T8rrrngCX2v.G.aYprjA3zeyw_rfYWu9ORaE"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85e44cbdfea3037c-FRA
x-amz-cf-id
d2Q9nkJDud-JDauKdZoQZ9LTD-IoLIpgL3u6wu56pg_EkFABFn-gaA==
fontawesome-webfont.woff2
prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/fonts/
65 KB
66 KB
Font
General
Full URL
https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/frs/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/frs/main.css
Origin
https://give.glwd.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:57:33 GMT
x-amz-version-id
EtmuhTQE2Z2ofepA2IEIXY_YXR5.tKRS
via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
66624
last-modified
Mon, 26 Feb 2024 22:01:37 GMT
server
cloudflare
etag
"db812d8a70a4e88e888744c1c9a27e89"
access-control-max-age
0
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=86400
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
accept-ranges
bytes
cf-ray
85e44cbe7f9218c9-FRA
x-amz-cf-id
4OaxjS_JfgtY5S3-WvYuC8PkR3ihhofwfDBnNniTXGLrNvGcA1GmEA==
designations
give.glwd.org/frs-api/campaign/244921/
1 KB
714 B
XHR
General
Full URL
https://give.glwd.org/frs-api/campaign/244921/designations?per_page=100
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d357689d6fea3478a3b9a9186aed9fdcc552423d80027900d4de6032bfdef1f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN
AGauW5og-wTJgN9CZRWXZdkeFwdlwhqzd0GQ
tracestate
423787@nr=0-1-423787-363751183-f270d8b9d1d0da35----1709413053132
traceparent
00-363adcdf3d3a38f64580e62953e604a0-f270d8b9d1d0da35-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJmMjcwZDhiOWQxZDBkYTM1IiwidHIiOiIzNjNhZGNkZjNkM2EzOGY2NDU4MGU2Mjk1M2U2MDRhMCIsInRpIjoxNzA5NDEzMDUzMTMyfX0=
Accept
application/json, text/plain, */*
csrf-token
AGauW5og-wTJgN9CZRWXZdkeFwdlwhqzd0GQ
Referer
https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw

Response headers

date
Sat, 02 Mar 2024 20:57:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
etag
W/"58d-vzrvcP5dnpibEldDy7x/ixkafxI"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
85e44cbe28fd1cb5-FRA
designations
give.glwd.org/frs-api/campaigns/244921/
1 KB
712 B
XHR
General
Full URL
https://give.glwd.org/frs-api/campaigns/244921/designations?filter=id%3D84991
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23dddde72e5c2d7b9075d7ce47f0f96ac313ce47293ce627369cbf488cc7e997
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN
AGauW5og-wTJgN9CZRWXZdkeFwdlwhqzd0GQ
tracestate
423787@nr=0-1-423787-363751183-d8f47f673c8ec22b----1709413053132
traceparent
00-41839c104c8eb7dacf089a0614f5cc32-d8f47f673c8ec22b-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJkOGY0N2Y2NzNjOGVjMjJiIiwidHIiOiI0MTgzOWMxMDRjOGViN2RhY2YwODlhMDYxNGY1Y2MzMiIsInRpIjoxNzA5NDEzMDUzMTMyfX0=
Accept
application/json, text/plain, */*
csrf-token
AGauW5og-wTJgN9CZRWXZdkeFwdlwhqzd0GQ
Referer
https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw

Response headers

date
Sat, 02 Mar 2024 20:57:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
etag
W/"583-l40fbXP13YEsq+o/KFnfUs0/sQ8"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
85e44cbe28fe1cb5-FRA
ClassyIcons.woff
prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/fonts/
42 KB
43 KB
Font
General
Full URL
https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/fonts/ClassyIcons.woff
Requested by
Host: prod-frs.content.classy.org
URL: https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/frs/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d917abfaa0f30f974778481aa03a81efbe439f4b379ae1d9c4b91d462f2c1064
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/frs/main.css
Origin
https://give.glwd.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:57:33 GMT
x-amz-version-id
uDW5ahJqoiGrmGVkww8GaXKkX0auG8Rt
via
1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
43184
last-modified
Mon, 26 Feb 2024 22:01:37 GMT
server
cloudflare
etag
"d9e1c3869cbc736ad91800ec9427f5d7"
access-control-max-age
0
access-control-allow-methods
GET, HEAD
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
max-age=86400
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
accept-ranges
bytes
cf-ray
85e44cbe7f9418c9-FRA
x-amz-cf-id
lxCi7BKB9Jj1Kx2xdZrXS5IxmuosyPj0jtue16ii6eDA0XksTpZYWA==
currency-conversions
give.glwd.org/frs-api/i18n/
73 B
198 B
XHR
General
Full URL
https://give.glwd.org/frs-api/i18n/currency-conversions?amount=1&from=USD&to=EUR
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52a467857deca1d35d0e81862a52f80a4995066c93ae9f81e2034e21d68700cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN
AGauW5og-wTJgN9CZRWXZdkeFwdlwhqzd0GQ
tracestate
423787@nr=0-1-423787-363751183-c49ed064dc1d3fa7----1709413053169
traceparent
00-190c87aebdcfc34dacae28790c2f2df1-c49ed064dc1d3fa7-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJjNDllZDA2NGRjMWQzZmE3IiwidHIiOiIxOTBjODdhZWJkY2ZjMzRkYWNhZTI4NzkwYzJmMmRmMSIsInRpIjoxNzA5NDEzMDUzMTY5fX0=
Accept
application/json, text/plain, */*
csrf-token
AGauW5og-wTJgN9CZRWXZdkeFwdlwhqzd0GQ
Referer
https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw

Response headers

date
Sat, 02 Mar 2024 20:57:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
etag
W/"49-rRYeeW1aq6OVjmGQPuHhc1tP/vk"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
85e44cbe692e1cb5-FRA
user-icon.png
give.glwd.org/static/global/images/
2 KB
2 KB
Image
General
Full URL
https://give.glwd.org/static/global/images/user-icon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:57:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
age
881818
cf-polished
origFmt=png, origSize=4588
content-disposition
inline; filename="user-icon.webp"
content-length
2024
last-modified
Thu, 15 Feb 2024 22:43:54 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"65ce93aa-11ec"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
85e44cbe79331cb5-FRA
expires
Thu, 20 Feb 2025 16:00:35 GMT
ef4fc1f2-8083-11ed-8968-0a58a9feac02.png
assets.classy.org/21855462/
14 KB
14 KB
Image
General
Full URL
https://assets.classy.org/21855462/ef4fc1f2-8083-11ed-8968-0a58a9feac02.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d92b943af2356b6d71996de134609169e1a8449238684c35920aab9f39bc166
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.glwd.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:57:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 b44afb2a44376871c20edb8c123ed47c.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-version-id
s9h2tV9Mx5qAwDd8eUWTFyVJduxmfdQN
age
9933
x-amz-cf-pop
FRA56-P12
cf-polished
origSize=31403, status=webp_bigger
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
content-length
13902
last-modified
Tue, 20 Dec 2022 16:32:47 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"72e6dcad1564ddaa18e2e4c869616a2e"
vary
Accept-Encoding
content-type
image/png
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85e44cbe7f19037c-FRA
x-amz-cf-id
4Ai5KStUnBUd4ZIWnADuBd6BzcmE1Q8wmsZBqsDIV9kvyyqPJKhmog==
crypto-giving-coin-bitcoin.svg
prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/images/crypto-giving/
1 KB
954 B
Image
General
Full URL
https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/images/crypto-giving/crypto-giving-coin-bitcoin.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cf649422c31e519b480124ba4b46d71fd6b668888cb9d6aed84fdaa4b620493
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.glwd.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:57:33 GMT
x-amz-version-id
9S9PL2t4gbXgzR9cqiY9bFk62XEuGB0r
via
1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P1
age
73250
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 26 Feb 2024 22:01:37 GMT
server
cloudflare
etag
W/"2861fb7a07b041686ba6360cf7908e28"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=86400
cf-ray
85e44cbe7f1a037c-FRA
x-amz-cf-id
MJszYbEELVvth2Rv9YI_RH05BldmfA9ccP1wJPuC4e1HFiryYJSStw==
crypto-giving-coin-ethereum.svg
prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/images/crypto-giving/
545 B
456 B
Image
General
Full URL
https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/images/crypto-giving/crypto-giving-coin-ethereum.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ce16945b50c0161739c74c68b6c9ff3c897a8bdf2e3bb64853f86dd43ee7c11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.glwd.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:57:33 GMT
x-amz-version-id
28ZUJ8_Y3FjF8WYl8aFED76CT2IUgFZH
via
1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P1
age
73250
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 26 Feb 2024 22:01:37 GMT
server
cloudflare
etag
W/"c8896ba26efa2a5d9aa1659b4aef1f00"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=86400
cf-ray
85e44cbe7f1b037c-FRA
x-amz-cf-id
V9c_5NDMfvp2PJOn6Ddi3kFZ6x7SSu5nIwCaGUcPb3uZcVz_KtZZgw==
crypto-giving-coin-usdc.svg
prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/images/crypto-giving/
2 KB
1 KB
Image
General
Full URL
https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/images/crypto-giving/crypto-giving-coin-usdc.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f489b11ac44efc0a827c33ce148de36e37030002176e09c2a3bdaf9efdcff3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.glwd.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:57:33 GMT
x-amz-version-id
B1nfzjSw5UUmO0meGUw9cVFwlqbsZdlq
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P1
age
73250
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 26 Feb 2024 22:01:37 GMT
server
cloudflare
etag
W/"120e9a5c0d8ae8e313213cbb2284cafe"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=86400
cf-ray
85e44cbe7f1c037c-FRA
x-amz-cf-id
K5fx6-UD06WiualQCOBqFvIPhvGim_o0te5WKb5efzMUDvdAU-sKQQ==
crypto-giving-arrows.svg
prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/images/crypto-giving/
453 B
665 B
Image
General
Full URL
https://prod-frs.content.classy.org/prod/5c0e978a325de1ec7974e10ffea37873f8ed9c6f/static/global/images/crypto-giving/crypto-giving-arrows.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3d0f31cdbd4af414bab8b29ecf3e33dfe3bf69692bb229cba2b1a146cf79ce4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.glwd.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:57:33 GMT
x-amz-version-id
JiKUIGjok2JTUp4EtIdhw2ICK.sib.R4
via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P1
age
73250
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 26 Feb 2024 22:01:37 GMT
server
cloudflare
etag
W/"332ba480e7dc5a9687ededc7c4333e80"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=86400
cf-ray
85e44cbe7f1d037c-FRA
x-amz-cf-id
iEnB5yIIJWS2GvHGzcF5W7VTTYDPooS-5Z0sqDUkZS6tsKy5yClW9A==
rum
give.glwd.org/cdn-cgi/
0
141 B
XHR
General
Full URL
https://give.glwd.org/cdn-cgi/rum?
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
tracestate
423787@nr=0-1-423787-363751183-615cd47d5f26c4d4----1709413053177
traceparent
00-03560e0bbe29ba36895f3249fda02ddf-615cd47d5f26c4d4-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI2MTVjZDQ3ZDVmMjZjNGQ0IiwidHIiOiIwMzU2MGUwYmJlMjliYTM2ODk1ZjMyNDlmZGEwMmRkZiIsInRpIjoxNzA5NDEzMDUzMTc3fX0=
content-type
application/json
Referer
https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw

Response headers

date
Sat, 02 Mar 2024 20:57:33 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://give.glwd.org
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
85e44cbe793e1cb5-FRA
controller-84b3483cf4b9ef779ca0ec217fc9000d.html
js.stripe.com/v3/ Frame 3315
297 B
1 KB
Document
General
Full URL
https://js.stripe.com/v3/controller-84b3483cf4b9ef779ca0ec217fc9000d.html
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6dd24cae2a98eee3350c6e6c582c8daf11dcadb0478fa7928c89ba44d583e03e
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.glwd.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
9
cache-control
max-age=60, stale-while-revalidate=900
content-length
297
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 02 Mar 2024 20:57:26 GMT
etag
"84b3483cf4b9ef779ca0ec217fc9000d"
last-modified
Fri, 01 Mar 2024 22:43:17 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-id
eYwK35JgCbrhaLaouGy5XizgFGiB9j6EIYMgWFDdj0T_nKE-TqfzNA==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
payment-request-inner-google-pay-d14a5469a6305356e3c959539c2d4cb6.html
js.stripe.com/v3/ Frame 3CA6
408 B
1 KB
Document
General
Full URL
https://js.stripe.com/v3/payment-request-inner-google-pay-d14a5469a6305356e3c959539c2d4cb6.html
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ce4655e91c8a8aef2d3dfda014b30bff7e28e91fca1b57436dccc895353d9d5f
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.glwd.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2799
cache-control
max-age=31536000
content-length
408
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 02 Mar 2024 20:14:33 GMT
etag
"d14a5469a6305356e3c959539c2d4cb6"
last-modified
Fri, 01 Mar 2024 22:43:32 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-id
U0uEnubUOxQsmcjEWgGTkF2KCjnLWzz0mXhADVvQ9x33AxiPMbFovg==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
payment-request-inner-browser-58c38f84423fe3c49a9fbdcb18155068.html
js.stripe.com/v3/ Frame BEF0
344 B
2 KB
Document
General
Full URL
https://js.stripe.com/v3/payment-request-inner-browser-58c38f84423fe3c49a9fbdcb18155068.html
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
906cda4689e82ef40042d8c68d79b9e12a50e39c180b7d8fafa5d8ab0ba02db2
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.glwd.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
34
cache-control
max-age=60, stale-while-revalidate=900
content-length
344
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 02 Mar 2024 20:57:23 GMT
etag
"58c38f84423fe3c49a9fbdcb18155068"
last-modified
Fri, 01 Mar 2024 22:43:32 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-id
oSUigRXy3_x8lbbr4z6YjITZxFo4farbLA5_E3EgxbbjDsAbsK9-DQ==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame C57F
526 B
1 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:38:49 GMT
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
1125
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
content-length
526
last-modified
Tue, 27 Feb 2024 21:03:49 GMT
server
Cloudfront
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
ueUw1SIJIvZ_hC-XfVHCvWdcDqd2jIQQlQ_Tf8BTqCaa2X6a4Ftm9A==
css
fonts.googleapis.com/
11 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
20b8f82923f15420d50977d8efde324e462ddde5affcdfafa9ac126660838127
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.glwd.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 02 Mar 2024 20:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 02 Mar 2024 20:57:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 02 Mar 2024 20:57:33 GMT
www-widgetapi.js
www.youtube.com/s/player/31eb286a/www-widgetapi.vflset/
215 KB
67 KB
Script
General
Full URL
https://www.youtube.com/s/player/31eb286a/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
200f530ea299f4ef6c448e99658b4a9b51dd31788aa3446c6b99ac8a3a7ac2cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.glwd.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 19:44:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
4403
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68331
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 05:18:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 02 Mar 2025 19:44:10 GMT
jquery-3.6.1.min.js
code.jquery.com/
88 KB
31 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.1.min.js
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer
https://give.glwd.org/
Origin
https://give.glwd.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:57:33 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
10029538
x-cache
HIT, HIT
content-length
30957
x-served-by
cache-lga13629-LGA, cache-sof1510034-SOF
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1709413053.379112,VS0,VE0
etag
W/"28feccc0-15e40"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
29, 141169
shared-d793f7fb0d144b2da164852a09f413d1.js
js.stripe.com/v3/fingerprinted/js/ Frame 3315
537 KB
118 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-d793f7fb0d144b2da164852a09f413d1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-84b3483cf4b9ef779ca0ec217fc9000d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
1a449ff11fea90b34626d8f7939a194e7f1d5a66f73b17726f9f976dbcf097f3
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-84b3483cf4b9ef779ca0ec217fc9000d.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:06:20 GMT
content-encoding
br
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3073
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 01 Mar 2024 22:43:31 GMT
server
Cloudfront
etag
W/"9e80652734c7eb23b9efc47ca6f589ae"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
SgWbTfoTkeqUYNIwkJ2lwOQw9h7ZVfSxb60xVvJ-64ds_DVky54nnQ==
controller-ced2780f0727aafd9a863251afeca18b.js
js.stripe.com/v3/fingerprinted/js/ Frame 3315
699 KB
164 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-ced2780f0727aafd9a863251afeca18b.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-84b3483cf4b9ef779ca0ec217fc9000d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
24491ab052d65e1f6edc81f421983075a99cb6e97887a4d8db8f7a0a81d90f94
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-84b3483cf4b9ef779ca0ec217fc9000d.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:45:50 GMT
content-encoding
br
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
704
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 01 Mar 2024 22:43:29 GMT
server
Cloudfront
etag
W/"a1d0142d2705b5d7ac9284ccd93cf651"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
VAutSkVdBUlEu-XKV2aQiFOiBee5ueFtDYGQ4KpWWHWVbKHAEw_gXg==
pay.js
pay.google.com/gp/p/js/ Frame 3CA6
117 KB
36 KB
Script
General
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-d14a5469a6305356e3c959539c2d4cb6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7f9c759cf5c578de883f94efb8ccb7a9c49db6f898f1bf094d27912234aabd4d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-kEToPmCRdb0hRR7txlgKTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:57:33 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-kEToPmCRdb0hRR7txlgKTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjKtHikmII1pBiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3ZeXTDxfXzJJALEGEO_w8WAR85nOejh6OivfuumsKkCsu346aygQO6XPYA0CYp_6GawxQCzEw7F3ad96NoEbndd6mADjDDME"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Sat, 02 Mar 2024 20:57:33 GMT
shared-d793f7fb0d144b2da164852a09f413d1.js
js.stripe.com/v3/fingerprinted/js/ Frame 3CA6
537 KB
118 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-d793f7fb0d144b2da164852a09f413d1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-d14a5469a6305356e3c959539c2d4cb6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
1a449ff11fea90b34626d8f7939a194e7f1d5a66f73b17726f9f976dbcf097f3
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-d14a5469a6305356e3c959539c2d4cb6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:06:20 GMT
content-encoding
br
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3073
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 01 Mar 2024 22:43:31 GMT
server
Cloudfront
etag
W/"9e80652734c7eb23b9efc47ca6f589ae"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
Zmy7p22alesluKTZXxTeRYihXxCSniFUj8qu5H-I0SG-ZM_5dZOjqQ==
payment-request-inner-google-pay-c83e5fd7cbd25a878b3ffc70ebb53333.js
js.stripe.com/v3/fingerprinted/js/ Frame 3CA6
12 KB
5 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-c83e5fd7cbd25a878b3ffc70ebb53333.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-d14a5469a6305356e3c959539c2d4cb6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
06e9cfa1e2fb5b8269f55ebb7dc5ced06737bc1e3faec047ca535265a9d7ac85
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-d14a5469a6305356e3c959539c2d4cb6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:03:32 GMT
content-encoding
br
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3333
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Thu, 29 Feb 2024 21:07:03 GMT
server
Cloudfront
etag
W/"7946a1d9a17729b6659d22b18a313c0e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
AaG3z_t91dNbjs2a5qBOD5NdBrvyTwW_nRYxNGjktZvn0ED6o4oNbw==
shared-d793f7fb0d144b2da164852a09f413d1.js
js.stripe.com/v3/fingerprinted/js/ Frame BEF0
537 KB
118 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-d793f7fb0d144b2da164852a09f413d1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-58c38f84423fe3c49a9fbdcb18155068.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
1a449ff11fea90b34626d8f7939a194e7f1d5a66f73b17726f9f976dbcf097f3
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-58c38f84423fe3c49a9fbdcb18155068.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:06:20 GMT
content-encoding
br
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3073
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 01 Mar 2024 22:43:31 GMT
server
Cloudfront
etag
W/"9e80652734c7eb23b9efc47ca6f589ae"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
cSs4DIjEEUQmeHmAm_OYJVp21hVSAU45VDLK2U2EP241XzdhzLA_zA==
payment-request-inner-browser-792795e2c4e2210721d96228540c4e06.js
js.stripe.com/v3/fingerprinted/js/ Frame BEF0
13 KB
6 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-792795e2c4e2210721d96228540c4e06.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-58c38f84423fe3c49a9fbdcb18155068.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
fedfc64728beee4dcdf576abb2dd3c44b462afc3b5db8c53704629a1ee6dd14c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-58c38f84423fe3c49a9fbdcb18155068.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:55:34 GMT
content-encoding
gzip
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
132
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Tue, 27 Feb 2024 21:03:49 GMT
server
Cloudfront
etag
W/"32dba56f50e599b5cc53a055305f8c45"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
melXAPXuG0E4-C1RD9Z3oL73UQN1dESKjMV3TIvJhlGWRGZzmILUNw==
inner.html
m.stripe.network/ Frame AF63
930 B
2 KB
Document
General
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25e8:de00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
264
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 02 Mar 2024 20:53:10 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 92cfe9224b3a51aff944c5d8ac7bf798.cloudfront.net (CloudFront)
x-amz-cf-id
y9FvrOSxB3uVsl6I7sU_k9CHR_A0q41qqjKK8Qm2pSQYxm3q-NL1ag==
x-amz-cf-pop
AMS1-P3
x-cache
Hit from cloudfront
x-content-type-options
nosniff
plaid
pay.classy.org/token/
88 B
474 B
XHR
General
Full URL
https://pay.classy.org/token/plaid?applicationId=11881&currency=EUR
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7c49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://give.glwd.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:57:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-classypay-version
1
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-classypay-requestid
878e4e44-0b45-45d0-a6e8-2ab2e82bf626
cf-ray
85e44cbf8f3d5d49-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/
29 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.glwd.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 09:14:47 GMT
x-content-type-options
nosniff
age
387766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30096
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:18:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Feb 2025 09:14:47 GMT
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/
29 KB
29 KB
Font
General
Full URL
https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.glwd.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 09:14:47 GMT
x-content-type-options
nosniff
age
387766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30096
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:18:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Feb 2025 09:14:47 GMT
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/
29 KB
29 KB
Font
General
Full URL
https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.glwd.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 09:14:47 GMT
x-content-type-options
nosniff
age
387766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30096
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:18:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Feb 2025 09:14:47 GMT
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/
29 KB
29 KB
Font
General
Full URL
https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.glwd.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 09:14:47 GMT
x-content-type-options
nosniff
age
387766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30096
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:18:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Feb 2025 09:14:47 GMT
1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/
32 KB
32 KB
Font
General
Full URL
https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.glwd.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 08:51:13 GMT
x-content-type-options
nosniff
age
389180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32492
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:20:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Feb 2025 08:51:13 GMT
1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/
32 KB
32 KB
Font
General
Full URL
https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.glwd.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 08:51:13 GMT
x-content-type-options
nosniff
age
389180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32492
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:20:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Feb 2025 08:51:13 GMT
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/
29 KB
29 KB
Font
General
Full URL
https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Mulish:400italic,700italic,400,300,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://give.glwd.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 09:14:47 GMT
x-content-type-options
nosniff
age
387766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30096
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:18:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Feb 2025 09:14:47 GMT
.deploy_status_henson.json
js.stripe.com/v3/ Frame 3315
474 B
914 B
Fetch
General
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d793f7fb0d144b2da164852a09f413d1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ac67ee275b08720e7ba9585cc37aa260c368de10d988540e6b44e48e0ef872d0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-84b3483cf4b9ef779ca0ec217fc9000d.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 02 Mar 2024 20:57:24 GMT
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
12
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
content-length
474
last-modified
Fri, 01 Mar 2024 23:20:33 GMT
server
Cloudfront
etag
"9b37718291a109364a3a81ff03daf5ad"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
x-amz-cf-id
fXqtmWx41FCm1ez71LVJroMbi2fLFi_SLv-WDggcZL7OoZQcejtDIg==
.deploy_status_henson.json
js.stripe.com/v3/ Frame 3315
474 B
917 B
Fetch
General
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d793f7fb0d144b2da164852a09f413d1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ac67ee275b08720e7ba9585cc37aa260c368de10d988540e6b44e48e0ef872d0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-84b3483cf4b9ef779ca0ec217fc9000d.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 02 Mar 2024 20:57:24 GMT
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
12
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
content-length
474
last-modified
Fri, 01 Mar 2024 23:20:33 GMT
server
Cloudfront
etag
"9b37718291a109364a3a81ff03daf5ad"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
x-amz-cf-id
8n69qlVzgwgmaqqHaLK_QHYnJ8PH5I_-_FQnKUjD-EWnJn2Ljng7Yg==
out-4.5.43.js
m.stripe.network/ Frame AF63
87 KB
15 KB
Script
General
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25e8:de00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:54:06 GMT
content-encoding
br
via
1.1 92cfe9224b3a51aff944c5d8ac7bf798.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
209
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
AMS1-P3
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
kwy5UkIvkGuJuY_0dg5MYb5nj5NNNdGQHOHxA-BhJAdhSmDn5Ws2vQ==
iframeResizer.17b3e8f66abcbf803ee0eb0adc771137.js
give.glwd.org/sso/ssobuild/js/
12 KB
5 KB
XHR
General
Full URL
https://give.glwd.org/sso/ssobuild/js/iframeResizer.17b3e8f66abcbf803ee0eb0adc771137.js
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8913290a4db258fa9e0d3fd267fb61666aa81f82b1a459ba098352c427a57c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
tracestate
423787@nr=0-1-423787-363751183-729d6f6c35196453----1709413053471
traceparent
00-7f0731b3fbcd8051a725cf13f30fc5dd-729d6f6c35196453-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI3MjlkNmY2YzM1MTk2NDUzIiwidHIiOiI3ZjA3MzFiM2ZiY2Q4MDUxYTcyNWNmMTNmMzBmYzVkZCIsInRpIjoxNzA5NDEzMDUzNDcxfX0=
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw
X-Requested-With
XMLHttpRequest

Response headers

date
Sat, 02 Mar 2024 20:57:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 26 Feb 2024 21:53:00 GMT
cf-bgj
minify
server
cloudflare
age
301830
etag
W/"65dd083c-316e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
cf-ray
85e44cc04ad81cb5-FRA
expires
Thu, 27 Feb 2025 09:07:03 GMT
6
m.stripe.com/ Frame AF63
156 B
669 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.240.111.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-111-178.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
cc554a1d0614787b0b4bb909643ca9b9b1c88c527d58884594b5b86357eab8e8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 02 Mar 2024 20:57:34 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1709413054344033
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1709413054343757
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
status
give.glwd.org/sso/
89 B
1 KB
XHR
General
Full URL
https://give.glwd.org/sso/status?client_id=hkDllBPffAW7sKhdYbpNc5PrwMIVbh&callback=jQuery36103289020718921354_1709413053470&_=1709413053471
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e35cc2bbda7c3425004c6b396f3c4c6e977fb47bcaa654a46edc2f5015c1a1b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.classy.org;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
tracestate
423787@nr=0-1-423787-363751183-85cc31b09b8ca111----1709413053551
traceparent
00-324651378926e32b0c9e246b069befa3-85cc31b09b8ca111-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiI4NWNjMzFiMDliOGNhMTExIiwidHIiOiIzMjQ2NTEzNzg5MjZlMzJiMGM5ZTI0NmIwNjliZWZhMyIsInRpIjoxNzA5NDEzMDUzNTUxfX0=
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw
X-Requested-With
XMLHttpRequest

Response headers

date
Sat, 02 Mar 2024 20:57:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
content-security-policy
frame-ancestors 'self' https://*.classy.org;
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
p3p
CP="Classy does not have a P3P policy."
cache-control
no-cache, private
cf-ray
85e44cc0cb4e1cb5-FRA
x-xss-protection
1; mode=block
b
r.stripe.com/ Frame 3315
0
274 B
Fetch
General
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d793f7fb0d144b2da164852a09f413d1.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 02 Mar 2024 20:57:34 GMT
x-stripe-server-envoy-start-time-us
1709413054355911
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1709413054355296
access-control-allow-credentials
true
content-length
0
payment-request-inner-google-pay-d14a5469a6305356e3c959539c2d4cb6.html
js.stripe.com/v3/ Frame FD0F
408 B
1 KB
Document
General
Full URL
https://js.stripe.com/v3/payment-request-inner-google-pay-d14a5469a6305356e3c959539c2d4cb6.html
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ce4655e91c8a8aef2d3dfda014b30bff7e28e91fca1b57436dccc895353d9d5f
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.glwd.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2799
cache-control
max-age=31536000
content-length
408
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 02 Mar 2024 20:14:33 GMT
etag
"d14a5469a6305356e3c959539c2d4cb6"
last-modified
Fri, 01 Mar 2024 22:43:32 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-id
gM8-CHSnMQvx0Gmd-F-dJGQWbG6By0rbtJXZKu8w9BgRFP1wVKKPPA==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
payment-request-inner-browser-58c38f84423fe3c49a9fbdcb18155068.html
js.stripe.com/v3/ Frame A4BA
344 B
2 KB
Document
General
Full URL
https://js.stripe.com/v3/payment-request-inner-browser-58c38f84423fe3c49a9fbdcb18155068.html
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
906cda4689e82ef40042d8c68d79b9e12a50e39c180b7d8fafa5d8ab0ba02db2
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://give.glwd.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
34
cache-control
max-age=60, stale-while-revalidate=900
content-length
344
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 02 Mar 2024 20:57:23 GMT
etag
"58c38f84423fe3c49a9fbdcb18155068"
last-modified
Fri, 01 Mar 2024 22:43:32 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-id
cK-I118K7MRCTm640LeDwu0rEaS3Bi1M69Xw_cI8JEtkn1w1CD6jEQ==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
b
r.stripe.com/ Frame 3315
0
273 B
Fetch
General
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d793f7fb0d144b2da164852a09f413d1.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 02 Mar 2024 20:57:34 GMT
x-stripe-server-envoy-start-time-us
1709413054561400
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1709413054561186
access-control-allow-credentials
true
content-length
0
payframe
pay.google.com/gp/p/ui/ Frame 4638
19 KB
8 KB
Document
General
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb7a7cf635a6ddacc01c6b817e5f677cca01f831c06f5b092b2c420574ee530d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-WRfZnToXQ7IuSHdKm3m6tw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-WRfZnToXQ7IuSHdKm3m6tw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Sat, 02 Mar 2024 20:57:33 GMT
expires
Sat, 02 Mar 2024 20:57:33 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjKtHikmII1pBiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3ZeXTDxfXzJJALEGEO_w8WAR85nOejh6OivfuumsKkCsu346aygQO6XPYA0CYp_6GawxQCzEw7F3ad96NoGOeUcfMgEA4kczDQ"
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
pay.js
pay.google.com/gp/p/js/ Frame FD0F
117 KB
35 KB
Script
General
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-d14a5469a6305356e3c959539c2d4cb6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7f9c759cf5c578de883f94efb8ccb7a9c49db6f898f1bf094d27912234aabd4d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-h5h20_FcJWN7Lw11S1vwOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:57:33 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-h5h20_FcJWN7Lw11S1vwOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjKtHikmII1pBiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3ZeXTDxfXzJJALEGEO_w8WAR85nOejh6OivfuumsKkCsu346aygQO6XPYA0CYp_6GawxQCzEw7F3ad96NoEFVx7fYwIA4-szdg"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Sat, 02 Mar 2024 20:57:33 GMT
shared-d793f7fb0d144b2da164852a09f413d1.js
js.stripe.com/v3/fingerprinted/js/ Frame FD0F
537 KB
118 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-d793f7fb0d144b2da164852a09f413d1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-d14a5469a6305356e3c959539c2d4cb6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
1a449ff11fea90b34626d8f7939a194e7f1d5a66f73b17726f9f976dbcf097f3
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-d14a5469a6305356e3c959539c2d4cb6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:06:20 GMT
content-encoding
br
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3073
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 01 Mar 2024 22:43:31 GMT
server
Cloudfront
etag
W/"9e80652734c7eb23b9efc47ca6f589ae"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
iZpTRaOqJVP5YsZ4nuvyn_PWHmCV548fK6XMMxlH8kYp3xCpYQmXlA==
payment-request-inner-google-pay-c83e5fd7cbd25a878b3ffc70ebb53333.js
js.stripe.com/v3/fingerprinted/js/ Frame FD0F
12 KB
5 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-c83e5fd7cbd25a878b3ffc70ebb53333.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-d14a5469a6305356e3c959539c2d4cb6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
06e9cfa1e2fb5b8269f55ebb7dc5ced06737bc1e3faec047ca535265a9d7ac85
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-d14a5469a6305356e3c959539c2d4cb6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:03:32 GMT
content-encoding
br
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3333
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Thu, 29 Feb 2024 21:07:03 GMT
server
Cloudfront
etag
W/"7946a1d9a17729b6659d22b18a313c0e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
4lTZAlQrkEA1GV_67CYDQ6mc7foj7hnwghNs07TQEjQDTeb5tnyG-Q==
shared-d793f7fb0d144b2da164852a09f413d1.js
js.stripe.com/v3/fingerprinted/js/ Frame A4BA
537 KB
118 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-d793f7fb0d144b2da164852a09f413d1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-58c38f84423fe3c49a9fbdcb18155068.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
1a449ff11fea90b34626d8f7939a194e7f1d5a66f73b17726f9f976dbcf097f3
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-58c38f84423fe3c49a9fbdcb18155068.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:06:20 GMT
content-encoding
br
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
3073
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 01 Mar 2024 22:43:31 GMT
server
Cloudfront
etag
W/"9e80652734c7eb23b9efc47ca6f589ae"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
i7i1AF8UWUsPycQYo6btP0OUyR-kvig6D1ZdXOfKYlZTBrRglPQwZQ==
payment-request-inner-browser-792795e2c4e2210721d96228540c4e06.js
js.stripe.com/v3/fingerprinted/js/ Frame A4BA
13 KB
6 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-792795e2c4e2210721d96228540c4e06.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-58c38f84423fe3c49a9fbdcb18155068.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
fedfc64728beee4dcdf576abb2dd3c44b462afc3b5db8c53704629a1ee6dd14c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-58c38f84423fe3c49a9fbdcb18155068.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:55:34 GMT
content-encoding
gzip
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
132
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Tue, 27 Feb 2024 21:03:49 GMT
server
Cloudfront
etag
W/"32dba56f50e599b5cc53a055305f8c45"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
pMjwqxTWBIi91EPEHET6HVNrvARFFL0ZW9qtM88PHn8GQUP4B1mM7w==
wallet-config
merchant-ui-api.stripe.com/elements/ Frame 3315
2 KB
3 KB
Fetch
General
Full URL
https://merchant-ui-api.stripe.com/elements/wallet-config
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d793f7fb0d144b2da164852a09f413d1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.202.176.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f319de84283a120100c67378187012402c33d52a72e66420b1f9d8b9721f9a8b
Security Headers
Name Value
Content-Security-Policy report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 02 Mar 2024 20:57:34 GMT
content-security-policy
report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security
max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy
same-site
content-length
2460
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
access-control-max-age
300
access-control-allow-methods
GET, POST
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://js.stripe.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
access-control-allow-headers
x-stripe-csrf-token
cross-origin-opener-policy-report-only
same-origin; report-to=https://q.stripe.com/coop-report
expires
0
payframe
pay.google.com/gp/p/ui/ Frame A334
19 KB
7 KB
Document
General
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
217f3cb9fa35e8f595064144477b12f63041323c9dfd01b204acc6ad51e47cd4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-oqdgryK-YrTpt7CTDTPaNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-oqdgryK-YrTpt7CTDTPaNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Sat, 02 Mar 2024 20:57:33 GMT
expires
Sat, 02 Mar 2024 20:57:33 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjKtHikmII1pBiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3ZeXTDxfXzJJALEGEO_w8WAR85nOejh6OivfuumsKkCsu346aygQO6XPYA0CYp_6GawxQCzEw7F3ad96NoEVu5_OYQYA4zIzJg"
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 4638
159 KB
57 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48861b8e230660534b9a8264c24529f52cd67d0bab9a3ccdf2c3f0f6b8a5bd2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 17:20:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185846
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57745
x-xss-protection
0
last-modified
Thu, 29 Feb 2024 08:05:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Feb 2025 17:20:07 GMT
b
r.stripe.com/ Frame 3315
0
273 B
Fetch
General
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d793f7fb0d144b2da164852a09f413d1.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 02 Mar 2024 20:57:34 GMT
x-stripe-server-envoy-start-time-us
1709413054561199
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1709413054560873
access-control-allow-credentials
true
content-length
0
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame A334
159 KB
56 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48861b8e230660534b9a8264c24529f52cd67d0bab9a3ccdf2c3f0f6b8a5bd2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 17:20:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185847
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57745
x-xss-protection
0
last-modified
Thu, 29 Feb 2024 08:05:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Feb 2025 17:20:07 GMT
channel-events
give.glwd.org/frs-api/organizations/63573/
1 KB
840 B
XHR
General
Full URL
https://give.glwd.org/frs-api/organizations/63573/channel-events
Requested by
Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm-test/d1a4d701-2ca2-487c-9b90-59558395eb44/airgap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8deb0acec394c3e3d95c0d6d080d1cdce9b79004635c71edfa8d88dcb98b879c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

X-NewRelic-ID
UAQEVl5UGwAGV1ZQBgMEVg==
X-XSRF-TOKEN
0eh6mM54--EJsXUMJzWQGyfA8IEflsvEv7BY
tracestate
423787@nr=0-1-423787-363751183-b2ee2fdc151ffdd1----1709413054248
traceparent
00-8f316e85d9475bcf795f35f3cb7a475d-b2ee2fdc151ffdd1-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQyMzc4NyIsImFwIjoiMzYzNzUxMTgzIiwiaWQiOiJiMmVlMmZkYzE1MWZmZGQxIiwidHIiOiI4ZjMxNmU4NWQ5NDc1YmNmNzk1ZjM1ZjNjYjdhNDc1ZCIsInRpIjoxNzA5NDEzMDU0MjQ4fX0=
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
csrf-token
AGauW5og-wTJgN9CZRWXZdkeFwdlwhqzd0GQ
Referer
https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw

Response headers

date
Sat, 02 Mar 2024 20:57:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
etag
W/"405-ML5lhimUeLm+nyj2Ry9mHmtcH+o"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
85e44cc52ee01cb5-FRA
m=Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1... Frame 4638
75 KB
27 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1wwshw.L.B1.O/am=gEEy/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjnc7dFbP8RtFdlbt6uvTVnWb3uGg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5cc6b657ccde14a2122774ff293244c9e88eb49c8471b89726d1dc72583490df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 17:47:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
184176
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27673
x-xss-protection
0
last-modified
Thu, 29 Feb 2024 02:22:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Feb 2025 17:47:58 GMT
m=Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1... Frame A334
75 KB
27 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1wwshw.L.B1.O/am=gEEy/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjnc7dFbP8RtFdlbt6uvTVnWb3uGg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5cc6b657ccde14a2122774ff293244c9e88eb49c8471b89726d1dc72583490df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 17:47:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
184176
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27673
x-xss-protection
0
last-modified
Thu, 29 Feb 2024 02:22:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Feb 2025 17:47:58 GMT
pay
pay.google.com/gp/p/ui/ Frame 4638
1 MB
376 KB
XHR
General
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bc9cf66ddaef3d76323af0301d928c40f07d8879de1873bd38fd59861318a8a5
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce--QQKTzZtk2aurqFn3xKfLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:57:34 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce--QQKTzZtk2aurqFn3xKfLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjKtHikmII1pBiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3ZeXTDxfXzJJALEGEO_w8WAR85nOejh6OivfuumsKkCsu346aygQO6XPYA0CYp_6GawxQCzEw7Fvad96NoEVc9-dYQQA4z4zQA"
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Sat, 02 Mar 2024 20:57:34 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1... Frame 4638
10 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1wwshw.L.B1.O/am=gEEy/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjnc7dFbP8RtFdlbt6uvTVnWb3uGg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9396d9ebcca3714c366bc70bc39a18a277f03a0d295b42305759a8221b8ba634
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 17:47:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
184175
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4168
x-xss-protection
0
last-modified
Thu, 29 Feb 2024 02:22:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Feb 2025 17:47:59 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1... Frame 4638
37 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1wwshw.L.B1.O/am=gEEy/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjnc7dFbP8RtFdlbt6uvTVnWb3uGg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc940c92a2fd51e4ccfece176627dcec28595649497715b85f4d3fd64bd40dcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 17:47:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
184175
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14349
x-xss-protection
0
last-modified
Thu, 29 Feb 2024 02:22:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Feb 2025 17:47:59 GMT
log
play.google.com/ Frame 4638
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 02 Mar 2024 20:57:34 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 02 Mar 2024 20:57:34 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 02 Mar 2024 20:57:34 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 4638
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 02 Mar 2024 20:57:34 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 02 Mar 2024 20:57:34 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 02 Mar 2024 20:57:34 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 4638
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 02 Mar 2024 20:57:34 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 02 Mar 2024 20:57:34 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 02 Mar 2024 20:57:34 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 4638
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 02 Mar 2024 20:57:34 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 02 Mar 2024 20:57:34 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 02 Mar 2024 20:57:34 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 4638
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 02 Mar 2024 20:57:34 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 02 Mar 2024 20:57:34 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 02 Mar 2024 20:57:34 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 4638
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 02 Mar 2024 20:57:34 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 02 Mar 2024 20:57:34 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 02 Mar 2024 20:57:34 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
b
r.stripe.com/ Frame 3315
0
273 B
Fetch
General
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d793f7fb0d144b2da164852a09f413d1.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 02 Mar 2024 20:57:34 GMT
x-stripe-server-envoy-start-time-us
1709413054561692
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1709413054561337
access-control-allow-credentials
true
content-length
0
GooglePay-logo.svg
give.glwd.org/static/global/images/digitalWallets/
3 KB
1 KB
Image
General
Full URL
https://give.glwd.org/static/global/images/digitalWallets/GooglePay-logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c55f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:57:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 26 Feb 2024 21:58:44 GMT
server
cloudflare
etag
W/"65dd0994-b41"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
85e44cc60fc81cb5-FRA
expires
Sun, 02 Mar 2025 20:57:34 GMT
pay
pay.google.com/gp/p/ui/ Frame A334
1 MB
376 KB
XHR
General
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
60f73c3faf89a4237a42b906ce09c36babbd8df4b7bdb963440655a0bb6cecb8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3SOr8m0ke0hjIQ-3SWWaAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 20:57:34 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-3SOr8m0ke0hjIQ-3SWWaAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjKtHikmII1pBiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3ZeXTDxfXzJJALEGEO_w8WAR85nOejh6OivfuumsKkCsu346aygQO6XPYA0CYp_6GawxQCzEw7Fvad96NoEPO6Y-YQQA5DczYg"
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Sat, 02 Mar 2024 20:57:34 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1... Frame A334
10 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1wwshw.L.B1.O/am=gEEy/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjnc7dFbP8RtFdlbt6uvTVnWb3uGg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9396d9ebcca3714c366bc70bc39a18a277f03a0d295b42305759a8221b8ba634
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 17:47:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
184175
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4168
x-xss-protection
0
last-modified
Thu, 29 Feb 2024 02:22:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Feb 2025 17:47:59 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1... Frame A334
37 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1wwshw.L.B1.O/am=gEEy/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjnc7dFbP8RtFdlbt6uvTVnWb3uGg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc940c92a2fd51e4ccfece176627dcec28595649497715b85f4d3fd64bd40dcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 17:47:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
184175
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14349
x-xss-protection
0
last-modified
Thu, 29 Feb 2024 02:22:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Feb 2025 17:47:59 GMT
log
play.google.com/ Frame A334
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 02 Mar 2024 20:57:34 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 02 Mar 2024 20:57:34 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 02 Mar 2024 20:57:34 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame A334
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 02 Mar 2024 20:57:34 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 02 Mar 2024 20:57:34 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 02 Mar 2024 20:57:34 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame A334
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 02 Mar 2024 20:57:34 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 02 Mar 2024 20:57:34 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 02 Mar 2024 20:57:34 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame A334
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 02 Mar 2024 20:57:34 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 02 Mar 2024 20:57:34 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 02 Mar 2024 20:57:34 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame A334
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 02 Mar 2024 20:57:34 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 02 Mar 2024 20:57:34 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 02 Mar 2024 20:57:34 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame A334
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.LsEu-EBbSCs.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg58fux-VGrBuYRzmkv6sN6KqvVhg/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 02 Mar 2024 20:57:34 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 02 Mar 2024 20:57:34 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 02 Mar 2024 20:57:34 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
b
r.stripe.com/ Frame 3315
0
273 B
Fetch
General
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d793f7fb0d144b2da164852a09f413d1.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 02 Mar 2024 20:57:34 GMT
x-stripe-server-envoy-start-time-us
1709413054565757
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
4
x-stripe-client-envoy-start-time-us
1709413054565594
access-control-allow-credentials
true
content-length
0
6
m.stripe.com/ Frame AF63
156 B
668 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.240.111.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-111-178.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
cc554a1d0614787b0b4bb909643ca9b9b1c88c527d58884594b5b86357eab8e8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 02 Mar 2024 20:57:34 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1709413054562168
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1709413054561867
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
6
m.stripe.com/ Frame AF63
156 B
668 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.240.111.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-111-178.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
cc554a1d0614787b0b4bb909643ca9b9b1c88c527d58884594b5b86357eab8e8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 02 Mar 2024 20:57:34 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1709413054611429
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1709413054611235
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
b
r.stripe.com/ Frame 3315
0
273 B
Fetch
General
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d793f7fb0d144b2da164852a09f413d1.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 02 Mar 2024 20:57:34 GMT
x-stripe-server-envoy-start-time-us
1709413054766398
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1709413054766224
access-control-allow-credentials
true
content-length
0
b
r.stripe.com/ Frame 3315
0
273 B
Fetch
General
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d793f7fb0d144b2da164852a09f413d1.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 02 Mar 2024 20:57:35 GMT
x-stripe-server-envoy-start-time-us
1709413055558688
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1709413055557915
access-control-allow-credentials
true
content-length
0

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| transcend object| dataLayer object| __cfQR object| __cfBeacon string| _tcm_viewState object| NREUM object| webpackChunk:NRBA-1.252.0.PROD object| newrelic boolean| ucl object| SC object| ga4Callbacks function| triggerGA4Callbacks function| initializeGA4 boolean| ga4Debug object| webpackChunkStripeJSouter function| noop function| Stripe object| uiroutermetatags object| ngFileUpload function| factory object| _gsScope object| Modernizr object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| $ function| jQuery function| _ object| angular object| WebFont function| FastClick function| EvEmitter function| imagesLoaded string| output function| TimeSpan function| TimePeriod function| DeepDiff function| moment function| Spinner function| Picker object| ProgressBar function| getSlug function| createSlug object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| ExpoScaleEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| UAParser function| aesConvert function| bugsnag string| bugsnagTokenClient object| bugsnagClient object| adwordsCallbacks function| triggerAdwordsCallbacks boolean| __cfRLUnblockHandlers object| params string| ClassyObjectName object| Classy object| shadow$provide object| closure_lm_453811 object| doublethedonation object| Plaid object| webpackJsonpPlaid function| paypalLoadScript function| paypalLoadCustomScript object| TokenEx object| google_tag_data function| GooglemKTybQhCsO function| google_trackConversion object| cartActions boolean| DEBUG_SYNC object| twttr function| onYouTubeIframeAPIReady boolean| prerenderReady object| heap object| DDCONF function| fbq function| _fbq object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ function| iFrameResize

15 Cookies

Domain/Path Name / Value
give.glwd.org/ Name: connect.sid
Value: s%3AIGXvTyKAcXjwpqvXda4oazXLcJGNJD73.OCXl4fA3Mf9aqBIpdCmvtAzi76LxKOfucoeC%2FCHyc9I
.give.glwd.org/ Name: __cf_bm
Value: 7wTFMLJ8DQ0HLEH1n3jzq4ZU.vlL0XoeiXPseY1XVVs-1709413051-1.0.1.1-h87m_pQSdmx3FCWYmsC6rF5g1MkDKDbLA00tWabVJhU.BtRVQEQtLWXX5v3CaUaV3_wrpz0XKXKAe9p7qKyn0Q
.give.glwd.org/ Name: __cfruid
Value: e8d289fe8cb83737391e2c6c4267d09fc084b6f8-1709413051
.give.glwd.org/ Name: _cfuvid
Value: a64CLZAfghHulq.aUkQucG6PcacSvIK6IblEgJQDzAQ-1709413051560-0.0.1.1-604800000
.classy.org/ Name: __cf_bm
Value: j75ZzGNRANxBm75qXHXXYfha9Aj04hV.iHT91PkaC2A-1709413051-1.0.1.1-UI6.CNM9UcVYnsm.LePKgvSYURtRrqYLLDO2kPkn_ip5uRdl5sh1HlK_0Vi9XvDU9uIbiEFk7HqmukQLy8_0QQ
.classy.org/ Name: _cfuvid
Value: SMKO.0fSvwyYqBP85d8W0mK1V7Re3wr2PZcTaY5DtOI-1709413051921-0.0.1.1-604800000
.youtube.com/ Name: YSC
Value: 88ep27Tl9lI
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: YpcOeTvzkLc
give.glwd.org/ Name: XSRF-TOKEN
Value: eyJpdiI6IlBHK1BSVkViN0x3TXkzQTh2U3dFZmc9PSIsInZhbHVlIjoidHhlVVEweW5Ub1FGVDRWVy9QZzlyRFRzVmJMVGxaRkFsQk1tVzZsYjdyS3Vkb1dLaTZUQWV1eXpPaksxd3ZPL0lVa1dBYkU3Vk8xVlZqSkhLeVZrRHZWZjhjbTJ1Y05yYWIvVEpwVW92SGNFakwzOEx4T2QvbGFXUEVRVEVZWmsiLCJtYWMiOiIzYTA5MGQ3ZDA2MzMxOGU0MDRiMWNmMmEwMDAyNzlkZmM5YTY3NDA1MmYxYThkYzYyMTE4OTg2MDk2M2NiYzZiIiwidGFnIjoiIn0%3D
give.glwd.org/ Name: sid
Value: eyJpdiI6InQvY2ljYnE4WWVTSnJhNldCSHdma3c9PSIsInZhbHVlIjoiY1JxdDBEWWJ0RkdMMk5pT1ZJQjQrOTJROEdsWk5SWi9PV3NWTWZzeHlpRkVjaGh1SDZHUjVrWE5rM1RUdVYvWkFxZFhrOHhCSFJYVEwxOVlzME8vUy9UUWR0dmRyS3FzSCt6SFhDSzg0dFpua2Fqc2hTL2JuUkV0WjlpMVlsdXYiLCJtYWMiOiJiODUzNmIwM2ZlZmNhMjdmZDRkOWNjZjRkZWZkMGY1Mzc3ODY1YTJmNmRkODEyN2Q0ZjI2ZWU4NjVhNzdkMmRiIiwidGFnIjoiIn0%3D
m.stripe.com/ Name: m
Value: 7757e463-8de1-4647-bdc2-3959a29dce72028324
.give.glwd.org/ Name: __stripe_mid
Value: 21bb3bd7-1311-49d3-881e-4a0dea8cf6623b6dab
.give.glwd.org/ Name: __stripe_sid
Value: 6de97504-040d-40e7-9194-f32ce441b1bbe92b9c
give.glwd.org/ Name: CSRF-TOKEN
Value: El0RcIeQ-ym5JvU0k619nHd4oNC3dkpazYoE
.google.com/ Name: NID
Value: 512=nICpU7njOmaWVDP5MGu4m0EcVDomSqznhjQ7t35KURpAgBa7D9vajipmzllmQ847fJ_t_63H8PpuGdCgud2FSr2I_z92X_ATkFuIowSp9_lgJRnvbXHBRSYuEss_1W6JfxHMysdgkHdo67vHdqDvFLpy--kIXEB4RBsQ2QCxYdg

60 Console Messages

Source Level URL
Text
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://files.doublethedonation.com/fontello/css/fontello.css
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://give.glwd.org/give/244921/?_ga=2.9465269.1485324987.1706279240-930428055.1579710762&bbeml=tp-NS4FlHbx9E-TtvJtnqDKqQ.jJrLW8z1ii02LlwgQc6F_Gw.rsgM-CzuMzES-HXG1S9F3GQ.loz9Z7j7IyEe35Eq450xhkw#!/donation/checkout
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.classy.org
cdn.plaid.com
cdn.transcend.io
code.jquery.com
eml-pusa01.app.blackbaud.net
files.doublethedonation.com
fonts.googleapis.com
fonts.gstatic.com
give.glwd.org
htp.tokenex.com
js.stripe.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
pay.classy.org
pay.google.com
play.google.com
prod-frs.content.classy.org
r.stripe.com
static.cloudflareinsights.com
unpkg.com
www.googleadservices.com
www.gstatic.com
www.youtube.com
104.209.152.250
13.33.187.40
142.250.186.162
198.202.176.141
2600:9000:2250:aa00:2:8531:afc0:93a1
2600:9000:25e8:de00:19:7d10:bd80:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6810:3865
2606:4700::6810:7daf
2606:4700::6812:7c49
2606:4700::6812:c55f
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2003
2a00:1450:4001:811::200a
2a00:1450:4001:827::200e
2a00:1450:400c:c02::5c
2a04:4e42::649
44.240.111.178
52.143.247.24
54.186.23.98
99.86.4.9
06e9cfa1e2fb5b8269f55ebb7dc5ced06737bc1e3faec047ca535265a9d7ac85
0c989ca93fbe23e0f7624b9b1b08443f8bb16943dad3cc38fc642cab464665fc
107b5f1de78a45a6ccd756d2465912ebfaf78329d705403ed95c5a2cfe7b3c78
13c9eba319b411d9711a1c997322107310af7f7938aac1ec8f9cdc7c662bb9e5
1492535e00f0a481724043224ef41b4d615298374029d88b7fa4e363cc240264
1a449ff11fea90b34626d8f7939a194e7f1d5a66f73b17726f9f976dbcf097f3
1da2ece3369af4c663f11daa62f4e591806f0c1ce17e17f0a4162d0d09455c5a
200f530ea299f4ef6c448e99658b4a9b51dd31788aa3446c6b99ac8a3a7ac2cc
20b8f82923f15420d50977d8efde324e462ddde5affcdfafa9ac126660838127
217f3cb9fa35e8f595064144477b12f63041323c9dfd01b204acc6ad51e47cd4
2370765c85bb23eb91c9c64564a7e269922565444edd704ea1d25df0de51c73a
23dddde72e5c2d7b9075d7ce47f0f96ac313ce47293ce627369cbf488cc7e997
24491ab052d65e1f6edc81f421983075a99cb6e97887a4d8db8f7a0a81d90f94
27230c5af91b76c15e054c4d88048027c9045d2f1411fdbf082d074173ffcadb
29cfebbdf0a9801764f1c5bec42a56fd773d4290821ecb6b5553f511c200815c
2d92b943af2356b6d71996de134609169e1a8449238684c35920aab9f39bc166
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
385d5b7268903d90368edac028aeca3a8a8a1ca3f0b10f13537e77d3a4d1bd53
3ce16945b50c0161739c74c68b6c9ff3c897a8bdf2e3bb64853f86dd43ee7c11
3f489b11ac44efc0a827c33ce148de36e37030002176e09c2a3bdaf9efdcff3b
48861b8e230660534b9a8264c24529f52cd67d0bab9a3ccdf2c3f0f6b8a5bd2b
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
52a467857deca1d35d0e81862a52f80a4995066c93ae9f81e2034e21d68700cb
5ac2455757fbb14a9fa21a8afce49055f48f28e20e4e41a8f5eee9c5a2dc3f3a
5cc6b657ccde14a2122774ff293244c9e88eb49c8471b89726d1dc72583490df
60891a54df49aac87f56b67ebcd37582eae4b01e7b20b35b5b141a5ddd7e66c5
60f73c3faf89a4237a42b906ce09c36babbd8df4b7bdb963440655a0bb6cecb8
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
62f42276dddf470e795cc1b1bdcb8fe73a0354188bcfa80e0600e8b8d2a21dcb
6dd24cae2a98eee3350c6e6c582c8daf11dcadb0478fa7928c89ba44d583e03e
7cf649422c31e519b480124ba4b46d71fd6b668888cb9d6aed84fdaa4b620493
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
7f9c759cf5c578de883f94efb8ccb7a9c49db6f898f1bf094d27912234aabd4d
81c53e0d83f194d8763382eeee30295001e37a6dff8942e40a1593887d972e78
86cb276d0550d189e7dad4800fbbcfe7b5312f7845e0e711115d5aad589b5d27
87d48af85ba0878ccd67abaaf1caf5067d42f34bbc72a711aa1c550c25a3d122
8913290a4db258fa9e0d3fd267fb61666aa81f82b1a459ba098352c427a57c37
8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407
8deb0acec394c3e3d95c0d6d080d1cdce9b79004635c71edfa8d88dcb98b879c
8e35cc2bbda7c3425004c6b396f3c4c6e977fb47bcaa654a46edc2f5015c1a1b
906cda4689e82ef40042d8c68d79b9e12a50e39c180b7d8fafa5d8ab0ba02db2
9396d9ebcca3714c366bc70bc39a18a277f03a0d295b42305759a8221b8ba634
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
a3b13befbdfc19c4758737cc750f2ff149dc096eb37f3db770324bc8f5c62e8f
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a77f5e7aa207c37450c588a74a423e46b0bf14e0f1c4b49ae6c567368d46f46f
aa23f68b3d5c7eed8f0ebfa79457437800fa6d915b50755195217fc6d3d0916d
ac67ee275b08720e7ba9585cc37aa260c368de10d988540e6b44e48e0ef872d0
b223709f74c496ba99f4f5076954de3490d7101b1191976fa97b624e49bb3104
b46819f3527d5c0b193a616ef38bb89cc69ca583c1d2b5e97556d6293a783738
b76d55ce69f335df0f011ca7ad04fa9cc9f34d3e0ffc6ee347d1019140b43e88
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bc9cf66ddaef3d76323af0301d928c40f07d8879de1873bd38fd59861318a8a5
c3d0f31cdbd4af414bab8b29ecf3e33dfe3bf69692bb229cba2b1a146cf79ce4
c751fe2e3ebe19205c4845af55a79608fcc55109648115357e673bf5dc161b49
cc554a1d0614787b0b4bb909643ca9b9b1c88c527d58884594b5b86357eab8e8
cc940c92a2fd51e4ccfece176627dcec28595649497715b85f4d3fd64bd40dcd
ccc34b72f1ee40d357ad859c24f527a447f1c8c5ee27e90b0953dd8c63ab4ab2
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce4655e91c8a8aef2d3dfda014b30bff7e28e91fca1b57436dccc895353d9d5f
d357689d6fea3478a3b9a9186aed9fdcc552423d80027900d4de6032bfdef1f2
d917abfaa0f30f974778481aa03a81efbe439f4b379ae1d9c4b91d462f2c1064
dfd7b9d1a802acafdc8f9334d69406b7db612b94559c16fa684f5dab315a5aa9
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee8b513e01e58127f81cb40ae5909a16a8eb0f8185efa32fd0a9104a7deb2c78
f319de84283a120100c67378187012402c33d52a72e66420b1f9d8b9721f9a8b
f4c03938152d5b9f54cbac9cf722a838f18ad7561df549497ace7d02c4aa489d
fb7a7cf635a6ddacc01c6b817e5f677cca01f831c06f5b092b2c420574ee530d
fedfc64728beee4dcdf576abb2dd3c44b462afc3b5db8c53704629a1ee6dd14c
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995